We are transitioning our users over to Google Apps for EDU. We currently user a barracuda Spam and Virus Firewall for inbound and outbound traffic to our local mail servers. Our users get a good amount of phishing scam e-mails and a small percentage of them respond and spammers take control of their e-mail. This makes us a spam source and sometimes our e-mail domain gets blacklisted. One thing we have been able to do to with the barracuda is that it sends alert messages when the mail queues reach a certain threshold. When we see this we can check the queue and see if it's coming from one of our users and we suspend their account and get in contact with them and reset their password, ask them if they remember responding to a particular e-mail or form, etc.
So, the question I have is this. Once we switch over to Google for our e-mail (and our barracuda is not longer filtering traffic), is there any mechanism via API or domain management interface that can give me some similar information. Maybe the total messages sent from a particular account over a period of time or something similar that might help us determine that a compromise has occurred and on which account so that we can take action to notify that user? Is there any process that Google has that might notify domain admins of compromised accounts? How do others handle these situations? Thanks, -Tomas -- You received this message because you are subscribed to the Google Groups "Google Apps Domain Information and Management APIs" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-apps-mgmt-apis/-/QJ-mM5nGEFQJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-apps-mgmt-apis?hl=en.
