On Mon, 30 Jan 2012 09:55:51 -0500 Todd Aiken <todd.ai...@ubishops.ca> wrote:
> I'm just wondering if there are other people on this list that are > experiencing the same type of phishing, and what they are doing to > stop it? We use our commercial CanIt software (and ubishops.ca should use it too! :)) Seriously, our CanIt software includes a few features to help reduce this: 1) We make use of the Anti-Phishing Email Reply address list at http://code.google.com/p/anti-phishing-email-reply/ If you block mail to *and* from addresses in that list and scan the body for known phishing URLs, you can catch some stuff. The list is updated very frequently. Also, I'm a committer so whenever we catch a phishing attempt, we update the list. 2) We use outbound rate limiting so that if an account is phished, it gets blocked rather quickly. Our software allows you to specify a limit on the number of RCPTs per hour for any given sender or client IP address. If this rate is exceeded, the software 5xx's any attempt to send mail. It also alerts the administrator. (You can make exceptions for accounts that you know [sic] are secure and that legitimately send large volumes of email.) Neither feature is particularly hard to get working with MIMEDefang if you don't want to use CanIt. Regards, David. _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
