Casartello, Thomas wrote:
The phish are coming from real hacked accounts (Basically people that have
gotten the phish email and fallen for it) at other Educational institutes
(We already use SPF).
I'd go for a non technical solution here, since its effects only a
small amount of organisations. Talk to the postmaster of the other
organisations to track the source, make your users sensible to phishing
attacks (seriously, somone thinking
peter-foo-...@students.myuniversity.edu is an admin, should not be
allowed to use a computer until proper training) Unfortunatly the
amount of stupid people on universities seems to increase rapidly...
