[Dovecot] 64.31.19.48 attempt to break into my computer
Rick Romero
rick at havokmon.com
Thu Sep 22 17:34:17 EEST 2011
Quoting Mike Cardwell <dovecot at lists.grepular.com>:
> On 22/09/11 15:21, Ralf Hildebrandt wrote:
>
>
> Perhaps, if you have a list of the plain text passwords in advance you
> could use ClamAV. In our case, we don't as we're using an AD. I actually
> copied the ClamAV tcp and local interface API so that any MTA which can
> plug in to ClamAV is also able to plug into Kochi. That's one of the
> things the framework provides.
There are additional 'non-official' ClamAV signatures that are meant
to detect phishing attempts.
They do work, but aren't perfect.
I'm fortunate enough to be on the phishing list, so I wrote a quickie
perl script that will grep the logs for all the recipients and then
scan their INBOX for the phishing email and remove it before they read
it.
Rick
More information about the dovecot
mailing list