Educause Security Discussion mailing list archives
Re: Email Security Product That Supports Customer Entry of Malicious Messages
From: "Pifer, Michael" <pifer () GRINNELL EDU>
Date: Wed, 22 Mar 2017 20:41:51 +0000
Gary; Like you, we are on Proofpoint, and have had some messages not be identified as phishing early on, and end users being allowed to visit the site. I have been able to in all cases submit a ticket to Proofpoint with high priority about the link being a phishing link, and then have them back trace the users who did click the link and visit the site to follow-up with and pretty quickly block the site as a phishing site. Have you submitted this request to Proofpoint as a product enhancement feature request? I certainly will now that you have talked through the request, the ability to have more control over that aspect vs. the need to put in a ticket and wait would be very nice. Michael Pifer Information Security Technical Specialist Information Technology Services Grinnell College, Grinnell IA 50112 (641) 269-9990 http://www.grinnell.edu/its/<https://mail3.grinnell.edu/owa/redir.aspx?C=66dd17c03c7d4efba572916c487c9309&URL=http%3a%2f%2fwww.grinnell.edu%2fits%2f> Technology Services Desk (641) 269-4901 "Phishing" is a scam designed to steal your personal data. If you receive an email asking for information such as your user name and password, your Social Security number or credit card number do not supply the information requested, it is likely a phishing email. Report phishing emails received to the Services Desk at (641) 269-4901, submit a ticket at https://help.grinnell.edu or email TechnologyServicesDesk () help grinnell edu<mailto:TechnologyServicesDesk () help grinnell edu>. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Flynn, Gary - flynngn Sent: Wednesday, March 22, 2017 12:54 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Email Security Product That Supports Customer Entry of Malicious Messages Hi, We use Proofpoint and most of the time it works great. It has protected us from major attacks many times. It's URL rewrite component is missing one feature that would make it much better. As with any blacklist oriented security product, some malicious messages get through. Unfortunately, the product does not allow us to teach our appliance about those messages so it can block the URL and provide us exposure information. Is anyone aware of an email security product that supports such a feature? thanks, Gary Flynn JMU IT Security James Madison University My brain can handle preemptive and cooperative multitasking pretty well. Parallel processing, not so much.
Current thread:
- Email Security Product That Supports Customer Entry of Malicious Messages Flynn, Gary - flynngn (Mar 22)
- Re: Email Security Product That Supports Customer Entry of Malicious Messages Justin Harwood (Mar 22)
- Re: Email Security Product That Supports Customer Entry of Malicious Messages Flynn, Gary - flynngn (Mar 22)
- Re: Email Security Product That Supports Customer Entry of Malicious Messages Valdis Kletnieks (Mar 22)
- Re: Email Security Product That Supports Customer Entry of Malicious Messages Flynn, Gary - flynngn (Mar 22)
- Re: Email Security Product That Supports Customer Entry of Malicious Messages Pifer, Michael (Mar 22)
- Re: Email Security Product That Supports Customer Entry of Malicious Messages Davis, Kevin (Mar 22)
- Re: Email Security Product That Supports Customer Entry of Malicious Messages Justin Harwood (Mar 22)