Educause Security Discussion mailing list archives
Re: .edu email phishing
From: Martin Manjak <mm376 () ALBANY EDU>
Date: Thu, 3 Apr 2008 09:25:42 -0400
Not to muddy the waters, but we starting using these signatures at the beginning of March and I haven't had any problems receiving messages on this list. The sigs do catch a lot of garbage, but we're still getting the phishing emails. M- Mike Iglesias wrote:
Dave Koontz wrote:Tim, if you are running Barracuda (Spam Assassin) with ClamAV, check out Sane Security's Phishing and Scam signatures. They do a great job of catching these phishing messages and most of the others out there (like eBay, banks, etc.) Just schedule an update to run periodically. http://www.sanesecurity.co.uk/clamav/downloads.htmWe've started using these signatures recently, and they are working. They work a little *too* well, and have caused some of us to be dropped from some mailing lists (like this one) because people are posting the phishing email messages that have been sent to their campuses to the list (which I'm not complaining about), the Sane Security rules catch them, and the email is rejected during delivery. After some number of delivery failures, Listserv drops you from the list. So either subscribe using an email address that doesn't get run thru the rules or exempt this list (and any others that might have sample phishing email posted to them) from rule checking.
-- Martin Manjak Information Security Officer University at Albany CISSP, GIAC GSEC-G, GCIH, GCWN
Current thread:
- Re: .edu email phishing, (continued)
- Re: .edu email phishing Jesse Thompson (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Jesse Thompson (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Dave Koontz (Apr 02)
- Re: .edu email phishing Jeffrey I. Schiller (Apr 02)
- Re: .edu email phishing Mike Iglesias (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Dave Koontz (Apr 02)
- Re: .edu email phishing Martin Manjak (Apr 03)