Educause Security Discussion mailing list archives
Re: Filtering outgoing email
From: Jeremy Mooney <jmooney.edulists () GMAIL COM>
Date: Tue, 23 Jun 2009 12:06:23 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gary Flynn wrote on 6/23/09 10:52 :
Joe Vieira wrote:We do two things here. Both of which work VERY well, both are free and have been super reliable. the first of which is http://code.google.com/p/anti-phishing-email-reply/ the use of this.Has anyone incorporated this into an Exchange or Mirapoint environment? Our Exchange admin is running into limits and I'm wary about Mirapoint filter limits.
Yes, we have it integrated into Exchange. A script creates dynamic contact objects for anything listed as seen within a timeframe, which is then set as only allowing itself (authenticated) to send to it. Someone attempting to send to it gets the general no permission to send to that address message. The same concept could be set for a group dynamic object (not dynamic group) rather than contact if you wanted to redirect them rather than block. With a sanitized $address and $laddress, and connected as an address that can create and modify contact objects in the desired OU: $ldap->add( "CN=$address,OU=Phishing Blocks,DC=example,DC=com", attr => [ 'cn' => $address, 'displayName' => $address, 'name' => $address, 'mail' => $address, 'mailNickname' => $laddress, 'objectClass' => ['top','person','organizationalPerson','contact','dynamicObject'], 'entryTTL' => 15552000, 'proxyAddresses' => ["SMTP:$address","smtp:$laddress\@example.com"], 'targetAddress' => "SMTP:$address", 'msExchHideFromAddressLists' => 'TRUE', 'msExchRequireAuthToSendTo' => 'TRUE']); $ldap->modify( "CN=$address,OU=Phishing Blocks,DC=example,DC=com", replace => [ 'authOrig' => ["CN=$address,OU=Phishing Blocks,DC=example,DC=com"]]); The separate modify for authOrig is due to AD needing the object to exist before it can created the linked value. Hope this helps. - -- Jeremy Mooney ITS - Bethel University -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iF0EARECAB0FAkpBC48WGGhrcDovL3N1YmtleXMucGdwLm5ldAAKCRBiEJEZ/xdg ls4UAJ9wSi9ptynEQrJQmL7Ist7T1UzNOQCdFBYE0pcHUxlLvR80XTO0F8PioHw= =qW4G -----END PGP SIGNATURE-----
Current thread:
- Filtering outgoing email Kellogg, Brian D. (Jun 23)
- <Possible follow-ups>
- Re: Filtering outgoing email Pete Hickey (Jun 23)
- Re: Filtering outgoing email Gregg, Christopher S. (Jun 23)
- Re: Filtering outgoing email Joe Vieira (Jun 23)
- Re: Filtering outgoing email HALL, NATHANIEL D. (Jun 23)
- Re: Filtering outgoing email Gary Flynn (Jun 23)
- Re: Filtering outgoing email Roger Safian (Jun 23)
- Re: Filtering outgoing email Charles Seitz (Jun 23)
- Re: Filtering outgoing email Joe Vieira (Jun 23)
- Re: Filtering outgoing email Jeremy Mooney (Jun 23)
- Re: Filtering outgoing email Roger Safian (Jun 23)
- Re: Filtering outgoing email Roger Safian (Jun 23)
- Re: Filtering outgoing email Irish, Adrian L (Jun 23)
- Re: Filtering outgoing email Jesse Thompson (Jun 24)
- Re: Filtering outgoing email Todd Clementz (Jun 24)