Re: Filtering outgoing email

[Roger Safian <r-safian () NORTHWESTERN EDU>]

At 07:00 AM 6/23/2009, Kellogg, Brian D. put fingers to keyboard and wrote:
> We've been the victim of a phishing scam that made it through our
> incoming spam filter.  The phisher used the compromised accounts to send
> spam via Outlook Web Access.  Just wondering what inexpensive/reliable
> methods others are using to filter outbound email and catch any accounts
> showing a huge volume of outbound spam.  Thanks...

What we have begun to do is sen our outbound mail through our Sophos
box.  Right now we're doing it for selected domains.  The reason we're
not doing everything as yet, is that we use Sophos for our inbound
spam solution, and we allow our users to set (for example) white lists,
or opt out.  It turns out if a user has a .forward, their user selected
options won't be honored on their outbound messages.  Basically, we need
to work out some policy issues.

All that being said, the outbound Sophos scanning works fine.  It just
saved us from one of our phishing victims this week.


--
Roger A. Safian
r-safian () northwestern edu (email) public key available on many key servers.
(847) 467-6437   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"