Firewall Wizards mailing list archives
Re: Securing email by inhibiting urls
From: Kurt Buff <kurt.buff () gmail com>
Date: Thu, 11 Aug 2011 07:15:48 -0700
Which is why I use a mail gateway for $WORK. On Thu, Aug 11, 2011 at 04:41, Chris <chughes () l8c com> wrote:
Should have mentioned that this is a MS Exchange environment. Spam filters are MS based currently MS based but that’s up for grabs if we can replace them with something that provides the same functionality in place now. Currently using Brightmail and other than disabling/replacing urls in email it is working pretty good. -----Original Message----- From: Kurt Buff [mailto:kurt.buff () gmail com] Sent: Thursday, August 11, 2011 1:32 AM To: chughes () l8c com; Firewall Wizards Security Mailing List Subject: Re: [fw-wiz] Securing email by inhibiting urls mimedefang comes to mind. http://mimedefang.org On Mon, Aug 1, 2011 at 11:46, Chris <chughes () l8c com> wrote:A company I work for has been having great difficulty in securing against email attacks. So far we have disabled access to webmail, implemented rules and processes to block freemail services like hotmail etc until the sender registers the address and of course a spam filter (BrightMail). Attachment filtering is pretty strict as well. The threat that presents the biggest challenge is url links in emails. The common method of attack is an email from somedomain.com where they change one character or otherwise make the address look valid (ie: joe () s0medomain com or j0e () somedomain com etc). I was looking for a way to spot and block hyperlinks but it looks like the only option I have is to filter on these and send them to a spam bin. I’d rather yank the offending hyperlink and replace it with a message of some sort. Unfortunately BrightMail doesn’t offer that capability. Any products that do this or ideas on a solution? Thanks _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Securing email by inhibiting urls Chris (Aug 10)
- Re: Securing email by inhibiting urls Mathew Want (Aug 11)
- Re: Securing email by inhibiting urls Chris (Aug 11)
- Re: Securing email by inhibiting urls Marcus Ranum (Aug 11)
- Re: Securing email by inhibiting urls Jean-Denis Gorin (Aug 12)
- Re: Securing email by inhibiting urls Marcus Ranum (Aug 12)
- Re: Securing email by inhibiting urls Chris (Aug 11)
- Re: Securing email by inhibiting urls Timothy Shea (Aug 11)
- Re: Securing email by inhibiting urls Mathew Want (Aug 11)
- Re: Securing email by inhibiting urls Chris (Aug 11)
- Re: Securing email by inhibiting urls Kurt Buff (Aug 11)
- Re: Securing email by inhibiting urls Victor Williams (Aug 11)
- Re: Securing email by inhibiting urls Chris (Aug 12)
- Re: Securing email by inhibiting urls Paul D. Robertson (Aug 12)
- <Possible follow-ups>
- Re: Securing email by inhibiting urls Chris (Aug 11)
- Re: Securing email by inhibiting urls Ilias - (Aug 11)