Blocking cannibalized spam/virus mail with password-protected attachments
falon at ruparpiemonte.it
Fri Jul 2 13:40:46 CEST 2021
Il 22/12/2020 09:39, Nikolaos Milas has written:
> On 22/12/2020 10:24 π.μ., Nikolaos Milas wrote:
>> Can you please suggest ways in which we can configure amavis so as to
>> recognize and drop this kind of mail?
> Another, probably better, approach would be to add to amavis a scan rule
> If body contains text like:
> Password archivio: XXXX
> Archive pass: XXXX
> [where XXXX is a 3- or 4-digit number]
during many years I didn't find a valid solution yet.
If you write a rule, you should update the rule for every variant. They
If you block the encrypted content some customer will complain.
I'm trying the bodyre hashbl rule approach: I hash the content ("pass:
XXX") and I put it on a local DNSBL. It's easier for me.
More information about the amavis-users