spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex <mysqlstud...@gmail.com>
Subject Re: Macro virus fun
Date Wed, 06 Apr 2016 19:21:03 GMT
Hi,

On Wed, Apr 6, 2016 at 11:39 AM, John Hardin <jhardin@impsec.org> wrote:
> On Wed, 6 Apr 2016, Alex wrote:
>
>> Yes, blocking all .doc files would be tough for us. However, maybe a
>> rule that weights their existence them more heavily combined with
>> something involving finance+money+invoices would be helpful.
>
> Would blocking with whitelist exceptions for expected sources work for you?

Unfortunately not. It's a business with a lot of little vendors,
apparently. I'm surprised at just how many legitimate senders use junk
email addresses like joe34@cox.net to send actual invoices for
services.

Thanks,
Alex

Mime
View raw message