Quoting Mike Cardwell <dove...@lists.grepular.com>:
On 22/09/11 15:21, Ralf Hildebrandt wrote:
Perhaps, if you have a list of the plain text passwords in advance you
could use ClamAV. In our case, we don't as we're using an AD. I actually
copied the ClamAV tcp and local interface API so that any MTA which can
plug in to ClamAV is also able to plug into Kochi. That's one of the
things the framework provides.
There are additional 'non-official' ClamAV signatures that are meant
to detect phishing attempts.
They do work, but aren't perfect.
I'm fortunate enough to be on the phishing list, so I wrote a quickie
perl script that will grep the logs for all the recipients and then
scan their INBOX for the phishing email and remove it before they read
it.
Rick
