> In the past we have had cases where spammers used our customers weak > password accounts and started sending spams , but now the spammer is > sending mails asking users to give them their username/passwords > > > https://ecm.netcore.co.in/tmp/spam3.txt > > > I am sure there are many naive customers who would send their username > passwords back > I need to write a SA rule to score mails asking for username / passwords > inside the mail
Another angle we used when we saw a similiar issue. Use rate-limit to limit the number of recipients an IP can send to per hour. Use a plugin for Squirrel Mail to limit the number of recipients per message and the number of messages per day. Spammers must send out thousands of messages to make it worth there while. At least this worked for us using Exim and Squirrel Mail. Matt
