Stopping answers to phishing sites...

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Stopping answers to phishing sites...

Johan Andersson-12
We have been targeted by a phishing attempt and I would like to
stop any replies from our accounts to the reply addresses given in the
emails...
I know this isn't a full solution, but at least it can stop the few that
DO answer
from actually giving out sensitive information.

What would you use as the easiest form for this?

a hashed map of the reply-to adresses?

smtpd_recipient_restrictions =
...
 check_recipient_access = hash:/etc/postfix/phishing_recipients
...

/etc/postfix/phishing_recipients
[hidden email]   REJECT Phishing recipient
...

or ?



Reply | Threaded
Open this post in threaded view
|

Re: Stopping answers to phishing sites...

Noel Jones-2
Johan Andersson wrote:

> We have been targeted by a phishing attempt and I would like to
> stop any replies from our accounts to the reply addresses given in the
> emails...
> I know this isn't a full solution, but at least it can stop the few that
> DO answer
> from actually giving out sensitive information.
>
> What would you use as the easiest form for this?
>
> a hashed map of the reply-to adresses?
>
> smtpd_recipient_restrictions =
> ...
> check_recipient_access = hash:/etc/postfix/phishing_recipients
> ...
>
> /etc/postfix/phishing_recipients
> [hidden email]   REJECT Phishing recipient
> ...
>
> or ?
>
>
>

Yes, that would work.  Note that it should be the first entry
(must be before "permit_mynetworks" and/or
"permit_sasl_authenticated").

I would suggest putting this under smtpd_sender_restrictions
[1] rather than smtpd_recipient_restrictions to prevent any
accidents - an OK entry in that map under
smtpd_recipient_restrictions would make you an open relay.
http://www.postfix.org/SMTPD_ACCESS_README.html#danger


[1] assuming you use the default "smtpd_delay_reject = yes",
recipient rules work just fine under smtpd_sender_restrictions.

--
Noel Jones