Educause Security Discussion mailing list archives
Re: .edu email phishing
From: "Jeffrey I. Schiller" <jis () MIT EDU>
Date: Wed, 2 Apr 2008 15:13:06 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Another approach, which we have taken at MIT, is to install a rate limit filter within our webmail infrastructure. At the moment we only permit one message per minute per login session (with a 15 deep token bucket, so the messages are averaged over 15 minutes). Unfortunately the spammers open up many sessions (coming from several different IP addresses), so when an account is compromised more then 15 messages are sent. But it does help. Our implementation is for the HORDE/IMP webmail system and is implemented within IMP. We are also working on a sendmail milter that will have the same effect, but will be per server instead of per login session. Still should help more! Hopefully this will make our webmail system a less favorable target. -Jeff - -- ======================================================================= Jeffrey I. Schiller MIT Network Manager Information Services and Technology Massachusetts Institute of Technology 77 Massachusetts Avenue Room W92-190 Cambridge, MA 02139-4307 617.253.0161 - Voice jis () mit edu ======================================================================= -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFH8+il8CBzV/QUlSsRAtUPAKD1y3ojr5hc91cPHvTx2n4FP4J8pQCgoss5 AF1Mw8vIStsmJNaIQwaYlwI= =z0oO -----END PGP SIGNATURE-----
Current thread:
- Re: .edu email phishing, (continued)
- Re: .edu email phishing Dick Jacobson (Apr 02)
- Re: .edu email phishing Theresa Semmens (Apr 02)
- Re: .edu email phishing Jesse Thompson (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Christopher Webber (Apr 02)
- Re: .edu email phishing Jesse Thompson (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Jesse Thompson (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Dave Koontz (Apr 02)
- Re: .edu email phishing Jeffrey I. Schiller (Apr 02)
- Re: .edu email phishing Mike Iglesias (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Dave Koontz (Apr 02)
- Re: .edu email phishing Martin Manjak (Apr 03)