There is a phishing email come in that identified as real phishing and also the URL link are flagged in virustotal website. Anyway we can stop this? Can Proxmox scan URL link in mail message and block it?
* Check the mail.log for the mail with the fishing rule - which rules did apply, which did not?
* make sure your DNS-setup has not reached the ratelimit of various DNS-RBLs (URIBL_BLOCKED matching) otherwise such mails don't get scored accordingly
Else - sadly not every phishing-url is immediately available in all RBL-lists