Implementing my phishing mail detector

F

fedezt

New Member
Nov 28, 2023
1
0
1
Hi Everyone,

I'm new to Proxmox and what I'm trying to do is implement my phishing mail detector on top of Proxmox gateway.

More precisely, I'd like to implement a customized processing of the mail header and body to apply my detection algorithm and add my scores in the mail footer to support the receiver.
Ideally, I'd like to be able to implement this filter in Python so that I can quickly implement my detection models and other functions.

Do you think it is possible?

Thanks a lot for the support!
 
Hello. I don't want to create a separate topic, but this fits in terms of content. Are there any plans to develop additional conditions for blocking spam in the new versions? What I mean is: approximately once a month, I receive massive phishing emails to all mailboxes of all mail server domains. PMG catches that it's spam and sends it to quarantine. But perhaps it's possible to add a rule to immediately blacklist such emails, say after 5 emails in 5 minutes with identical content and identified as spam. This would prevent sending reports to other users about such emails being in the spam quarantine.
 
The processing of each mail is independent of each other - and this will remain that way.
Also - how to distinguish that from a newsletter/mailinglisting post, that accidentally gets flagged as spam?

You as an admin can of course create a rule in these situations...
 
If those phishing emails get a very high spam score, you could theoretically block/drop them (based on score), instead of quarantining them.
If that's applicable to this use-case.

I don't recommend dropping mail, ever though. :)
 
I have update my main.cf as below:

smtpd_sender_restrictions =
......
check_sender_access regexp:/etc/postfix/PoorTLD
check_sender_access regexp:/etc/postfix/Block_Sender_Domain
......

PoorTLD is to block that domian end with like: .space .ren .press and etc
Block_Sender_Domain is to block some emails or full domain
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom