MCP newbie question
Denis Beauchemin
Denis.Beauchemin at USherbrooke.ca
Mon May 15 19:09:45 IST 2006
Hello all,
I would like to get proactive and create special SA rules for phishing
attempts on our local banks.
Problem is I don't get all those phishing emails myself... so I thought
about MCP...
The %mcp-dir%/mcp.spam.assassin.prefs.conf file will contain pretty
general rules that could match on legitimate emails. I want my
filtering as unintrusive as possible: I would like to receive copies of
emails without the end-users even knowing about it.
This is how I would configure MS:
MCP Checks = yes
Non MCP Actions = deliver
MCP Actions = deliver forward myself at usherbrooke.ca
High Scoring MCP Actions = deliver forward myself at usherbrooke.ca
Bounce MCP As Attachment = no
MCP Modify Subject = no
High Scoring MCP Modify Subject = no
Always Include MCP Report = no
Detailed MCP Report = yes
Include Scores In MCP Report = yes
Now for these 2:
Recipient MCP Report = %report-dir%/recipient.mcp.report.txt
Sender MCP Report = %report-dir%/sender.mcp.report.txt
What should I do about them? Nuke them?
Thanks!
Denis
PS: what is "MCP Error Score = 1" about?
--
_
°v° Denis Beauchemin, analyste
/(_)\ Université de Sherbrooke, S.T.I.
^ ^ T: 819.821.8000x2252 F: 819.821.8045
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3226 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20060515/a17bc621/smime.bin
More information about the MailScanner
mailing list