Re: Non Zimbra question and I hope that is ok if this type of thing is not abused.

[Csillag Tamas <cstamas@digitus.itk.ppke.hu>]

On Mon, Aug 22, 2011 at 10:46:30AM -0400, Steve Elliott wrote:
> Situation: We have staff/faculty on our campus that don't realize
> that you give out your email login data, including password to
> phishing emails. So we get compromised accounts. 
> We are in the works of putting an external MTA (barracuda system)
> that our Zimbra email will be filtered through if it leaves campus.
> Of course this may hit some good emails with the bad ones. Though I
> routinely check to see if we have a rogue account they usually have
> 2-4 hours of uninterrupted time, especially during the night hours
> where they can spam their hearts out. 
> 
> Question: What solutions do you use to help in those situations? 

I redirect the reply-to address of these mails to myself and block the
accounts if they reply with their login data.

I also check mail logs if someone replied before my redirect was in
place and also block them too.

In the case of faculty I try to reach them by other means, if it is a
student I leave it as it is and let them find me (or the helpdesk).

Regards,
  cstamas
-- 
CSILLAG Tamas (cstamas) - http://digitus.itk.ppke.hu/~cstamas