Content Filter Setting
-
Hi All ,
off late one of our customer is getting a lot of the Porn website ransom mails , which goes like as below
"
Hi.
This is the last warning.
I hacked your operating system.
All personal data from your devices has been copied to my servers.
I have access to your messengers, social networks, emails, chat history and contact list.
My virus constantly updates signatures (it is driver-based) so it remains invisible to antivirus software.
While collecting information about you, I found out that you are a big fan of adult websites.
You really like to visit porn sites and watch dirty videos while having an orgasm.I've already made a screen capture.
It's a montage of the pornographic video you were watching at the time and your masturbation.
Your face is perfectly visible.I don't think this kind of content will have a positive impact on your reputation.I can send this video to everyone who knows you.
I also have no problem with making all of your personal information public on the Internet. "
can we create some simple content filter to delete these ?
Regards.
Vasant Bhnaushali
-
Arron Staff
Yes, you can use the content filter to attempt to filter the messages based on subject or the content in the body. For example, If the Message Body contains "I hacked your operating system" then move the message to the bad queue. The problem with doing this is that it is not very dynamic. If the body is changed to "I hacked your OS" or "we hacked your operating system" it will no longer be caught by the rule. And if you start using smaller phrases to avoid this hassle, then you may start catching wanted messages with the rule.
There are several other options I would reccomend before creating content filter rules.
If Bayesian Learning is enabled, move the message to the Spam folder so the Bayesian system can learn from it.
If Outbreak Protection is in use and not flagging the message as spam, submit the message as a false negative to spamfn @ mdaemon.com.
Look at the inbound SMTP log to see if there are any other changes that can be made that will help to protect the server and block unwanted content.
Check the SpamAssassin rules that were matched and adjust the scores on those rules so the message will be flagged as spam.
You can also add the sender to block lists, but they can easily start sending from a new address.
If you'd like assistance, please post the inbound SMTP log snippet that shows the entire session where the message was received.