Spoofing and Phishing Alert Zimlet
By: zetalliance
Spoofing and Phishing Alert Zimlet
If you find Spoof Alert Zimlet useful and want to support its continued development, you can make donations via: - PayPal: info@barrydegraaff.tk - Bank transfer: IBAN NL55ABNA0623226413 ; BIC ABNANL2A
This Zimlet can be used to help users to identify spoofing and thus offer protection against it. While some parts of this Zimlet work automatic, it is recommended you deploy it with a knowledgeable helpdesk to back it up.
This zimlet checks the result from Spam Assassin and alerts the user when certain tags are found. In addition it enforces the zimbraPrefShortEmailAddress setting to be FALSE as that allows the user to see the used email FROM address. The Zimlet also checks for suspicious characters in headers, like the NULL character etc.
I deployed the Zimlet in an organisation with 700 users, and pointed the alertmail property to the helpdesk ticket system, after a few weeks of increased tickets and configuring the ignorelistReplyTo and ignorelistReturnPath the number of false positives dropped, and now the alert is really valuable to the user.
Recommended security setting
This will help users to identify spoofed emails, this setting is also enforced per user when you enable this zimlet. For the default COS (remeber to set it for all your COS'es): zmprov mc default zimbraPrefShortEmailAddress FALSE
Automatically notify your helpdesk
You can have your users automatically submit suspicious mail to your helpdesk staff by configuring the alertmail property in config_template.xml.
Ignore trusted reply-to's
You can set trusted reply-to's by adding a semi-colon separated list in ignorelistReplyTo
Ignore trusted return-path's
You can set trusted reply-to's by adding a semi-colon separated list in ignorelistReturnPath
Updated for Zimbra 8.8.15
Helpful Links
| Rating | ( 5 ratings ) |
| Downloads | 2555 |
| Latest Version | 0.8 |
| Categories | |
| Compatibility | ZCS 8.7.x , ZCS 8.8.x |
| License | No License Specified |
| Created | on 3/30/15 |
| Updated | 2 days, 3 hours ago |
Reviews
-
Changing Notification Content
By: ibrahimayhans on on 5/12/20 for version 0.8
/opt/zimbra/zimlets-deployed/tk_barrydegraaff_sa_alert/tk_barrydegraaff_sa_alert.properties I Replaced Content with Notification
Only Original Templates Are Still Displayed In Lonely Messages ? -
I have a few questions
By: ibrahimayhans on on 5/12/20 for version 0.8
I Provided Zimlet Setup and Activated,
I Activated Over COS But It Does Not Show Warning ?
How Can I Change Notification Design On E-Mail Only ?
To Which E-Mail Address Are SPAM Notifications Sent ?
ignorelistReplyTo and ignorelistReturnPath Who Makes Adding to the Lists Here ? -
Installed it but dont see anything?
By: JoeVolcano on on 4/14/20 for version 0.8
Not sure what's wrong but all I see is the Zimlet enabled in my preferences.
Not seeing any popups when I browse my spam dir...I see a LOT of Phishing telling me to click random forms.gle to get my user/password.
Can I put in some url to trigger against in the code and warn me? Or is that not a feature here... -
Thank Barry!
By: zimico on on 2/2/20 for version 0.8
The zimlet works very well!
-
Thanks Barry!
By: ajcody on on 12/23/16 for version 0.3