2 Replies Latest reply on Apr 23, 2014 1:46 PM by joe.lusk

    How to limit or alert based on the number of recipients in a single message  MEG7.5

    joe.lusk

      We have had several phishing attacks where internal email accounts are compromised.  The attackers then use OWA to start spamming.  We usually only identifty this after 1000s of emails have gone out and we have neeb grey or black listed.  When we had Ironmail we could alert and quarantine emails with too many recipients (like 50).  We cannot see how to do that with MEG 7.5.  Does anyone know how to do this, or at least get an alert at the icreasing traffic?

       

      We setup up directory harvesting protection but that only kicks in after emails are getting rejected and  by then we are listed

       

      Thanks in advance