I typically do not allow any attachments from unknown senders, and/or I use a greylisting mechanism to counter it.
-- Espi On Thu, Oct 5, 2017 at 7:55 AM, Rimmel, Carl <[email protected]> wrote: > We have been seeing an uptick in SPAM containing PDF attachments. The > PDFs are composed of a full-page image that, when moused-over, points to a > malicious web site. We have tried to use Transport Rules to block these > based on the moused-over URL but Exchange seems unable to properly detect > these embedded URLs. We are able to use Transport Rules to block PDFs with > plain text so we know that the server is inspecting them properly. > > > > Any ideas on how to battle these pesky messages? > > ------------------------------ > > CONFIDENTIALITY NOTICE: This email contains information from the sender > that may be CONFIDENTIAL, LEGALLY PRIVILEGED, PROPRIETARY or otherwise > protected from disclosure. This email is intended for use only by the > person or entity to whom it is addressed. If you are not the intended > recipient, any use, disclosure, copying, distribution, printing, or any > action taken in reliance on the contents of this email, is strictly > prohibited. If you received this email in error, please contact the sending > party by reply email, delete the email from your computer system and shred > any paper copies. > > Note to Patients: There are a number of risks you should consider before > using e-mail to communicate with us. See our Privacy & Security page on > www.henryford.com for more detailed information as well as information > concerning MyChart, our new patient portal. If you do not believe that our > policy gives you the privacy and security protection you need, do not send > e-mail or Internet communications to us. >
