We have a client who is under a fairly targeted attack and it doesn’t seem to be abating. They’ve asked us to see if we can help to limit their exposure.
One of the things that has proven to be most dangerous is the attacker controlling domains that are similar to their actual mail domain (and using this to spoof email). We are in the process of occupying as many of the obvious additional domains as possible but due to the nature of the URL it’s quite susceptible to deliberate typos and letter transposition, at which point, with the 1000 odd TLD’s available, buying all the domains becomes a fairly significant outlay. What I’m wondering is; is it possible to apply a filter in Exchange 2010 to inbound mail to reject email that matches a specific string/set of strings/regular expression? If so how? Thanks, Patrick Patrick Whiteside | Senior Engineer [cid:[email protected]]<http://> T | 0845 458 00 90 F | 0870 421 59 24 W | blue256.co.uk<http://blue256.co.uk/> Head Office | Saxon House, Hellesdon Park Road, Norwich, NR6 5DR This email is confidential and may well also be privileged. If you have received it in error you are on notice of its status. Please notify us immediately by reply email and then delete this message from your system. Please do not copy it or use it for any other purpose, or disclose its content to any other person. To do so could be a breach of confidentiality. All emails and any attachments are believed to be virus free, however, all emails should be virus checked before being downloaded and we accept no responsibility therefore. Please contact our offices on 0845 458 00 90 or email [email protected]<mailto:> if you need assistance. Blue256 Limited Registered Office: Saxon House, Hellesdon Park Road, Drayton High Road, Norwich NR6 5DR Company Registration Number: 05015705 Company Registered in England and Wales
