Malicious emails reach MIAB but not Gmail


#1

Hi,

Gmail is able to stop mailicious emails from reaching my inbox but my mail in a box allows them. Do you have any suggestions for how to increase my protection level? I believe spamassassin is automatically installed.

Here is the malicious email I received today:

Subject: Your email Account (roslyn@mobicycle.co.uk) will be deleted from our server (Failure to Upgrade)

Failure to upgrade to our new server would lead to a permanent termination and deletion of your account as stated in our Terms and condition.This serves as an additional security measure to prevent unauthorized access to your email account…

Proceed here to Upgrade.

http://evolutionmaterialconstruction.com/auto/asdfghjsdfghjasdfghjsdfghjk/deactivate.php?email=me@e


#2

There is no malicious email scanning in MIAB available. Attempts have been made to include clamav. However that increases the attack service on the box.


#3

Today, it’s “PATRICIA EZE” from “Natwest” on info@hmrccustomersupport38.top with an attachment.

I found this on Spam Assassin’s website:

Using network tests to increase accuracy

https://wiki.apache.org/spamassassin/UsingNetworkTests

SpamAssassin supports several optional components to increase accuracy. Along with Bayes training, its set of ‘network tests’ is key if you want to improve your hit-rate. In testing, it typically halves the false negative rate – in other words, it means that users will see half as many missed spams.

By default, most installations of SpamAssassin don’t turn on the network tests, since they impose a small delay on each message as it passes through the filter. Since this increases the system memory load (although it will not increase the system CPU load), it’s something that could cause trouble on high-volume sites. As such, it requires a little thought by the admin before it’s turned on, so it’s not simply turned on ‘out of the box’ as a result.

How to turn on network tests

Edit your spamd start-up script, or start-up options file (depending on which OS you’re running, these may be different). There should be a -L or --local switch in that file. Remove it to enable network tests.