How can we improve Kerio Connect?

Phishing/scam email filter - allow admin filter to block fake sender names (match sender name and email to local directory name)

Let's say the boss is John Doe with email

A scammer sends an email from John Doe with email to the CFO, asking him to wire transfer $10,0000.

The CFO does the wire transfer, because the scammer made the sender name be his boss' name, John Doe, which is all the CFO sees (unless he hovers his mouse over the sender name, or looks at the mail headers).

Solution is a two-part rule, which the user account filter allows but the admin custom rules does not:

sender name is John Doe
sender email is NOT

This simple rule would pretty much block all phishing attempts using local user names.

Bonus option: if you could just have the Connect server match directory names to email addresses, this would then automatically work for ALL accounts on the server, no need to manually create this rule for multiple accounts (but in reality, it's usually only CEO accounts that are being faked this way).

3 votes
Sign in Sign in with GFI
Signed in as (Sign out)
You have left! (?) (thinking…)
Rahm Tamir shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →


Sign in Sign in with GFI
Signed in as (Sign out)

Feedback and Knowledge Base