Phishing Scams, Auditing, E-mail, and compromised accounts
45 views
Skip to first unread message
Tomas Hajek
Dec 14, 2011, 11:37:37 AM12/14/11
to google-app...@googlegroups.com
We are transitioning our users over to Google Apps for EDU. We currently user a barracuda Spam and Virus Firewall for inbound and outbound traffic to our local mail servers. Our users get a good amount of phishing scam e-mails and a small percentage of them respond and spammers take control of their e-mail. This makes us a spam source and sometimes our e-mail domain gets blacklisted. One thing we have been able to do to with the barracuda is that it sends alert messages when the mail queues reach a certain threshold. When we see this we can check the queue and see if it's coming from one of our users and we suspend their account and get in contact with them and reset their password, ask them if they remember responding to a particular e-mail or form, etc.
So, the question I have is this. Once we switch over to Google for our e-mail (and our barracuda is not longer filtering traffic), is there any mechanism via API or domain management interface that can give me some similar information. Maybe the total messages sent from a particular account over a period of time or something similar that might help us determine that a compromise has occurred and on which account so that we can take action to notify that user? Is there any process that Google has that might notify domain admins of compromised accounts?
How do others handle these situations?
Thanks,
-Tomas
Alexandre Jacquet
Dec 14, 2011, 5:19:10 PM12/14/11
to google-app...@googlegroups.com
Hello Tomas,
Using API is not possible, because you have to handle the mail flow to analyze the messages, this feature is only allowed using the properly Gmail Anti Spam system or implementing Postini Services, you can contact Google Enterprise (www.google.com/a) to purchase this product or work only with Gmail Security that is excellent.
 |
Alexandre Jacquet Google Apps Deployment Specialst |
--
You received this message because you are subscribed to the Google Groups "Google Apps Domain Information and Management APIs" group.
To view this discussion on the web visit https://groups.google.com/d/msg/google-apps-mgmt-apis/-/QJ-mM5nGEFQJ.
To post to this group, send email to google-app...@googlegroups.com.
To unsubscribe from this group, send email to google-apps-mgmt...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-apps-mgmt-apis?hl=en.
Tomas Hajek
Dec 14, 2011, 7:58:33 PM12/14/11
to Google Apps Domain Information and Management APIs
Is there any way to get a count of how many e-mail are sent from a
single user account via API in a day? Could it be done via the audit
API to get a count of the messages with a Sent Mail label/IMAP folder
at a couple of times during the day per user. I imagine that there
could be some metric that might work. Maybe if there are more than
200 sent messages in an 8 hour period? Would the audit API have
capability like this?
single user account via API in a day? Could it be done via the audit
API to get a count of the messages with a Sent Mail label/IMAP folder
at a couple of times during the day per user. I imagine that there
could be some metric that might work. Maybe if there are more than
200 sent messages in an 8 hour period? Would the audit API have
capability like this?
thanks,
-Tomas
On Dec 14, 5:19 pm, Alexandre Jacquet <alejacq...@ajsolutions.me>
wrote:
> Hello Tomas,
>
> Using API is not possible, because you have to handle the mail flow to
> analyze the messages, this feature is only allowed using the properly Gmail
> Anti Spam system or implementing Postini Services, you can contact Google
> Enterprise (www.google.com/a) to purchase this product or work only with
> Gmail Security that is excellent.
>
James X Nelson
Dec 17, 2011, 5:37:02 AM12/17/11
to google-app...@googlegroups.com
You can use Postini to do all sorts of wild filtering, spam rejection and message quarantining.
I think Promevo offers this service with setup support. There may be others, I only dabbled in it because the features in Postini are awesome, I just have no personal use for them.
As for the audit api, you can get zipped copies of messages sent to another email account, but you will still need to use IMAP and oauth w/ admin account to programmatically access these zips.
As for the audit api, you can get zipped copies of messages sent to another email account, but you will still need to use IMAP and oauth w/ admin account to programmatically access these zips.
--
"He whose desires are drawn toward knowledge in every form will be absorbed in the pleasures of the soul, and will hardly feel bodily pleasure --I mean, if he be a true philosopher and not a sham one." - Plato
"Wise Words Woven With Will Wakes Worlds" - Alyxandor Artistocles
"He whose desires are drawn toward knowledge in every form will be absorbed in the pleasures of the soul, and will hardly feel bodily pleasure --I mean, if he be a true philosopher and not a sham one." - Plato
"Wise Words Woven With Will Wakes Worlds" - Alyxandor Artistocles
Reply all
Reply to author
Forward
0 new messages