After receiving a phishing e-mail where the recipient gave away the address and password and that resulted in a huge number of e-mails coming in and going out. I was wondering whether a rate limit could have reduced the damage? And if that is the case what is the most simple rate limit I should apply? Also we are witnessing a larger number of phishing e-mails. We have ClamAV and SpamAssassin running, but unable to stop the flow. Sanesecurity signatures don't have any effect either. Is there any suggestion on how to reduce Phishing attack?
