smpross
asked on
Spam Filtering
Hi All,
I am looking for suggestions for Spam filtering for an exchange 2000 / 2003 email server. I do have certain requirements:
Filtering should occur on the server level and not the desktop level (A secondary desktop filter could be acceptable)
Must be able to add custom rules
No email can be deleted by the filter, it should be routed to a public folder or another mailbox.
Must be able to use RBL lists
Must be able to use whitelists and blacklists
Users must be able to tag something that gets through as spam and have a new rule created to prevent the message in the future.
Users must be able to add an email address or subject to the white list
Any assistance would be greatly appreciated
Scott
I am looking for suggestions for Spam filtering for an exchange 2000 / 2003 email server. I do have certain requirements:
Filtering should occur on the server level and not the desktop level (A secondary desktop filter could be acceptable)
Must be able to add custom rules
No email can be deleted by the filter, it should be routed to a public folder or another mailbox.
Must be able to use RBL lists
Must be able to use whitelists and blacklists
Users must be able to tag something that gets through as spam and have a new rule created to prevent the message in the future.
Users must be able to add an email address or subject to the white list
Any assistance would be greatly appreciated
Scott
Symantec Antivirus for Exchange is another, pretty decent antivirus/spamfiltering software. It supports whitelists, blacklists, RBLs and routing email to another mailbox and custom rules.
You can't, however, tag something as SPAM in Outlook and have it blocked by the server.
You can't, however, tag something as SPAM in Outlook and have it blocked by the server.
Advanced Spam defence - Sybari (just purchased by M$)
certainly fits the bill, works in a similar way to brightmail but a fraction of the cost
You wont need to use RBL's as the managed service takes care of this for you, been trialling it at a 12,000 mailbox site and havent had one false positive (been running in-house for several months, no falsies either...not one). I know that sounds hard to believe but when you understand how the underlying technology works it makes sense..
At interesting effect of the detection mechanism is that it actually detects and quarantines new virus threats within minutes of an outbreak due to the increased volume on the net..so you dont have to rely on waiting for a signature update from your friendly AV vendor
Each user has there own quarantine which stores SPAM/BULK OUTSIDE of the Exchange Information store..why would you want to backup all the rubbish ?
Users have access to there own policy engine for white/black listing and there is also an Outlook plug-in which will meet all your other requirements if you decide to redirect to the IS..
The technology has been OEM'd by Sybari from www.commtouch.com
Not sure what M$ will do with it ? but it should make interesting viewing...
Cheers
John
certainly fits the bill, works in a similar way to brightmail but a fraction of the cost
You wont need to use RBL's as the managed service takes care of this for you, been trialling it at a 12,000 mailbox site and havent had one false positive (been running in-house for several months, no falsies either...not one). I know that sounds hard to believe but when you understand how the underlying technology works it makes sense..
At interesting effect of the detection mechanism is that it actually detects and quarantines new virus threats within minutes of an outbreak due to the increased volume on the net..so you dont have to rely on waiting for a signature update from your friendly AV vendor
Each user has there own quarantine which stores SPAM/BULK OUTSIDE of the Exchange Information store..why would you want to backup all the rubbish ?
Users have access to there own policy engine for white/black listing and there is also an Outlook plug-in which will meet all your other requirements if you decide to redirect to the IS..
The technology has been OEM'd by Sybari from www.commtouch.com
Not sure what M$ will do with it ? but it should make interesting viewing...
Cheers
John
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Maybe this will help:
http://www.msexchange.org/software/Anti-Spam/
I've implemented GFI Mail essentials, SurfControl e-mail filter and MailMarshal -> I like MailMarshal a lot, but it's rather the most expensive I think....works great, check the trials (can download them for all 3)
http://www.msexchange.org/software/Anti-Spam/
I've implemented GFI Mail essentials, SurfControl e-mail filter and MailMarshal -> I like MailMarshal a lot, but it's rather the most expensive I think....works great, check the trials (can download them for all 3)
This is canned text, for the most part, but I wanted to add my $0.02:
I am one of the GFI proponents...it is cheap and does the job.
My favorite was Brightmail, which was recently acquired by Symantec. I have seen what they have done merging the Ghost and Powerquest Drive Image products and I am worried. I am wondering what they will do with brightmail.
Trend was another favorite of mine that I used years (4-5) ago when the spammers were just starting and used real words rather than V!@gr@ (Bayesian filters can catch this).
My favorite Anti-spam and anti-virus device is the Ironport series of systems. I have seen them implemented in 3 locations so far and they are great. The Ironport support is phenominal.
This is a copy of my answer from a previous question:
https://www.experts-exchange.com/questions/21228232/Need-to-evaluate-a-Virus-and-Spam-product-for-customer-that-is-using-GFI-products.html
I also link-drop:
http://antispam.msexchange.org/ - To me this site is not comprehensive as it misses some products, particularly the products based upon SPAM Assasin (Unix Based) technology. It does, however, provide some good insight on the products.
Assisted Answer from flyguybob
Date: 12/02/2004 07:01PM EST
Grade: A
Assisted Answer
I have two sections (and don't want to steal Sadian's thunder as what Sadian said was right on the money!):
Virus
Anti-SPAM
*****VIRUS*****
IM(not so)HO:
I have used Trend ScanMail for Exchange and loved it. Trend had great support for their product, was one of the first products to market with an anti-virus and anti-spam product wrapped into one. It was actually a great product and I used it for 2 years. Now I consult and see a lot of the Symantec product on client systems. However, Trend still has a very strong foot-hold because they make a great product.
Sybari Antigen is a wonderful product and is being heralded as the next greatest virus package for Exchange. It does have some problems scaling with 25,000 plus users and clustered environments, but you don't have to worry about that. I think they almost have those problems licked.
Symantec Mail Security is a good product...not quite what I like, but the product is reasonably priced and clients are comfortable with the Symantec/Norton name. The thing that I like about Symantec is that I have been able to obtain enterprise "per-seat" pricing and I can install any of their AV products. This does go against the 2-vendor theory. However, for a small business it is very economic. Check with your VAR (Insight, CDW, etc). I think it was nearly $50 versus $35 for just the desktop scanner. Another thing was that maintenance, at the time, was an option for 25% of the price of the product. Anyway, Symantec does a good amount of AV research and is pretty quick to market with accurate AV updates in light of new virii.
I abandoned McAfee 4 years ago for Trend and I haven't given them a second chance. Long story there, mate.
****ANTI-spam****
What you want to look for is Bayesian scanning technology in your product. That can learn differentiation between V!agra and Viagra and V-i-a-g-r-a and V!@gr@, an nauseum. ( I meant ad nauseum)
Right now one of the best products (particularly for the buck) is GFI...seriously.
Another great product is Brightmail, which was recently acquired by Symantec. It will be interesting to see what happens with that product. Brightmail is also part of the Ironport product. Ironport makes a hardware "smart-host", which is a great product if your company can afford the price tag.
http://antispam.msexchange.org/ - To me this site is not comprehensive as it misses some products, particularly the products based upon SPAM Assasin (Unix Based) technology. It does, however, provide some good insight on the products.
I am one of the GFI proponents...it is cheap and does the job.
My favorite was Brightmail, which was recently acquired by Symantec. I have seen what they have done merging the Ghost and Powerquest Drive Image products and I am worried. I am wondering what they will do with brightmail.
Trend was another favorite of mine that I used years (4-5) ago when the spammers were just starting and used real words rather than V!@gr@ (Bayesian filters can catch this).
My favorite Anti-spam and anti-virus device is the Ironport series of systems. I have seen them implemented in 3 locations so far and they are great. The Ironport support is phenominal.
This is a copy of my answer from a previous question:
https://www.experts-exchange.com/questions/21228232/Need-to-evaluate-a-Virus-and-Spam-product-for-customer-that-is-using-GFI-products.html
I also link-drop:
http://antispam.msexchange.org/ - To me this site is not comprehensive as it misses some products, particularly the products based upon SPAM Assasin (Unix Based) technology. It does, however, provide some good insight on the products.
Assisted Answer from flyguybob
Date: 12/02/2004 07:01PM EST
Grade: A
Assisted Answer
I have two sections (and don't want to steal Sadian's thunder as what Sadian said was right on the money!):
Virus
Anti-SPAM
*****VIRUS*****
IM(not so)HO:
I have used Trend ScanMail for Exchange and loved it. Trend had great support for their product, was one of the first products to market with an anti-virus and anti-spam product wrapped into one. It was actually a great product and I used it for 2 years. Now I consult and see a lot of the Symantec product on client systems. However, Trend still has a very strong foot-hold because they make a great product.
Sybari Antigen is a wonderful product and is being heralded as the next greatest virus package for Exchange. It does have some problems scaling with 25,000 plus users and clustered environments, but you don't have to worry about that. I think they almost have those problems licked.
Symantec Mail Security is a good product...not quite what I like, but the product is reasonably priced and clients are comfortable with the Symantec/Norton name. The thing that I like about Symantec is that I have been able to obtain enterprise "per-seat" pricing and I can install any of their AV products. This does go against the 2-vendor theory. However, for a small business it is very economic. Check with your VAR (Insight, CDW, etc). I think it was nearly $50 versus $35 for just the desktop scanner. Another thing was that maintenance, at the time, was an option for 25% of the price of the product. Anyway, Symantec does a good amount of AV research and is pretty quick to market with accurate AV updates in light of new virii.
I abandoned McAfee 4 years ago for Trend and I haven't given them a second chance. Long story there, mate.
****ANTI-spam****
What you want to look for is Bayesian scanning technology in your product. That can learn differentiation between V!agra and Viagra and V-i-a-g-r-a and V!@gr@, an nauseum. ( I meant ad nauseum)
Right now one of the best products (particularly for the buck) is GFI...seriously.
Another great product is Brightmail, which was recently acquired by Symantec. It will be interesting to see what happens with that product. Brightmail is also part of the Ironport product. Ironport makes a hardware "smart-host", which is a great product if your company can afford the price tag.
http://antispam.msexchange.org/ - To me this site is not comprehensive as it misses some products, particularly the products based upon SPAM Assasin (Unix Based) technology. It does, however, provide some good insight on the products.
I have been through the "which antispam server to use with exchange" experience and it wasn't fun.
I tried GFI MailEssentials, Microsoft's IMF, IHateSpam, amongst others.
IHateSpam was unstable, IMF was unusable and we settled on GFI. It's quite easy to use and pretty solid and GFI seem to regularly add new features with patches and updates which is usually a good sign.
I tried GFI MailEssentials, Microsoft's IMF, IHateSpam, amongst others.
IHateSpam was unstable, IMF was unusable and we settled on GFI. It's quite easy to use and pretty solid and GFI seem to regularly add new features with patches and updates which is usually a good sign.
assp.sourceforge.net
Open source, free, meets all the requirements and works flawlessly.
I've been running for a year and it is great
Open source, free, meets all the requirements and works flawlessly.
I've been running for a year and it is great
There is central filtering, plus the users can create their own blacklist and whitelists.
I am not a great lover of RBLs, I don't like the idea of someone else deciding what is spam.
Routing to another folder means I have to go through the folder for real messages (or delegate it to someone else).
Simon.