I have a network of around 200 users. I have Lotus Notes email system and I also have spam sentinal. Everyday users receive spams. Interesting thing is, some particular users receive more spams than anyone else....even though I have changed their email address  but still those particular users receiving spams. These users dont use their email address outside company...I mean they dont buy stuff using their email address or post their email address on the web.

What might the problem here?

Any suggestions

Who is Participating?
PsiCopConnect With a Mentor Commented:
Exchange is THE most-expensive E-Mail system on the planet, in terms of cost per mailbox per month (Source: Gartner Group E-Mail System TCO comparison study). Unless you like pouring money down ratholes and having an E-Mail system any 16-year-old twerp in Germany can bring to its knees, I'd think outside of the box and look at other systems that cost a lot less and deliver the same (or better) services.

OpenExchange -->

GroupWise v6.5 -->
(Note: They probably offer discounts for competitive upgrades)

NetMail -->
Is your Ip address static or dynamic? I think the problem here is that the sites where your users have gone in and given their names . these sites must have tallied their email address to their Mac adddress or physical address as you know is distinct for every computer. Now even though you changes the emails address the port settings and mac addresses have not changed . So these mails keep on coming.

I think you better buy a licensed Norton or Mcafee Internet and email spam killer . It is worth the buy and is better than spam sentinal and they have great support too.
Given that you are using Lotus Notes and have 200 users, you will most likely want a solution tuned to Lotus. This link discusses a number of anti-spam tools for Lotus Notes/Domino:
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

Another possibility is that someone is dictionary-spamming your SMTP gateway. They just sit there and send E-Mail to:

and so forth. If you have common E-Mail addresses, this would explain why people are getting SPAM even tho they never use their work E-Mail on websites.

Also, if you allow the SMTP VRFY or EXPN commands on your SMTP gateway, spammers may cull working addresses that way.

Several ideas:

1) Enable RBLs and other anti-spam measures, assuming the Lotus Notes SMTP gateway has these features.

2) You could interpose a sendmail relay between the 'Net and your Lotus environment. This relay would be configured with RBLs and other anti-SPAM settings and would buffer your Lotus environment.
PsiCop is most likely right.  I run a email server that serves a few hundred users and i have a simular problem.  Also I get many to webmaster@, root@, guest@.  This highly suggest that it is to do with pre-knowledge or dictionary attacks.  Also there is a posibility that there is a worm on your user's machine that is harvesting their email.  A few worms are known to remember their victum's email and then spoof them as it re-sends itself to others as attachments.

The spam tagging software I use is:

It is very powerful and catchs about 95%+ of spam after some tweeks.

One of the anti-SPAM tricks in modern sendmail is that you can throttle a connection after X number of bad recipients. So if someone connects and starts throwing random names at your server, the server, after a given number of random names (you can set this) starts really slowing down the connection. Forces the spammer's server to wait, and wait, and wait.....

Dunno if Lotus has a similar feature.

There are other things you can do in sendmail, like limiting the number of recipients for a given envelope, etc. Not sure how many of these features can be found in Lotus. Sure as heck don't get this kind of control in Exchange.
azam786Author Commented:
Thanks guys for the comments. I have static IP addresses. I changed one my employee's static IP address. Spam activity has been reduced on his PC lil bit.
I am going to turn on the "reverse look-up" feature of lotus notes, when its on, lotus notes goes back to check  the source of the email and if it doesnt find a legitimate email source server it rejects the email.....I will see how its gonna affect users....

Big guys at my company are thinking to abandon Lotus Notes or hosting email system at the company and go for yahoo business email package.....I have to figure out what are the possible disadvantages....

Any comments?

Yahoo! For *business* E-Mail? Are the big guys crazy?

1) Yahoo! is not going to eliminate the SPAM problem - they just aren't going to put the effort into it to do more than stem the tide somewhat.

2) Read the Terms of Service VERY carefully. I'm willing to be that even for "business" account, Yahoo! has the right to terminate or suspend service at any time, for any reason, and with little or no routes for recourse by you. Want to walk into work one morning and find your corporate accounts suspended because some spammer forged your corporate E-Mail addresses in some SPAM and Yahoo! shut you down due to all the complaints? They probably don't have any requirement to investigate in a timely manner or even turn the service back on.

3) Backups? Restoration of accidentally deleted E-mail? Does your industry have any record-retention requirements? Think a judge is going to be impressed if you can't retrieve E-Mail under subpeona?

The problem isn't Notes as an E-Mail system. You do have an issue in that it apparently lacks the granularity and anti-SPAM defenses of other modern E-Mail systems (GroupWise v6.5, implements RBL, white-listing, and junk mail identification. You don't specify the VERSION of Notes you're running, so its hard to say why it lacks these feature - might be an old version.

For very little cost, you could interpose a sendmail relay between Lotus and the Internet. Get an older 400 or 500 MHz CPU box with 256 MB of RAM and 8 or 10 GB of disk, install Solaris X86, or some Linux variant, add sendmail, and configure as a mail relay (at least for inbound E-Mail), and add the 5 free RBLs to the config. You'll have probably an immediate 70% drop in SPAM. Add open-source tools like MIMEdefang and SPAM-Assassin (the later is an Apache Software Foundation project) and you can get that darn close to 100% SPAM elimination with few false-positives.
azam786Author Commented:
You have mentioned some very interesting points about Yahoo Business email...I will do some more search on that....

Btw, we are using Lotus Notes 4.6, i know its an old junk and thats why i recommended to upgrade it to the latest version or go for Microsoft Exchange.

I will think about your sendemail relay suggestion.

azam786Author Commented:
Also can you give me some links on  creating sendmail relay for lotus notes...I mean howto kind of links...

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.