Go Premium for a chance to win a PS4. Enter to Win



Posted on 2004-08-31
Medium Priority
Last Modified: 2010-04-11
I have a network of around 200 users. I have Lotus Notes email system and I also have spam sentinal. Everyday users receive spams. Interesting thing is, some particular users receive more spams than anyone else....even though I have changed their email address  but still those particular users receiving spams. These users dont use their email address outside company...I mean they dont buy stuff using their email address or post their email address on the web.

What might the problem here?

Any suggestions

Question by:azam786

Expert Comment

ID: 11944108
Is your Ip address static or dynamic? I think the problem here is that the sites where your users have gone in and given their names . these sites must have tallied their email address to their Mac adddress or physical address as you know is distinct for every computer. Now even though you changes the emails address the port settings and mac addresses have not changed . So these mails keep on coming.

I think you better buy a licensed Norton or Mcafee Internet and email spam killer . It is worth the buy and is better than spam sentinal and they have great support too.

Expert Comment

ID: 11944514
Given that you are using Lotus Notes and have 200 users, you will most likely want a solution tuned to Lotus. This link discusses a number of anti-spam tools for Lotus Notes/Domino:

LVL 34

Expert Comment

ID: 11944606
Another possibility is that someone is dictionary-spamming your SMTP gateway. They just sit there and send E-Mail to:


and so forth. If you have common E-Mail addresses, this would explain why people are getting SPAM even tho they never use their work E-Mail on websites.

Also, if you allow the SMTP VRFY or EXPN commands on your SMTP gateway, spammers may cull working addresses that way.

Several ideas:

1) Enable RBLs and other anti-spam measures, assuming the Lotus Notes SMTP gateway has these features.

2) You could interpose a sendmail relay between the 'Net and your Lotus environment. This relay would be configured with RBLs and other anti-SPAM settings and would buffer your Lotus environment.
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!


Expert Comment

ID: 11948137
PsiCop is most likely right.  I run a email server that serves a few hundred users and i have a simular problem.  Also I get many to webmaster@, root@, guest@.  This highly suggest that it is to do with pre-knowledge or dictionary attacks.  Also there is a posibility that there is a worm on your user's machine that is harvesting their email.  A few worms are known to remember their victum's email and then spoof them as it re-sends itself to others as attachments.

The spam tagging software I use is:


It is very powerful and catchs about 95%+ of spam after some tweeks.

LVL 34

Expert Comment

ID: 11949058
One of the anti-SPAM tricks in modern sendmail is that you can throttle a connection after X number of bad recipients. So if someone connects and starts throwing random names at your server, the server, after a given number of random names (you can set this) starts really slowing down the connection. Forces the spammer's server to wait, and wait, and wait.....

Dunno if Lotus has a similar feature.

There are other things you can do in sendmail, like limiting the number of recipients for a given envelope, etc. Not sure how many of these features can be found in Lotus. Sure as heck don't get this kind of control in Exchange.

Author Comment

ID: 11972315
Thanks guys for the comments. I have static IP addresses. I changed one my employee's static IP address. Spam activity has been reduced on his PC lil bit.
I am going to turn on the "reverse look-up" feature of lotus notes, when its on, lotus notes goes back to check  the source of the email and if it doesnt find a legitimate email source server it rejects the email.....I will see how its gonna affect users....

Big guys at my company are thinking to abandon Lotus Notes or hosting email system at the company and go for yahoo business email package.....I have to figure out what are the possible disadvantages....

Any comments?

LVL 34

Expert Comment

ID: 11973508
Yahoo! For *business* E-Mail? Are the big guys crazy?

1) Yahoo! is not going to eliminate the SPAM problem - they just aren't going to put the effort into it to do more than stem the tide somewhat.

2) Read the Terms of Service VERY carefully. I'm willing to be that even for "business" account, Yahoo! has the right to terminate or suspend service at any time, for any reason, and with little or no routes for recourse by you. Want to walk into work one morning and find your corporate accounts suspended because some spammer forged your corporate E-Mail addresses in some SPAM and Yahoo! shut you down due to all the complaints? They probably don't have any requirement to investigate in a timely manner or even turn the service back on.

3) Backups? Restoration of accidentally deleted E-mail? Does your industry have any record-retention requirements? Think a judge is going to be impressed if you can't retrieve E-Mail under subpeona?

The problem isn't Notes as an E-Mail system. You do have an issue in that it apparently lacks the granularity and anti-SPAM defenses of other modern E-Mail systems (GroupWise v6.5, http://www.novell.com/groupwise) implements RBL, white-listing, and junk mail identification. You don't specify the VERSION of Notes you're running, so its hard to say why it lacks these feature - might be an old version.

For very little cost, you could interpose a sendmail relay between Lotus and the Internet. Get an older 400 or 500 MHz CPU box with 256 MB of RAM and 8 or 10 GB of disk, install Solaris X86, or some Linux variant, add sendmail, and configure as a mail relay (at least for inbound E-Mail), and add the 5 free RBLs to the config. You'll have probably an immediate 70% drop in SPAM. Add open-source tools like MIMEdefang and SPAM-Assassin (the later is an Apache Software Foundation project) and you can get that darn close to 100% SPAM elimination with few false-positives.

Author Comment

ID: 11973744
You have mentioned some very interesting points about Yahoo Business email...I will do some more search on that....

Btw, we are using Lotus Notes 4.6, i know its an old junk and thats why i recommended to upgrade it to the latest version or go for Microsoft Exchange.

I will think about your sendemail relay suggestion.


Author Comment

ID: 11973828
Also can you give me some links on  creating sendmail relay for lotus notes...I mean howto kind of links...

LVL 34

Accepted Solution

PsiCop earned 375 total points
ID: 11973974
Exchange is THE most-expensive E-Mail system on the planet, in terms of cost per mailbox per month (Source: Gartner Group E-Mail System TCO comparison study). Unless you like pouring money down ratholes and having an E-Mail system any 16-year-old twerp in Germany can bring to its knees, I'd think outside of the box and look at other systems that cost a lot less and deliver the same (or better) services.

OpenExchange --> http://www.suse.com/us/business/products/openexchange/index.html?sourceidint=productscatmenu_slos

GroupWise v6.5 --> http://www.novell.com/products/groupwise/index.html?sourceidint=productscatmenu_groupwise
(Note: They probably offer discounts for competitive upgrades)

NetMail --> http://www.novell.com/products/netmail/index.html?sourceidint=productscatmenu_netmail

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes Administrators rights are not enough. These cases call for the SYSTEM account. The process in this article outlines the steps required to execute commands using the SYSTEM account.
An overview of cyber security, cyber crime, and personal protection against hackers. Includes a brief summary of the Equifax breach and why everyone should be aware of it. Other subjects include: how cyber security has failed to advance with technol…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question