Posted on 2004-08-31
Last Modified: 2010-04-11
I have a network of around 200 users. I have Lotus Notes email system and I also have spam sentinal. Everyday users receive spams. Interesting thing is, some particular users receive more spams than anyone else....even though I have changed their email address  but still those particular users receiving spams. These users dont use their email address outside company...I mean they dont buy stuff using their email address or post their email address on the web.

What might the problem here?

Any suggestions

Question by:azam786
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 11944108
Is your Ip address static or dynamic? I think the problem here is that the sites where your users have gone in and given their names . these sites must have tallied their email address to their Mac adddress or physical address as you know is distinct for every computer. Now even though you changes the emails address the port settings and mac addresses have not changed . So these mails keep on coming.

I think you better buy a licensed Norton or Mcafee Internet and email spam killer . It is worth the buy and is better than spam sentinal and they have great support too.

Expert Comment

ID: 11944514
Given that you are using Lotus Notes and have 200 users, you will most likely want a solution tuned to Lotus. This link discusses a number of anti-spam tools for Lotus Notes/Domino:
LVL 34

Expert Comment

ID: 11944606
Another possibility is that someone is dictionary-spamming your SMTP gateway. They just sit there and send E-Mail to:

and so forth. If you have common E-Mail addresses, this would explain why people are getting SPAM even tho they never use their work E-Mail on websites.

Also, if you allow the SMTP VRFY or EXPN commands on your SMTP gateway, spammers may cull working addresses that way.

Several ideas:

1) Enable RBLs and other anti-spam measures, assuming the Lotus Notes SMTP gateway has these features.

2) You could interpose a sendmail relay between the 'Net and your Lotus environment. This relay would be configured with RBLs and other anti-SPAM settings and would buffer your Lotus environment.
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users


Expert Comment

ID: 11948137
PsiCop is most likely right.  I run a email server that serves a few hundred users and i have a simular problem.  Also I get many to webmaster@, root@, guest@.  This highly suggest that it is to do with pre-knowledge or dictionary attacks.  Also there is a posibility that there is a worm on your user's machine that is harvesting their email.  A few worms are known to remember their victum's email and then spoof them as it re-sends itself to others as attachments.

The spam tagging software I use is:

It is very powerful and catchs about 95%+ of spam after some tweeks.

LVL 34

Expert Comment

ID: 11949058
One of the anti-SPAM tricks in modern sendmail is that you can throttle a connection after X number of bad recipients. So if someone connects and starts throwing random names at your server, the server, after a given number of random names (you can set this) starts really slowing down the connection. Forces the spammer's server to wait, and wait, and wait.....

Dunno if Lotus has a similar feature.

There are other things you can do in sendmail, like limiting the number of recipients for a given envelope, etc. Not sure how many of these features can be found in Lotus. Sure as heck don't get this kind of control in Exchange.

Author Comment

ID: 11972315
Thanks guys for the comments. I have static IP addresses. I changed one my employee's static IP address. Spam activity has been reduced on his PC lil bit.
I am going to turn on the "reverse look-up" feature of lotus notes, when its on, lotus notes goes back to check  the source of the email and if it doesnt find a legitimate email source server it rejects the email.....I will see how its gonna affect users....

Big guys at my company are thinking to abandon Lotus Notes or hosting email system at the company and go for yahoo business email package.....I have to figure out what are the possible disadvantages....

Any comments?

LVL 34

Expert Comment

ID: 11973508
Yahoo! For *business* E-Mail? Are the big guys crazy?

1) Yahoo! is not going to eliminate the SPAM problem - they just aren't going to put the effort into it to do more than stem the tide somewhat.

2) Read the Terms of Service VERY carefully. I'm willing to be that even for "business" account, Yahoo! has the right to terminate or suspend service at any time, for any reason, and with little or no routes for recourse by you. Want to walk into work one morning and find your corporate accounts suspended because some spammer forged your corporate E-Mail addresses in some SPAM and Yahoo! shut you down due to all the complaints? They probably don't have any requirement to investigate in a timely manner or even turn the service back on.

3) Backups? Restoration of accidentally deleted E-mail? Does your industry have any record-retention requirements? Think a judge is going to be impressed if you can't retrieve E-Mail under subpeona?

The problem isn't Notes as an E-Mail system. You do have an issue in that it apparently lacks the granularity and anti-SPAM defenses of other modern E-Mail systems (GroupWise v6.5, implements RBL, white-listing, and junk mail identification. You don't specify the VERSION of Notes you're running, so its hard to say why it lacks these feature - might be an old version.

For very little cost, you could interpose a sendmail relay between Lotus and the Internet. Get an older 400 or 500 MHz CPU box with 256 MB of RAM and 8 or 10 GB of disk, install Solaris X86, or some Linux variant, add sendmail, and configure as a mail relay (at least for inbound E-Mail), and add the 5 free RBLs to the config. You'll have probably an immediate 70% drop in SPAM. Add open-source tools like MIMEdefang and SPAM-Assassin (the later is an Apache Software Foundation project) and you can get that darn close to 100% SPAM elimination with few false-positives.

Author Comment

ID: 11973744
You have mentioned some very interesting points about Yahoo Business email...I will do some more search on that....

Btw, we are using Lotus Notes 4.6, i know its an old junk and thats why i recommended to upgrade it to the latest version or go for Microsoft Exchange.

I will think about your sendemail relay suggestion.


Author Comment

ID: 11973828
Also can you give me some links on  creating sendmail relay for lotus notes...I mean howto kind of links...

LVL 34

Accepted Solution

PsiCop earned 125 total points
ID: 11973974
Exchange is THE most-expensive E-Mail system on the planet, in terms of cost per mailbox per month (Source: Gartner Group E-Mail System TCO comparison study). Unless you like pouring money down ratholes and having an E-Mail system any 16-year-old twerp in Germany can bring to its knees, I'd think outside of the box and look at other systems that cost a lot less and deliver the same (or better) services.

OpenExchange -->

GroupWise v6.5 -->
(Note: They probably offer discounts for competitive upgrades)

NetMail -->

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses
Course of the Month10 days, 1 hour left to enroll

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question