Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 701
  • Last Modified:

Spam problem with exchange 2003

I am running Exchange 2003 enterprise on Windows 2003 standard server. We have Mcafee Groupshield version 6.06 with the built in spam filter.

We have recently been quite badly hit by spam from a particular domain (same message sent 1500 times per hour for the last day and a half!).

I have configured groupshield to delete this message which it seems to be doing quite successfully as no copies are finding their way through to the mailbox concerned.

Unfortunately, a copy of the email seems to getting through to exchange as the log files in my MDBDATA seem to be growing at an alarming rate. (a new 5MB file every couple of minutes). I know that these files are cleared once the backup runs but this won't be until Monday and I'm worried about my drive filling up.

Can somebody suggest any ways I can configure exchange or groupshield so these emails simply bounce and don't end up clogging up exchnage log files??


2 Solutions
The problem is that McAfee is processing the message after it has been delivered to Exchange, so Exchange writes the message to its log file. The only way to stop a message from being delivered is to filter it at the SMTP level.

How much legitimate email does this one mailbox get? If it isn't much, then you could drop the smtp address from the mailbox, then enable the feature to filter non-valid users. This filter acts at the SMTP level, so the message doesn't even get delivered.


If that isn't practical, then you could try filtering the domain with Exchange and not McAfee.
This can have mixed success.
ESM, Global Settings. Right click on "Message Delivery". Choose the Sender filtering tab and add *@domain.com to filter everything from that domain.

Ideally this is where an external machine sat between your Exchange server and the Internet comes in handy. The email would be filtered at this box and not Exchange, keeping the messages out of the database totally.

You should consider using a managed Content filtering service which removes spam at the Network perimeter rather than on your Exchange Server.

We have been using Postini with impressive results.


There competitotrs are pretty good as well.

www.messagelabs.com (Good but a little pricey)
www.Frontbridge.com (Excellent)

Another option is to consider purchasing an appliance such as Ironport or Ironmail and have them sat between Exchange and the Internet. You can a thirdparty plug-in such as Brightmail and this will keep the Spam off your Exchange servers.

metamaticAuthor Commented:
Thanks for the help guys.

Sembee's answer has solved my problem but I've given some points to Munichpostman for his suggestions about alternative solutions.

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now