Solved

Anti-Spam help!

Posted on 2006-11-12
5
498 Views
Last Modified: 2013-11-22
Here is the set up:
Gateway server – Win 2003 – ISA 2004 – Trend Interscan Messaging and security
Front end Exchange server – Win 2003 – Ex 2003 Trend scan mail
Back end Exchange server – Win 2003 – Ex 2003 Trend scan mail

All Internet email is relayed through Gateway Server a dedicated, secure server running Trend Interscan Messaging Security Suite to ensure that email is filtered for viruses and SPAM and to isolate the email infrastructure from inappropriate access.
The email infrastructure has been divided into multiple Routing Groups, covering the major physical sites. This has been done to minimise bandwidth usage between the locations. Routing Group Connectors have been configured in a full mesh topology with Australia as the main gateway for external mail.
We are stopping 10,000 plus spam emails a day but many are still getting through.
Here are the questions:
Would Exchange IMF improve my spam results?
How easy would it be to set up?
Or Should I be looking elsewhere for an anti-spam solution?





0
Comment
Question by:boomerbostock
5 Comments
 
LVL 7

Expert Comment

by:Pushpakumara Mahagamage
ID: 17928281
0
 

Author Comment

by:boomerbostock
ID: 17928375
I hadn't - I've had a quick look and I'll check out in detail later.
R U Using it?
0
 
LVL 7

Expert Comment

by:Pushpakumara Mahagamage
ID: 17928472
i'm not using it yet. Microsoft person introduce it at their Etched session and recommended it to exchange server
But i think it's running on separate license

http://www.sybari.com/_Rainbow/Documents/Exchange%20Migration.pdf

pk
0
 
LVL 4

Accepted Solution

by:
Nilesh Roy earned 500 total points
ID: 17928756
Hi,
Since you are already using Trendmicro IMSS, i am suggesting teh following.


Trend Micro in itself has a good anti-spam solution.
I have given below a 3-layer approach.
Please check out if you are using this at your end.


Trend Micro - Optimal Spam Protection
1)      Network Reputation Services
integrate with Trend Micro’s messaging gateway security solution
2)      InterScan™ Messaging Security Suite
and
3)      Spam Prevention Solution
For a 3-in-1 defense against viruses, spam, phishing, and mixed threat attacks.

By reducing spam’s impact on the gateway, reputation services allow messaging security to run at optimal efficiency.


Trend Micro Network Reputation Services

Trend Micro Network Anti-Spam Service combines the services of RBL+ (Trend Micro RBL+ Service verifies the IP addresses against a comprehensive reputation database before spam can be delivered) with dynamic real-time spam blocking, ideal for botnet and zombie attacks.

Trend Micro Spam Prevention Solution
Advanced Anti-Spam Security for the Messaging Gateway
Spam Prevention Solution offers a comprehensive approach to blocking spam and phishing. Trend Micro Network Reputation Services provides the initial layer of protection by stopping most of these threats at the connection layer before they even reach the gateway. The robust composite engine provides the second layer of protection by filtering spam and phishing emails at the gateway. This combined approach provides powerful cross-analysis, preventing spam and phishing emails from entering your network.

Spam Prevention Solution can be purchased alone or can be seamlessly integrated with InterScan™ Messaging Security Suite to combine high-performance spam and phishing protection with leading antivirus and content filtering in a single platform at the Internet messaging gateway

Key Features
·         Advanced Management Tools
·         Anti-Phishing Security
·         Anti-Spam Composite Engine
·         Comprehensive Messaging Security
·         Network Reputation Services

Regards,
Nilesh Roy.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17928887
In my experience the anti virus vendors anti spam solutions are weak.
Microsoft Antigen is an AV solution, previous known as Sybari Antigen. As AV it is top notch. Whether it is any good at anti spam, I haven't heard as yet. It is separate product and needs to be licenced separately. Therefore you already have the investment in Trend then you may not want to purchase another AV product.

I always recommend that people start with the built in tools, even on sites where they have another product. It does no harm to have more products scanning the inbound email. Only drop tools if you find that it is triggering more false positives.

You will never block all spam, some will get through. That is something that you have to live with. If you get to a position where no spam is getting through then you will probably find that legitimate messages are being caught as well. It is a matter of balance.

Something you might want to look at, which I have had particular success with, is greylisting. As long as you aren't in a time sensitive business, where even a 45 second delay to email is too long, they it can be very effective. A number of products now offer that feature, but I use Vamsoft ORF as it is priced per server making it very cheap to run on a gateway machine. The product does have other features, such as RBL support, but I don't use it for that - just greylisting.

Simon.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
how to add IIS SMTP to handle application/Scanner relays into office 365.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now