Anti-Spam help!

Posted on 2006-11-12
Last Modified: 2013-11-22
Here is the set up:
Gateway server – Win 2003 – ISA 2004 – Trend Interscan Messaging and security
Front end Exchange server – Win 2003 – Ex 2003 Trend scan mail
Back end Exchange server – Win 2003 – Ex 2003 Trend scan mail

All Internet email is relayed through Gateway Server a dedicated, secure server running Trend Interscan Messaging Security Suite to ensure that email is filtered for viruses and SPAM and to isolate the email infrastructure from inappropriate access.
The email infrastructure has been divided into multiple Routing Groups, covering the major physical sites. This has been done to minimise bandwidth usage between the locations. Routing Group Connectors have been configured in a full mesh topology with Australia as the main gateway for external mail.
We are stopping 10,000 plus spam emails a day but many are still getting through.
Here are the questions:
Would Exchange IMF improve my spam results?
How easy would it be to set up?
Or Should I be looking elsewhere for an anti-spam solution?

Question by:boomerbostock

Expert Comment

by:Pushpakumara Mahagamage
ID: 17928281

Author Comment

ID: 17928375
I hadn't - I've had a quick look and I'll check out in detail later.
R U Using it?

Expert Comment

by:Pushpakumara Mahagamage
ID: 17928472
i'm not using it yet. Microsoft person introduce it at their Etched session and recommended it to exchange server
But i think it's running on separate license 


Accepted Solution

Nilesh Roy earned 500 total points
ID: 17928756
Since you are already using Trendmicro IMSS, i am suggesting teh following.

Trend Micro in itself has a good anti-spam solution.
I have given below a 3-layer approach.
Please check out if you are using this at your end.

Trend Micro - Optimal Spam Protection
1)      Network Reputation Services
integrate with Trend Micro’s messaging gateway security solution
2)      InterScan™ Messaging Security Suite
3)      Spam Prevention Solution
For a 3-in-1 defense against viruses, spam, phishing, and mixed threat attacks.

By reducing spam’s impact on the gateway, reputation services allow messaging security to run at optimal efficiency.

Trend Micro Network Reputation Services

Trend Micro Network Anti-Spam Service combines the services of RBL+ (Trend Micro RBL+ Service verifies the IP addresses against a comprehensive reputation database before spam can be delivered) with dynamic real-time spam blocking, ideal for botnet and zombie attacks.

Trend Micro Spam Prevention Solution
Advanced Anti-Spam Security for the Messaging Gateway
Spam Prevention Solution offers a comprehensive approach to blocking spam and phishing. Trend Micro Network Reputation Services provides the initial layer of protection by stopping most of these threats at the connection layer before they even reach the gateway. The robust composite engine provides the second layer of protection by filtering spam and phishing emails at the gateway. This combined approach provides powerful cross-analysis, preventing spam and phishing emails from entering your network.

Spam Prevention Solution can be purchased alone or can be seamlessly integrated with InterScan™ Messaging Security Suite to combine high-performance spam and phishing protection with leading antivirus and content filtering in a single platform at the Internet messaging gateway

Key Features
·         Advanced Management Tools
·         Anti-Phishing Security
·         Anti-Spam Composite Engine
·         Comprehensive Messaging Security
·         Network Reputation Services

Nilesh Roy.
LVL 104

Expert Comment

ID: 17928887
In my experience the anti virus vendors anti spam solutions are weak.
Microsoft Antigen is an AV solution, previous known as Sybari Antigen. As AV it is top notch. Whether it is any good at anti spam, I haven't heard as yet. It is separate product and needs to be licenced separately. Therefore you already have the investment in Trend then you may not want to purchase another AV product.

I always recommend that people start with the built in tools, even on sites where they have another product. It does no harm to have more products scanning the inbound email. Only drop tools if you find that it is triggering more false positives.

You will never block all spam, some will get through. That is something that you have to live with. If you get to a position where no spam is getting through then you will probably find that legitimate messages are being caught as well. It is a matter of balance.

Something you might want to look at, which I have had particular success with, is greylisting. As long as you aren't in a time sensitive business, where even a 45 second delay to email is too long, they it can be very effective. A number of products now offer that feature, but I use Vamsoft ORF as it is priced per server making it very cheap to run on a gateway machine. The product does have other features, such as RBL support, but I don't use it for that - just greylisting.


Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Utilizing an array to gracefully append to a list of EmailAddresses
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question