Anti-Spam help!

Here is the set up:
Gateway server – Win 2003 – ISA 2004 – Trend Interscan Messaging and security
Front end Exchange server – Win 2003 – Ex 2003 Trend scan mail
Back end Exchange server – Win 2003 – Ex 2003 Trend scan mail

All Internet email is relayed through Gateway Server a dedicated, secure server running Trend Interscan Messaging Security Suite to ensure that email is filtered for viruses and SPAM and to isolate the email infrastructure from inappropriate access.
The email infrastructure has been divided into multiple Routing Groups, covering the major physical sites. This has been done to minimise bandwidth usage between the locations. Routing Group Connectors have been configured in a full mesh topology with Australia as the main gateway for external mail.
We are stopping 10,000 plus spam emails a day but many are still getting through.
Here are the questions:
Would Exchange IMF improve my spam results?
How easy would it be to set up?
Or Should I be looking elsewhere for an anti-spam solution?

Who is Participating?
Nilesh RoySenior Manager - Technology ManagementCommented:
Since you are already using Trendmicro IMSS, i am suggesting teh following.

Trend Micro in itself has a good anti-spam solution.
I have given below a 3-layer approach.
Please check out if you are using this at your end.

Trend Micro - Optimal Spam Protection
1)      Network Reputation Services
integrate with Trend Micro’s messaging gateway security solution
2)      InterScan™ Messaging Security Suite
3)      Spam Prevention Solution
For a 3-in-1 defense against viruses, spam, phishing, and mixed threat attacks.

By reducing spam’s impact on the gateway, reputation services allow messaging security to run at optimal efficiency.

Trend Micro Network Reputation Services

Trend Micro Network Anti-Spam Service combines the services of RBL+ (Trend Micro RBL+ Service verifies the IP addresses against a comprehensive reputation database before spam can be delivered) with dynamic real-time spam blocking, ideal for botnet and zombie attacks.

Trend Micro Spam Prevention Solution
Advanced Anti-Spam Security for the Messaging Gateway
Spam Prevention Solution offers a comprehensive approach to blocking spam and phishing. Trend Micro Network Reputation Services provides the initial layer of protection by stopping most of these threats at the connection layer before they even reach the gateway. The robust composite engine provides the second layer of protection by filtering spam and phishing emails at the gateway. This combined approach provides powerful cross-analysis, preventing spam and phishing emails from entering your network.

Spam Prevention Solution can be purchased alone or can be seamlessly integrated with InterScan™ Messaging Security Suite to combine high-performance spam and phishing protection with leading antivirus and content filtering in a single platform at the Internet messaging gateway

Key Features
·         Advanced Management Tools
·         Anti-Phishing Security
·         Anti-Spam Composite Engine
·         Comprehensive Messaging Security
·         Network Reputation Services

Nilesh Roy.
Pushpakumara MahagamageVPCommented:
boomerbostockAuthor Commented:
I hadn't - I've had a quick look and I'll check out in detail later.
R U Using it?
Pushpakumara MahagamageVPCommented:
i'm not using it yet. Microsoft person introduce it at their Etched session and recommended it to exchange server
But i think it's running on separate license 

In my experience the anti virus vendors anti spam solutions are weak.
Microsoft Antigen is an AV solution, previous known as Sybari Antigen. As AV it is top notch. Whether it is any good at anti spam, I haven't heard as yet. It is separate product and needs to be licenced separately. Therefore you already have the investment in Trend then you may not want to purchase another AV product.

I always recommend that people start with the built in tools, even on sites where they have another product. It does no harm to have more products scanning the inbound email. Only drop tools if you find that it is triggering more false positives.

You will never block all spam, some will get through. That is something that you have to live with. If you get to a position where no spam is getting through then you will probably find that legitimate messages are being caught as well. It is a matter of balance.

Something you might want to look at, which I have had particular success with, is greylisting. As long as you aren't in a time sensitive business, where even a 45 second delay to email is too long, they it can be very effective. A number of products now offer that feature, but I use Vamsoft ORF as it is priced per server making it very cheap to run on a gateway machine. The product does have other features, such as RBL support, but I don't use it for that - just greylisting.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.