Preventing Spam on Exchange 2003 Server and keeping our pulic IP address and domain off of "Black lists'?

How do I prevent (or keep to a minimum) Spam on our Exchange 2003 Server while keeping our pulic IP address and domain off of "Black lists'? Both (enormous amounts of Spam and our External Exchange server is on some "Black lists" and being bounced by some email sites "AOL is the big one") are currently slowing down our business. I have already seen some of the other suggestions made by yourself and others. One is I turned on filtering and set up a “tar pit”. I apparently need more because it is only slowing SPAM down. Can you offer some  additional solutions?
Who is Participating?
SembeeConnect With a Mentor Commented:
You only get on blacklists if you are sending spam. If your server has been secured correctly then you don't send spam.
The other type of blacklists are those that list dynamic IP address ranges - which is what catches most people out with AOL.

Ensure that you have set recipient filtering and the tar pit correctly on the server.
Ensure that you have secured authenticated relaying. If you don't need authenticated relaying, turn it off.
Make sure that your DNS is setup correctly, with the correct banner, forward and reverse DNS records.

Hypercat (Deb)Connect With a Mentor Commented:
This is one of those questions experts love to answer - and you'll probably get as many different answers as there are experts that take the time to post.  First, make sure your server is not an open relay and get yourself de-listed from any anti-spam lists you can.  This is not always as easy as it sounds, but it's the first important step - to make sure you are not being used by spammers to make the overall problem worse.

Second, you need to get a 3rd party anti-spam application or sign up with an external spam filtering service.  Personally, I prefer a 3rd party application because I have greater control over where and how it's implemented.  OTOH, others I've talked to say they prefer the spam filtering services for exactly the same reason - they DON'T have to bother with configuring and managing the application itself.  So, if you're just a little bit of a control freak like me, you'll probably like the 3rd party approach, and if you'd rather not be bothered, go for the external service.

As to specifics, I've used both Nemx and GFI Mail Essentials - being a Windows-only shop.  I think these are the best two for that environment.  Right now, we've switched almost completely to GFI Mail Essentials because their Bayesian filtering has allowed us to cut down the amount of spam getting to our clients' mailboxes by about 98%.  It takes a little careful configuration and a little time for the Bayesian filters to train themselves, but overall I think it work great.

As to external services, I've heard a lot of good things about Postini, but as I said, I don't have any personal experience with these.

Hope this helps!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.