I need some advice on fine tuning exchange security features. I have started receiving a lot of Spam directed at genuine mail addresses (Gets stopped by IMF, but worrying all the same!)
I set up the following last year:
IMF (Set to Archive)
Recipient Filtering (Filter recipients who are not in the directory)
Connection Filtering (DSBL Blacklist)
Sender Filter (Filter messages with a blank sender)
Tar Pit (Set to 10 Seconds)
I have 2 questions here:
1. I don't want to have lots of archive junkmail from the IMF bulding up in a folder. What are the implications of setting the IMF to reject? What is the best practice for this setting?
2. Tar Pit - after an increase in legitimate email addresses receiving spam I'm worried that my tar pit setting isn't set high enough. Again what is the best practice for the tar pit setting, and what are the implications of setting it any higher?