Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 537
  • Last Modified:

spam protection using DNS blackhole lists

Hi!

We are getting an every increasing amount of SPAM.
We are using the below listed DNS blackhole lists.
Are we missing any major ones or are these no longer working?
Is there a better way using Plesk?

bl.spamcop.net;sbl.spamhaus.org;zen.spamhaus.org;dnsbl.ahbl.org;dnsbl.njabl.org

TIA
0
TrueBlue
Asked:
TrueBlue
  • 3
  • 3
  • 2
  • +1
3 Solutions
 
PapertripCommented:
You have plenty of RBL's listed, so you are fine on that.

You should setup SPF and DKIM checks for incoming mails.  Those 2 features combined with the RBL's will make a world of difference.
0
 
TrueBlueAuthor Commented:
I have SPF and DKIM setup, but I keep getting emails from my email address to my email address.
Any ideas?
0
 
PapertripCommented:
Show me the headers from one of those mails.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
SteveCommented:
set an spf record up for your own domain and make sure your own e-mail server can resolve it (depending on whether you use external or internal DNS for your own domain)

If your own company has a valid SPF record that your emmail server can see, and your junkmail settings have an SPF check included, your system should see that these emails from your own company, didnt come from an ip listed on your SPF.

Voila! junkmail!
0
 
vishalvasuCommented:
What mail server are you using? some of the mail servers like SmarterMail provide the facility of GreyListing which will not allow the email to pass through unless the originating IP is in the whitelist database of the mail server. Spammers do not care for a second try while a legitimate mail server will and so the email would be accepted. I've seen lot of SPAM being controlled that way.
0
 
TrueBlueAuthor Commented:
Mail Server is Mailenable standard 4.26
0
 
SteveCommented:
Assuming everything is junk is a very dangerous plan and is likely to result in genuine messages getting caught up.
Using your own spf record is the accepted way of catching fake messages to yourself.
0
 
TrueBlueAuthor Commented:
Here is the Email Header for a typical spam.
We already have a SPF record setup, but we still get spam.

Received: from localhost ([xxx.xxx.xxx.xxx]) by hostingcompany.net with MailEnable ESMTP; Sun, 9 Oct 2011 21:22:27 -0400
Content-Return: allowed
X-Mailer: CME-V6.5.4.3; MSN
Return-Path: <techserv@domain.com>
Message-ID: <$MESSAGE_ID>
From: Rolex.com <techserv@domain.com>
To: <techserv@domain.com>
Subject: [Norton AntiSpam]techserv@domain.com Rolex For You Now -47%
MIME-Version: 1.0
Content-type: text/html; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Brightmail-Tracker: AAAACBbV9xkE3pV2AOvVNBkkH5MZJB6JGSQeqBkkHfgZJCtX

0
 
SteveCommented:
If you are getting spurious email that appear to b from your own doman, your spf isnt working correctly.
Check the spf record and that the main server can see it ok.
Check the spf settings in your mail software to confirm what action is taken if the spf check fails.

Spf is designed to identify exactly this kinda stuff!
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now