hinet.net spamming domain

Hi Guys,

One of these days i will give you any easy question. Client has been hit by mega spammer (no4 in the world) hinet.net. Getting hit with 350,000+ messages using multiple ips and domains. Theres no way to stop them as i have heard they use hundreds of ips and domains so we cant block. Looked through google for answer but everyone stops short of a solution. Any help appreciated.

With Thanks
DATA99Asked:
Who is Participating?
 
carlmdCommented:
If you want to stop unauthorized sites from sending email using your domain, then set up SPF records for the client and also possibly DMARC records. Both of these allow a recipient to check and see if the sending ip address matches the one(s) you said are authorized to send mail for your domain.

http://www.openspf.org/

http://dmarc.org/overview.html
0
 
grahamnonweilerCommented:
Depends on the way your client has their mail server set-up, but it sounds as if your client's mail server is straight on to the Inet.

The only really effective way to counter this type of spam level is by placing your client's mail services behind an Email Filtering Gateway service. Either a 3rd party subscription service (MessageLabs for instance, plus ourselves!) or something you set-up yourself.

This is different from simply employing anti-spam techniques at the mail server level which are not really that effective.

An external Gateway will apply mulitple filters on the incoming traffic and only pass on what is considered genuine, normally with 97% to 99% accuracy level, messages to the mail server. Typically this type of service is priced per account.

If you are tying to do it yourself you will still need to deploy a number of filters on the inoming traffic. Some of these are free, like RDNS blacklist lookups to Spamhaus and  SpamCop. The more effective filters however are those that rely of subscription based services like CloudMark.

If you have not already configured RDNS blacklist lookups on your client's server do so now, additionally activate some form SUBRL lookup on the actual message content. Graylisting if available on your mail server, might also help but has the knock on of you loosing out on some genuine messages.
0
 
Sudeep SharmaTechnical DesignerCommented:
Though grahamnonweiler is right on the spot however a simple answer to your question is RBL's which is ofcourse either provided by third party gateway level filtering service like MessageLabs, Goolge Apps, Postini, Microsoft FOPE etc.

If you are interested in some appliance you could try Cisco Ironport, Barracuda, SonicWall, etc.

If you could work on Linux (which is free) you could install Postfix/Sendmail, or Exim and use spamassassin/clamav with RBLs.

There are similar products which could work with your mail software, I mean with Exchange/Lotus Domino and major AV companies have products for them like McAfee, Symantec, TrendMicro, Sophos, ESet, Kaspersky.

So pick one which suits your environment and budget.
0
 
DATA99Author Commented:
good
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.