Solved spamming domain

Posted on 2012-08-17
Last Modified: 2012-09-02
Hi Guys,

One of these days i will give you any easy question. Client has been hit by mega spammer (no4 in the world) Getting hit with 350,000+ messages using multiple ips and domains. Theres no way to stop them as i have heard they use hundreds of ips and domains so we cant block. Looked through google for answer but everyone stops short of a solution. Any help appreciated.

With Thanks
Question by:DATA99
    LVL 16

    Expert Comment

    Depends on the way your client has their mail server set-up, but it sounds as if your client's mail server is straight on to the Inet.

    The only really effective way to counter this type of spam level is by placing your client's mail services behind an Email Filtering Gateway service. Either a 3rd party subscription service (MessageLabs for instance, plus ourselves!) or something you set-up yourself.

    This is different from simply employing anti-spam techniques at the mail server level which are not really that effective.

    An external Gateway will apply mulitple filters on the incoming traffic and only pass on what is considered genuine, normally with 97% to 99% accuracy level, messages to the mail server. Typically this type of service is priced per account.

    If you are tying to do it yourself you will still need to deploy a number of filters on the inoming traffic. Some of these are free, like RDNS blacklist lookups to Spamhaus and  SpamCop. The more effective filters however are those that rely of subscription based services like CloudMark.

    If you have not already configured RDNS blacklist lookups on your client's server do so now, additionally activate some form SUBRL lookup on the actual message content. Graylisting if available on your mail server, might also help but has the knock on of you loosing out on some genuine messages.
    LVL 29

    Expert Comment

    by:Sudeep Sharma
    Though grahamnonweiler is right on the spot however a simple answer to your question is RBL's which is ofcourse either provided by third party gateway level filtering service like MessageLabs, Goolge Apps, Postini, Microsoft FOPE etc.

    If you are interested in some appliance you could try Cisco Ironport, Barracuda, SonicWall, etc.

    If you could work on Linux (which is free) you could install Postfix/Sendmail, or Exim and use spamassassin/clamav with RBLs.

    There are similar products which could work with your mail software, I mean with Exchange/Lotus Domino and major AV companies have products for them like McAfee, Symantec, TrendMicro, Sophos, ESet, Kaspersky.

    So pick one which suits your environment and budget.
    LVL 20

    Accepted Solution

    If you want to stop unauthorized sites from sending email using your domain, then set up SPF records for the client and also possibly DMARC records. Both of these allow a recipient to check and see if the sending ip address matches the one(s) you said are authorized to send mail for your domain.

    Author Closing Comment


    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Join & Write a Comment

    The Microsoft Exchange server database may become damaged or corrupted due to many reasons, such as system failure. When this happens, it is usually urgent to restore the system to a stable and working state. There are different symptoms and causes …
    New-MailboxSearch Powershell Command and step by step approach to Search and Extract Emails form Exchange 2013 Journaling server.
    Familiarize people with the process of utilizing SQL Server views from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Access…
    In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now