Solved

Receive many anonymos mails with attachements .zip

Posted on 2016-09-22
6
50 Views
Last Modified: 2016-09-23
Hi,

I have a mailbox (Exchange 2013) receive always many anonymos emails with zip attachements, of course i guess it's malisious mails how can i block the flow of this emails
I enabled and configured the native anti-spam and the mailware protection on Exchange but my problem not resolved
Example of mail:

Earl <Earl.eddington5@cornishcastle.co.uk>
mer. 21/09/2016 15:54
À :
******;
 1 pièce jointe
_23806_361456.zip

Your message is ready to be sent with the following file or link
attachments:

  _23806_361456

Note: To protect against computer viruses, e-mail programs may prevent
sending or receiving certain types of file attachments.  Check your e-mail
security settings to determine how attachments are handled.
0
Comment
Question by:Mohamed Amine LIMAME
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 19

Expert Comment

by:*** Hopeleonie ***
ID: 41810227
Which Anti-spam solution do you use?
0
 
LVL 28

Accepted Solution

by:
Dr. Klahn earned 500 total points
ID: 41810231
If your SMTP receiver is not already doing this, consider add blocking using the active spam blocking lists.  This should cut the size of the problem down significantly, possibly to a level where it can be handled by the unfortunate recipients.

Using the following four lists, the amount of spam getting through has fallen by 90% on my server.

  • zen.spamhaus.org
  • bl.spamcop.net
  • cbl.abuseat.org
  • dnsbl-1.uceprotect.net

Blocking all email containing ZIP file attachments is certainly possible, but it cripples anyone who wants to send a compressed attachment.
0
 
LVL 19

Expert Comment

by:*** Hopeleonie ***
ID: 41810236
We use Barracuda to block our Spam. It has reduced 99% of our Spam. The MS inbuilt solution was not enough for us.
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:Mohamed Amine LIMAME
ID: 41810547
@Dr. Klahn

I configured the:

zen.spamhaus.org
bl.spamcop.net

but problem not solved
0
 
LVL 28

Expert Comment

by:Dr. Klahn
ID: 41810564
Does the mail receiver's log show emails being refused as spam?  If not, add uceprotect.net.   That will certainly cause some incoming email to be rejected.  If it does not, then it is possible the blocks are not actually active.

Also check the full header expansion of several of the spams to see where the routing shows it came from.  Note that this can be deceptive as much spam tries to obfuscate the actual source.  If (for example) the routing shows that it is emanating from within your network, then it is might be bypassing all filters; in that case, find the infected machine(s) and shut them down.
0
 

Author Comment

by:Mohamed Amine LIMAME
ID: 41810793
I configured the:
Connection Filtering Agent in FrontEND

http://clintboessen.blogspot.com/2014/05/rbl-providers-and-exchange-2013.html

and i configured also the IPBlockListProvider:

zen.spamhaus.org
bl.spamcop.net
cbl.abuseat.org
dnsbl-1.uceprotect.net

problem almost solved  90% but i continue to receive some a few mails
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Mailbox Overload?
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question