Hi Experts, AFAIK there are 3 ways to anti-spam to an Exchange 2016 environment: SPF, DKIM and DMARC

I can configured SPF record on domain control panel but not sure about the 2 others, does anyone have experience with them? Can we configure them on Exchange mailbox server, or public DNS of ISP?

Many thanks in advance,

Hi All,

Can anyone here please let me know what do I need to do in order to successfully cutting over the Anti Spam solution from onPremise Linux VM into the Cloud Solution with no data loss or user email flow interruptions?

As at the moment on my Exchange 2013, the Send Connector Smarthosts listing the local IP address for the 2x Linux VMs.

Do I just change it to the Public IP address of the Cloud Anti-Spam provider ?

Note: My Public DNS server is running on my On-premise Windows Server 2008 R2 VMs.

Thanks,

Hi

I have a setup with SpamAssassin, postfix, dovecot and a few other components.
I've set up user_preferences, so they are now loaded from mysql db using the user_scores_dsn etc. settings.

I have created a table in mysql for local Rules (header, body etc) and included them in the user-preferences lookup.
However - I cannot get them to work.

I have added the allow_user_rules and set it to 1.

This is my database connection settings:

allow_user_rules 1
user_scores_dsn                  DBI:mysql:mail:db-server:3306
user_scores_sql_password         <left out>
user_scores_sql_username         mail
user_scores_sql_custom_query     SELECT preference, value FROM spamassassin WHERE username = '$GLOBAL' OR username = CONCAT('%',_DOMAIN_) OR username = _USERNAME_ ORDER BY username ASC, priority asc

Select all Open in new window

this query returns something like this:
Preference column:

• use_bayes
• bayes_auto_learn
• blacklist_from
• header LOCAL_H_FORBIDDEN_WORDS_SUBJ_SEX
• score LOCAL_H_FORBIDDEN_WORDS_SUBJ_SEX
• describe LOCAL_H_FORBIDDEN_WORDS_SUBJ_SEX

with corresponding values in the value column:

• 1
• 1
• *@bejoqq.org
• Subject =~ /sex/i
• 4
• Bad Word

Is there anyway to have all my rules stored in my database?
It's much easier to maintain her accross multiple servers etc.

A client's email can't reach our server due to SPF record check.
xxx.com does not designate permitted sender hosts

The client's SPF is

v=spf1 a:research.tenxxx.com include:spf.protection.outlook.com include:spf.zixxx.com, include:servers.mxx.net -all

Is there some wrong for the record ?

Thx

Hello ,

I imagine that if there is a transparent anti spam server works like in a topology as this :

------------->   SERVER BOX ---------------->  Switch ----------------> Hosting / Mail ...etc. servers.

I want to know if there is a software that works without creating config for each domain / mailbox will handle the mails and send to the servers if they are not spam

We have 2 Exchange Servers 2010 SP3. One is installed on Windows Server 2008 R2 and other is installed on Windows Server 2012 R2. I have enabled Antispam settings on hub transport on both exchange servers, all settings are enabled. We don't have edge transport server.
Users are getting spam emails with some particular contents in emails. As CEO asked me to create a rule so that emails with those contents or subject should be filtered out and blocked. So,  i added that phrases from spam email into content filtering properties under "Block messages containing these word or phrases" and enabled Delete messages (SCL Rating >= 8), Reject Messages (SCL Rating >= 7), Quarantine messages (SCL rating >=6). Also defined Quarantine  Mailbox Email. Then i send a message with same contents (which i added in block messages) in email from my gmail in order to test but the message was not blocked and i received the message in my corporate email. It was supposed to be blocked but it didn't.
Antispam.JPG

Earlier today I got rid of the search.yahoo.com redirect. I ran avast smartscan and malwarebytes, and I've rebooted. It's only on Google Chrome, and there are no extra extensions installed. Any ideas? Thanks.

we have very recently switched from a barracuda antispam appliance to using exchange online protection. we are a hybrid config with no mailboxes yet migrated to on-line.
I'm having an issue trying to get the spam scoring to "work". i.e. I get messages with the scl set to 6 in the header but they are not going to the junk folder as desired. we have had 2 microsoft tickets on the topic.
first thing, after reading an online article, we added 2 transport rules to our on-prem that are supposed to take anything with an scl of 6 and move it there. then Microsoft told my boss to turned off the users ability to set junk filter properties and have it set to disable.
second, today they told me it wont ever deliver them to the junk folder so I have set it to quarantine, which we really don't want unless its the only option.

surely there has to be a way to have the junk folder work... I'm attaching a screenshot of the automation advice when I opened todays ticket and had the message analyzed in case it helps.
automation.png

Hello Everyone,

Recent days we are witnessing lot of spoof emails coming into our organization. Attackers used to change 'display name' of the sender so that it look like valid email address. But when analyzing the headers it clearly shows its coming form private domains. Is there any way to block this behavior in Exchange 2013?

Thanks in advance

Hi

We are looking for a email filtering solution and have been speaking to mimecast and proofpoint (enterprise version with TAP). Having had sales style demos both products look very similar so wanted so real world guidance.
We currently have 365 for email with EOP and it is doing a very poor job of filter spam, virus attachments and protecting against targeted phishing (fake CEO)

User was tricked at home, he took the whole bait and hook, paid $ to a fake Microsoft person and allowed them on his computer. Anyway after running some tools and removing malicious malware he still has on his desktop a fake phone number that shows on his Task bar area. This is a Vista O.S. how do I remove?
I will be reformatting the computer in a  couple week.

We have a Barracuda spam/Firewall 300 here that's got about 30,000 blocked/deferred messages in the outbound queue that I need to get deleted. I can't even bring up the outbound queue in queue management. I spent over an hour with Support and they cant connect with the guy couldn't figure out how to connect with it....that's a different issue. How can I clear these out? Its killing our mail throughput?? I know its got SSH but I can't connect to it. I'm not local to the system but I've got full admin rights. I cant even pull the export out of it.