[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x

AntiSpam

Various techniques are used to prevent email spam (unsolicited bulk email). No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email (false positives) vs. not rejecting all spam (false negatives) - and the associated costs in time and effort. Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by email administrators, those that can be automated by email senders and those employed by researchers and law enforcement officials.

Share tech news, updates, or what's on your mind.

Sign up to Post

WordPress site getting SPAMMED, not sure how to stop it.

My website, FortressHarvard.com

has a Download button, and when you fill your Name and Email, then click the button, you get an email with the URL to my book's Preface and Chapter 1. Also, I get an email to my "info@" email's inbox with the name and email of the person requesting the downloading.

I am getting spammed there, by some sort of robot, and do not know how to stop it.

This started yesterday morning, and continued every few minutes, non-stop. I even added a CAPTA requirements this morning, but that had no impact.

How do I stop this SPAM?

Thanks
0
Starting with Angular 5
LVL 12
Starting with Angular 5

Learn the essential features and functions of the popular JavaScript framework for building mobile, desktop and web applications.

Hi,
I have a problem with some exchange servers 2010.
I have an external anti spam filter (online) to point my MX Record.

When an email come to the antispam filter. Every mail was tagged [spam] in the object email but it's the exchange server who tagg [spam] not our antispam filter.
If I disable all option's antispam in exchange manager.. I have always [spam] in object..
But if I point my MX directly to my exchange server, the mail come correctly to the mailbox without [spam].

Some people have an idea to resolve this problem.

For informations all work fine before last week.

Many thanks.
0
Error from web server 471 - License Invalid : unable to GET: https://aztec.brightmail.com/rules5/dayzero.vcdiff/4/latest.

Symantec Brightmail Gateway v10.6.3-2

I notice the spam definition is not up to date. 17840 days ago.

how can i fix this ?
0
Hi,
What's the best anti-spam-virus cloud filtering service that one can use before email arrive to my internal Exchange Service?
I use to use MXLogic which was bought by McAfee which discontinued the service and I moved to ZeroSpam which is not that good.
I have been told ProofPoint is really good but couldn't find any reviews or gatner,
tx!
0
We have 3 apps that a user runs on his computer every other day: 'SUPERAntiSpyware', 'Spy-Bot Search and Destroy' and 'Comodo Antivirus'.  The user runs the 3 apps at that same time whenever cleaning up is desired.  The user would leave theses tools running overnight.

The app 'Comodo Antivirus' never finds a virus.  The apps 'SUPERAntiSpyware' and 'Spy-Bot Search and Destroy' always finds spyware.  In  the morning the user would first click 'SUPERAntiSpyware' to delete or isolate the threats reported and then do the same to 'Spy-Bot Search and Destroy'.  Finally restart the computer.   Note, prior running the apps, the user would run cCleaner to cleanup any junk in his drive.

To-Date, there is no problem we have identified and all seems to be ok.  Our question is more directed to know EE opinion on:

  • Why 'SUPERAntiSpyware' and 'Spy-Bot Search and Destroy' display different results?
(Spy-bot would show registry entries and superantispyware would show files)
  • Any negative effect by running these 3 apps simultaneously?
  • Finally, is it necessary to run cCleaner prior running the apps?
0
Using Exchange 2013, is there a mail to block internal user usurpated email?

More and more users are getting unwanted email like « From: "legitusername@contoso.com" realspamsender@windowslice.com »
I'm looking for rule that block mails displaying @contoso.com that aren't sent from consoto.com email adresses.

Any help woud be appreciated,
Thanks!
0
Hi , our public UP is being blacklisted by CBL.

Reason given: This IP is infected (or NATting for a computer that is infected) with an botnet that is emitting email spam. The infection is probably sendsafe.

I'm assuming that one o the 25 or so computers in my network is infected.

Question: Is there a way usnijg the Sonicwall to determine in a machine is acting as an SMTP server and sending out spam email?

My SonicWall is a new model NSA 2600 with updated SonicOC
0
Here's the good news about the user - they are 89 years old, and receive and send email and texts on their iPad and iPhone.

They are having problems with AOL/Yahoo email

The issue is that they cannot receive email from their son, because for some reason, their son's company domain is on some sort of blacklist.  The company uses Outlook 365 and some sort of mail authenticator  mime cast.com

AOL doesn't have a whitelist option yet.
They have identified the messages as being not spam in the Junk box, but that doesn't stop the mail from going into the junk folder.

It is too much to ask an 89 year old person who has mastered email on devices to change their email address.
I have instructed them to check their junk box as regularly as they check their inbox.

It would be nice if there was a way to get the AOL/Yahoo filtering system to allow mail from the company domain.

I have attached a header from a message that was sent to junk, if that is of any help.

MXtoolbox has analyzed and found messages to be on a blacklist
MX Toolbox report


Thanks.

-------------------------

X-Apparently-To: jwb@aol.com; Wed, 24 Oct 2018 19:01:52 +0000
Return-Path: <john@pxxxxxxp.com>
X-YahooFilteredBulk: 63.128.21.182
Received-SPF: pass (domain of pxxxxxxp.com designates 63.128.21.182 as permitted sender)
X-YMailISG: RD0lkWgWLDt9Eokj4OV7S0B0GjdN9EXqXiK_FGw9i6AP6Su3
 SoPLLyRX6Gstjx7xgDzW.hDYmw7WDObZs1yGDcCgTZPU.0RpAY8d5LC1ve8K
 …
0
Key VP of Sales is receiving large amounts of Junk Email. Company owners want his email filtered out. What can an IT guy do? We have a standard hosted email like everyone else. Do I have to get EXchange Server? I don't even know if there is any advantage to that, Exchange Server does not have any advanced features for filtering??

Once of the owners asked me "Do we need to hire someone to go through the VP's email every day to manually go through every email?"

Is he right? CDW told me about Trend Micro, but i dont know if this is the solution. Actually it does not appear a solution exists except to hire someone, is this really the case??
0
I get a lot of spam, and sometimes cannot unsusbcribe, especially if the website asks me to put in the email address I wish to unsubscribe and does not do it automatically from the link. This is because I have maybe 50+ aliases set up over the years, which I have and still need to keep.
I use Office365 and Outlook 2016 as the client.
How can I determine which of my email address alias a message was sent to when I receive it. I don’t just wish to know I received an email sent to Any alias. I want to know which one of my aliases people used. For instance I wish to know if it was sent to office@ or accounts@ etc. But I can never know... Outlook does not tell you. From what I read, a possible solution is to create a rule in outlook to sort mail, but that means to to create 50 rules, and 50 inboxes and do new rules and new alias inboxes every time I add an alias is a headache.
Is there any way to know which of my aliases were used? Any third party software even or plugin? It’s stupid that Outlook only shows my main email name in the sent to field, Even when an actual alias that was used. Maybe I’m missing something?
Please help.
Thanks.
0
Defend Against the Q2 Top Security Threats
Defend Against the Q2 Top Security Threats

Were you aware that overall malware worldwide was down a surprising 42% from Q1'18? Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that analyzes the top threat trends impacting companies worldwide. Learn more by viewing our on-demand webinar today!

Hello, we use Exchange 2016 in house - we are looking for a 3rd party spam solution, what do you recommend?
0
Hi all,

we facing a DUHL SORBS problem, customer moves to tele2 fiber, changed IP and DNS and suddenly 20% of the sent mails are blocked by DUHL SORBS.
We try now for 3 months to figure out what is wrong, Tele2 won't help at all.
same settings works fine for 5 years on a VDSL line, so it's very unclear why this is happens.

situation:
sbs2008 server receives mail via spamexperts spamfilter so the MX points to them. lb.mailscanner.nxs.nl and fallback2.mx.nxs.nl

we have spf in place v=spf1 a a:relay.indetel.net a:_spf.ibvision.nl
where a:relay.indetel.net is the tele2 mailproxy we use this at the moment to avoid mail delivery problems, but some outgoing mails still fail
where a:_spf.ibvision.nl is the webshop supplier.

PTR is in place and outlook.marindex.nl point to the customers sbs2008 server.

When I tried to delist with SORBS is says that the whole IP block is listed and that only the ISP that owns the IP block can delist is.
When i login by SORBS i found this:

End users may submit change requests if suitable rDNS is in place.

NOTE to end users: "Suitable rDNS" means there should be a PTR record that points to a hostname that is listed in your MX record, and the MX record should refer to a hostname that resolves to the same IP address.  If it does not we CANNOT delist you!  For further information, including details on "Suitable rDNS"

any help will be preciated.


Best regards,

Victor Esselman.
0
This article describes the Email relay concepts and the possible road blocks and solutions to certain email security scenarios.
1
Dear
i need to remove my mail server IP from spa list as attached 2018-10-14_103952.jpgpam
2018-10-14_103952.jpg
0
We have multiple customers with on-prem Exchange servers interested in adding cloud antispam to their arsenal, but we’re facing a ‘tyranny of choice’ situation where we’re not sure which service to recommend, because they all look pretty good.

What’s your preferred cloud antispam/AV service, and why?  Conversely, is there a service you had bad experiences with, or otherwise avoid—if so, why?  We’ve been looking at Barracuda, Mimecast, and the Email Laundry, but we’re certainly open to other options too.

The solution needs to provide inbound & outbound antispam filtering with a quarantine feature, antivirus scanning, DKIM/SPF/DMARC support, attachment sandboxing, link following, etc.  No cloud archive is needed.  We’re a small shop, so access to a competent support team is also a must, preferably one based in the US or Europe.

Unfortunately, O365 is not an option for these customers—we have to stay onprem, so this product must support onprem Exchange.

Thanks, everyone!
0
We are on Office 365 . Lately, we we are getting emails from our CEO going to random people in our company on the same domain , but emails are not from him . They normally ask re recipients a response “ are you available today ? “
We know it’s not from him be use when we go in and look at the email address it’s not him . It just has his name . We do have spf records in place .
0
Hi,

I have a user who send email with url to more then 100 000 recipients. The 365 ATP Safe Link block its.

I know I can create an exception rule but the real root cause is still there because the other mail servers proctection (others mailfilter) will might block it too. My question is how can I know what is consider as malicious in the email fromat that we sent. Like that I can explain to user to not add this or do that.

Thanks
0
Hello,
My client IPs has blacklisted only at Sorbs
Sorbs website – „Site Down for Maintainance“
http://www.sorbs.net
Im waiting for Sorbs website to find out reason and to delist IP but in the meantime what can I do to find source of the problem.
Any advice?
Maybe it is false positive?
http://forums.gfi.com/dnsblsorbsnet-has-alot-of-false-positives-m900742006.aspx
0
From security reporting & analysis, I'll need to access our
Exchange Online (think it's ver 2016) to view

a) Spam, phishing, blocked emails
b) the blocking policies (whitelisting, greylisting, blacklisting) in place
c) DKIM, SPF, DMARC settings

I'm completely newbie to MS Exchange: can let me know screen by
screen (or step by step) where to view this after being granted
access to Exchange Online?

We did not get 3rd party email filtering tools (like Proofpoint),
just purely what's offered by O365
0
Redefine Your Security with AI & Machine Learning
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

We have an office 365 tenant with about 20 some users, we have been receiving a lot of spam though our domain, among other things we recently setup and turned on DKIM. Since that time we did receive spam but interestingly we received phishing emails from the same domain name that we believed DKIM would block.
Do you know of any way to verify if DKim is working?
0
My friend is using a service called SpamArrest to manage his unruly inbox. Any new senders will receive an email back from the server asking they pass a "capcha" type non-robot test. After that, they're whitelisted and may email freely.

He's moved to Office 365 and SpamArrest isn't compatible.

The goal is a robust email whitelisting cloud service that will work with O365 Exchange and Outlook Desktop Client. Do you know of a product that can meet this need?

Thank you,

John
0
Hi, im deploying Barracuda Cloud Spam, we have Exchange 2016 in house, i believe i have to allow certain IPs from Barracuda, where would i make this change?
0
Tough spam problem can't seem to isolate. Out of 20 users only one affected. Spam is not going through the spam filter incoming or outgoing. Has to be something on a local device infusing the spam into the users inbox. Nothing in sent either. Have removed the computer they work from in the office, disabled the NIC. Ran a malware scan on they're laptop and the ccleaner bug was found, see below for details regarding the CCleaner incident.

CCleaner v5.33 and CCleaner Cloud v1.07 Security Notification. Not sure if this is related.

Haven't run a scan on the users phone doing so now.

The bug is the same one identified here.
0
My  Outlook email is bouncing due to spam filter and it looks like it is coming from C:\Program Files (x86)\Microsoft Office\root\Office16  Any idea how to resolve this?
0
This utility will help to identify the hash value of the application, which will help to protect computers from the various attacks.
0
LVL 36

Expert Comment

by:Terry Woods
Comment Utility
It's worth noting, for those who aren't aware, that MD5 is a broken algorithm for security use. If there is a stronger alternative algorithm available to be used, it would be a good idea to use it.

Further reading:
https://www.zdnet.com/article/ssl-broken-hackers-create-rogue-ca-certificate-using-md5-collisions/
https://blog.avira.com/md5-the-broken-algorithm/
0

AntiSpam

Various techniques are used to prevent email spam (unsolicited bulk email). No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email (false positives) vs. not rejecting all spam (false negatives) - and the associated costs in time and effort. Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by email administrators, those that can be automated by email senders and those employed by researchers and law enforcement officials.