AntiSpam

Various techniques are used to prevent email spam (unsolicited bulk email). No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email (false positives) vs. not rejecting all spam (false negatives) - and the associated costs in time and effort. Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by email administrators, those that can be automated by email senders and those employed by researchers and law enforcement officials.

Share tech news, updates, or what's on your mind.

Sign up to Post

we have very recently switched from a barracuda antispam appliance to using exchange online protection. we are a hybrid config with no mailboxes yet migrated to on-line.
I'm having an issue trying to get the spam scoring to "work". i.e. I get messages with the scl set to 6 in the header but they are not going to the junk folder as desired. we have had 2 microsoft tickets on the topic.
first thing, after reading an online article, we added 2 transport rules to our on-prem that are supposed to take anything with an scl of 6 and move it there. then Microsoft told my boss to turned off the users ability to set junk filter properties and have it set to disable.
second, today they told me it wont ever deliver them to the junk folder so I have set it to quarantine, which we really don't want unless its the only option.

surely there has to be a way to have the junk folder work... I'm attaching a screenshot of the automation advice when I opened todays ticket and had the message analyzed in case it helps.
automation.png
0
Need protection from advanced malware attacks?
Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

I will split points as equally as I can, this is asking for an opinion.

My website/email server hoster has recently introduced a spam filter on their servers.  This spam system has decided experts-exchange.com has started to spam me.  Apparently because the concerning information is often very similar (probably Question alert:, Help Answer:....) and because the body of the text sometimes contains unrecognisable words (possibly things like: what does for(int x=1;x<q*q;x+=3){q=foo(x);} mean).

Now comes the fun bit.
I have asked if I can white list the email address.  No, the spam filter works only with IMAP and is self learning.
I have pointed out I use POP3.  The spam filter works on all emails both POP3 and IMAP, but only learns on IMAP.

My opinion is that this filter is well meant but actually a terrible idea.  What are your opinions.
0
Hello Everyone,

Recent days we are witnessing lot of spoof emails coming into our organization. Attackers used to change 'display name' of the sender so that it look like valid email address. But when analyzing the headers it clearly shows its coming form private domains. Is there any way to block this behavior in Exchange 2013?

Thanks in advance
0
I had a spam problem about a month ago, which I fixed on my end.  I notice now that email I send to recipients at gmail are automatically being marked as spam.

My mail server is Unix - Communigate Pro running on an old PowerMac. Outbound mail goes to my SMTP server, which is a Dell SonicWall ES-3300    I changed the IP address after the spam got past the SonicWall, and put the new address into my DNS, which is hosted by DYN.com

I looked at the header of a message I sent to my gmail account.  I see something wrong with the SPF record  

X-Mlf-Uniqueid: o201708020314430029673
Arc-Seal: i=1; a=rsa-sha256; t=1501643684; cv=none; d=google.com; s=arc-20160816; b=fxKfyh5i6PzjoNNZkIMPSigH31cy4YQ3IwPn/XLlJekZPjdgLTVrCmwlzwGh2orLVN GAg7JYp8zmTIKmoj2fOo5/v5m9m+aMH16VJDa7PKxY2H5qYRt9OHehY+o6UqP95Il9lz 3/cqc1G6Fo+j3t0oCCa8H/JW4+03+o3X9nlX+ioY6gOoFGy7GtWzW4OJpxiJZUjxhtxp FgenvR03ekg/ZHQv7j3P/FIoDPhoQK/EzgofSx6a7qKwl0D4jY8YzBVvcQjfHYaJV96j porICVs9nghyv8bE7Oy34UxkqG3ZLJznTB4WqAmYzkC8Nw3duZRcC8G0B+ZXQXz1s7mi Jz0A==
X-Received: by 10.55.197.88 with SMTP id p85mr27288566qki.281.1501643684625; Tue, 01 Aug 2017 20:14:44 -0700 (PDT)
X-Mlf-Version: 8.3.2.6531
Return-Path: <prvs=138714c1e1=larry@computerlarry.com>
Arc-Authentication-Results: i=1; mx.google.com; spf=softfail (google.com: domain of transitioning prvs=138714c1e1=larry@computerlarry.com does not designate 24.89.176.52 as permitted sender) smtp.mailfrom=prvs=138714c1e1=larry@computerlarry.com
0
Hi

We are looking for a email filtering solution and have been speaking to mimecast and proofpoint (enterprise version with TAP). Having had sales style demos both products look very similar so wanted so real world guidance.
We currently have 365 for email with EOP and it is doing a very poor job of filter spam, virus attachments and protecting against targeted phishing (fake CEO)
0
"Prohibits the DOD from using software platforms developed by Kaspersky Lab due to
reports that the Moscow-based company might be vulnerable to Russian government
influence."

https://www.armed-services.senate.gov/imo/media/doc/FY18%20NDAA%20summary2.pdf

https://www.bleepingcomputer.com/news/government/senate-gets-ready-to-ban-kaspersky-products-as-fbi-interviews-companys-us-employees/

2
4
User was tricked at home, he took the whole bait and hook, paid $ to a fake Microsoft person and allowed them on his computer. Anyway after running some tools and removing malicious malware he still has on his desktop a fake phone number that shows on his Task bar area. This is a Vista O.S. how do I remove?
I will be reformatting the computer in a  couple week.
0
Hello,

I am doing some testing of spam filtering solutions. Is there a service that will just send you spam to an email address? Thanks.
0
We have a Barracuda spam/Firewall 300 here that's got about 30,000 blocked/deferred messages in the outbound queue that I need to get deleted. I can't even bring up the outbound queue in queue management. I spent over an hour with Support and they cant connect with the guy couldn't figure out how to connect with it....that's a different issue. How can I clear these out? Its killing our mail throughput?? I know its got SSH but I can't connect to it. I'm not local to the system but I've got full admin rights. I cant even pull the export out of it.
0
Free Tool: Subnet Calculator
LVL 9
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

I manage a small network (84 users) We currently have a Barracuda Email Security 300 that is getting a bit long in the tooth and is in need of replacement. So, with that said I am looking at Fortimail (Because we have a Fortigate 200D) and Barracuda Essentials for Email Security.

I do know that in terms of price that Barracuda solution is cheaper but I hate having to evaluate based on price (But that's what the higher Up's see) Has anyone used the Fortimail solution? is it more or less the same compared to the Barracuda solution? I do think both offer "sandboxing" and that is something I am interested in..
0
2
A recent post by Brian Matis motivated me to make this alternate post to see what sort of reaction others might have about these recent revelations.

A recent article on The Verge claims that "The older operating system was less vulnerable that anyone expected"

Windows XP computers were mostly immune to WannaCry

Another article from the same source claims "Windows XP was ‘insignificant,’ researchers say" with regards to helping the WannaCry outbreak spread.

"Almost all WannaCry victims were running Windows 7"

Lots of folks (from their perspective) with a genuine need to keep running on Windows XP suffered a lot of grief in Tech forums as being one of the root causes of giving WannaCry a platform to spread and thrive from, yet now it appears all the criticism may have been a little premature and unjustified.

For the record, I personally don't condone anyone using unsupported operating systems and actively encourage everyone I deal with to get themselves up to date, but I am also sympathetic to those who feel they have a genuine need to do that, so also think they shouldn't be …
0
 
LVL 29

Expert Comment

by:Thomas Zucker-Scharff
We have too many XP computers at my institution (some with only SP2) - mostly due to budgets and instrumentation.
0
 
LVL 12

Author Comment

by:Andrew Leniart
Hi Thomas,
Have you considered purchasing an XP Updates agreement with Microsoft? Might be an easier solution if budget restraints prevent you from upgrading? I wouldn't feel comfortable with a lot of XP machines in an environment as it would be a case of when, not if, it will come back to bite you.  Patches are available, just at a cost.

Incidentally, SP3 for XP is still provided by Microsoft - why not install it?

Steps to take before you install Windows XP Service Pack 3

How to obtain Windows XP Service Pack 3 (SP3)

Cheers..
0
Dear Experts,

My clients and I tried to send emails to proofpoint customers but they get deferred or delayed.

I have done a blacklist check and our IP address is not blacklisted.

Is there anyway to contact proofpoint and inform them about this and get it resolved?
0
Hello,

Looking for suggestions for the best anti-spam solution (software, not hardware)

Currently using Spamexperts, but still receive 5-8 spam messages per week, perhaps this is the best possible without blocking valid / clean messages?

I am looking for a hosted solution.

Thank you,
0
Hi,

Any good free anti virus software that i can download and install on my window 10 laptop?
any good reliable dependable ones for free. please advise
0
ScamAlert
An introduction to the wonderful sport of Scam Baiting. Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
19
 

Expert Comment

by:Andrew f
Comment Utility
Thanks Andrew. Enjoy doing this with electricity retailers already. should expand my horizons!
0
 

Expert Comment

by:Tom Crawford
Comment Utility
Thank you Andrew, hope to put  to good use and enjoyment.
Tom.
0
Hi All,

Could I ask for your recommendations please. I am having lots of problems with loads of spam at the moment on my server.  I used to run AVG on the server but still my clients had far too much spam getting through.  Can you suggest what is best.  I only have a small network of 10 clients and 1 server and limited budget.  Have been attempting to get BitDefender but their customer service is poor at the moment as I have been awaiting a call back for 2 weeks after several chase ups.

Have tried using the spam setting within my Windows setup but changing the setting makes little difference.

Many thanks
0
Hi Guys,

We recently acquired the Antispam (CASS2.0) for SonicWall TZ400.
The feature has been installed and configured, but not yet enabled.

I just need some basic understanding and information from someone re the TZ400 Antispam feature.

1.  Our mail does not currently spool via the TZ400 router, it comes via another gateway.   I gather that we have to change our MX to route mail via the TZ400 for the antispam feature to work?

2.  Once mail packets pass via the SonicWall router, will the TZ400 pick up the mail traffic from the NAT rule for port 25 automatically?

3.  We will be using the current gateway as secondary MX (fail-over).  Any other suggestions regarding the config and first hand experience?
0
Free Tool: Port Scanner
LVL 9
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

I am at wit's end with something that I cannon understand is happening.

My boss signed -up for a newsletter from a website called "fisherynation.com". This news sites send several email out per day and they will not go into my bosses Outlook 2016 Inbox but rather to the Junk-Email folder. Here are the steps I have taken:
- In Junk Email Options, set to "No Automatic Filtering"
- Added fisherynation.com domain to "Safe Senders List"
- In Outlook Web Access (OWA) under setting for "Block or Allow" is set this to: "Don't move email to my Junk Email Folder"
- In Exchange Administration, Mail Flow.. I created a "Bypass spam filtering" for the sender of the emails in question.

Noe of this works! This particular sender of email is the "one and on;y" emails to go into his Junk Email folder. nothing at all besides.

Maybe this is a bug in Outlook 2016? Any ideas anyone?

Sincerely,
Steve
0
Trying to create an send connector to first send e-mail to our spam filter service.  

Here is the configuration:
Type=Internet
Address Space:  Type=SMPT, Address=*, Cost=1
Network:  Route mail through the following host:  Smart Host:  NA0100.SMTPOUT.COM
Source Server:  equal our server.  

All outbound mail is being delivered, but it is not reaching the spam filter site.  Their technical support thinks it is the fault of the Send Connector and they are lacking in Exchange expertise.

Inbound works great and I would like the added benefits of the outbound for this customer, especially since they are a sensitive site.

Thank you for your assistance.
0
Hi, I have a justspam.org issue. Our WP web server has been compromised and has been infected with a spam-sending virus. We have cleaned the infection but we got to many spamlists including justspam.org. The problem is, that we have never used this server (IP) as a mail server and we are using google services (not only) for emailing. We have made actions to block any smtp traffic from or to our web server. But that aslo means that we are not able to send de-listing email from our  IP.  This is a "catch 22 situation" when we are not able to send mail from that ip but the justpam.org server still keeps record that we used to spam and some of our customers' mail servers deny our mails as spam because they check our domain IP which ends on this IP... . How to get out of that? Is the only way to start webserver on that IP and send delisting mail? I would really hate to do that...
0
Hi Experts,

is it possible to activate the antispam filter in EXCH2013 ?
How to check if its activated ?
0
Hi, we are deploying our own Exchange Mail server but do not have budget for Email security devices, such as Dell Sonicwall or Barracuda. How can anyone please suggest the best AV software (license) for Exchange Mail server? we did some research and found out some options like Kaspersky , Avast , ESET, AVG but have not decided yet. Thank you.
0
Dear Experts

I have been told by few that even if we have good list that is opted in contacts if we use email marketing tool like mail chimp, campaign monitor etc   and engage with customers about our new product offerings still the mail will deliver to spam. I am not accepting this but they say such mails will either go to spam or they go to promotional emails category. please suggest is this how it works. thanks in advance
0

AntiSpam

Various techniques are used to prevent email spam (unsolicited bulk email). No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email (false positives) vs. not rejecting all spam (false negatives) - and the associated costs in time and effort. Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by email administrators, those that can be automated by email senders and those employed by researchers and law enforcement officials.