AntiSpam

Various techniques are used to prevent email spam (unsolicited bulk email). No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email (false positives) vs. not rejecting all spam (false negatives) - and the associated costs in time and effort. Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by email administrators, those that can be automated by email senders and those employed by researchers and law enforcement officials.

Share tech news, updates, or what's on your mind.

Sign up to Post

I will split points as equally as I can, this is asking for an opinion.

My website/email server hoster has recently introduced a spam filter on their servers.  This spam system has decided experts-exchange.com has started to spam me.  Apparently because the concerning information is often very similar (probably Question alert:, Help Answer:....) and because the body of the text sometimes contains unrecognisable words (possibly things like: what does for(int x=1;x<q*q;x+=3){q=foo(x);} mean).

Now comes the fun bit.
I have asked if I can white list the email address.  No, the spam filter works only with IMAP and is self learning.
I have pointed out I use POP3.  The spam filter works on all emails both POP3 and IMAP, but only learns on IMAP.

My opinion is that this filter is well meant but actually a terrible idea.  What are your opinions.
0
On Demand Webinar: Networking for the Cloud Era
LVL 9
On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

I had a spam problem about a month ago, which I fixed on my end.  I notice now that email I send to recipients at gmail are automatically being marked as spam.

My mail server is Unix - Communigate Pro running on an old PowerMac. Outbound mail goes to my SMTP server, which is a Dell SonicWall ES-3300    I changed the IP address after the spam got past the SonicWall, and put the new address into my DNS, which is hosted by DYN.com

I looked at the header of a message I sent to my gmail account.  I see something wrong with the SPF record  

X-Mlf-Uniqueid: o201708020314430029673
Arc-Seal: i=1; a=rsa-sha256; t=1501643684; cv=none; d=google.com; s=arc-20160816; b=fxKfyh5i6PzjoNNZkIMPSigH31cy4YQ3IwPn/XLlJekZPjdgLTVrCmwlzwGh2orLVN GAg7JYp8zmTIKmoj2fOo5/v5m9m+aMH16VJDa7PKxY2H5qYRt9OHehY+o6UqP95Il9lz 3/cqc1G6Fo+j3t0oCCa8H/JW4+03+o3X9nlX+ioY6gOoFGy7GtWzW4OJpxiJZUjxhtxp FgenvR03ekg/ZHQv7j3P/FIoDPhoQK/EzgofSx6a7qKwl0D4jY8YzBVvcQjfHYaJV96j porICVs9nghyv8bE7Oy34UxkqG3ZLJznTB4WqAmYzkC8Nw3duZRcC8G0B+ZXQXz1s7mi Jz0A==
X-Received: by 10.55.197.88 with SMTP id p85mr27288566qki.281.1501643684625; Tue, 01 Aug 2017 20:14:44 -0700 (PDT)
X-Mlf-Version: 8.3.2.6531
Return-Path: <prvs=138714c1e1=larry@computerlarry.com>
Arc-Authentication-Results: i=1; mx.google.com; spf=softfail (google.com: domain of transitioning prvs=138714c1e1=larry@computerlarry.com does not designate 24.89.176.52 as permitted sender) smtp.mailfrom=prvs=138714c1e1=larry@computerlarry.com
0
Hi

We are looking for a email filtering solution and have been speaking to mimecast and proofpoint (enterprise version with TAP). Having had sales style demos both products look very similar so wanted so real world guidance.
We currently have 365 for email with EOP and it is doing a very poor job of filter spam, virus attachments and protecting against targeted phishing (fake CEO)
0
User was tricked at home, he took the whole bait and hook, paid $ to a fake Microsoft person and allowed them on his computer. Anyway after running some tools and removing malicious malware he still has on his desktop a fake phone number that shows on his Task bar area. This is a Vista O.S. how do I remove?
I will be reformatting the computer in a  couple week.
0
Hello,

I am doing some testing of spam filtering solutions. Is there a service that will just send you spam to an email address? Thanks.
0
We have a Barracuda spam/Firewall 300 here that's got about 30,000 blocked/deferred messages in the outbound queue that I need to get deleted. I can't even bring up the outbound queue in queue management. I spent over an hour with Support and they cant connect with the guy couldn't figure out how to connect with it....that's a different issue. How can I clear these out? Its killing our mail throughput?? I know its got SSH but I can't connect to it. I'm not local to the system but I've got full admin rights. I cant even pull the export out of it.
0
I manage a small network (84 users) We currently have a Barracuda Email Security 300 that is getting a bit long in the tooth and is in need of replacement. So, with that said I am looking at Fortimail (Because we have a Fortigate 200D) and Barracuda Essentials for Email Security.

I do know that in terms of price that Barracuda solution is cheaper but I hate having to evaluate based on price (But that's what the higher Up's see) Has anyone used the Fortimail solution? is it more or less the same compared to the Barracuda solution? I do think both offer "sandboxing" and that is something I am interested in..
0
Hello,

Looking for suggestions for the best anti-spam solution (software, not hardware)

Currently using Spamexperts, but still receive 5-8 spam messages per week, perhaps this is the best possible without blocking valid / clean messages?

I am looking for a hosted solution.

Thank you,
0
Hi,

Any good free anti virus software that i can download and install on my window 10 laptop?
any good reliable dependable ones for free. please advise
0
Trying to create an send connector to first send e-mail to our spam filter service.  

Here is the configuration:
Type=Internet
Address Space:  Type=SMPT, Address=*, Cost=1
Network:  Route mail through the following host:  Smart Host:  NA0100.SMTPOUT.COM
Source Server:  equal our server.  

All outbound mail is being delivered, but it is not reaching the spam filter site.  Their technical support thinks it is the fault of the Send Connector and they are lacking in Exchange expertise.

Inbound works great and I would like the added benefits of the outbound for this customer, especially since they are a sensitive site.

Thank you for your assistance.
0
Ransomware Attacks Keeping You Up at Night?
Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Hi Experts,

is it possible to activate the antispam filter in EXCH2013 ?
How to check if its activated ?
0
Hi, we are deploying our own Exchange Mail server but do not have budget for Email security devices, such as Dell Sonicwall or Barracuda. How can anyone please suggest the best AV software (license) for Exchange Mail server? we did some research and found out some options like Kaspersky , Avast , ESET, AVG but have not decided yet. Thank you.
0
Dear Experts

I have been told by few that even if we have good list that is opted in contacts if we use email marketing tool like mail chimp, campaign monitor etc   and engage with customers about our new product offerings still the mail will deliver to spam. I am not accepting this but they say such mails will either go to spam or they go to promotional emails category. please suggest is this how it works. thanks in advance
0
Currently our Proofpoint can take from a few minutes to 3 hours before it detects new
emails containing certain attachments & links (ie new threats) are 'malicious' or spam.
To claw back malicious emails 2-3 hours later is rather late. Wud rather have late delivery.

Our Bluecoat MAA that protects against malicious downloading (or malicious sites) can
take up to several minute : just encountered one case yesterday where malicious .eot
files were downloaded by several users before it blocked users from downloading.
This Bluecoat MAA is supposed to protect against 0-day and unknown threats as well
but we have got quite a few infections/downloads in the past: possibly its 'sandboxing'
is not real-time / fast enough.

I'm hesistant to deploy endpoint IPS (HIPS) on workstations at this moment so skip
this for the time being as HIPS can impact legit services/apps if not tested thoroughly
while network based tools like MAA (& Trendmicro Discovery) are less disruptive.

Besides educating users (which we have done quite a lot), I'm looking for sandboxing
products that could perform much faster : I read one academic article that products
that implement 'prefetching' using multi layer of caches are much faster.  If they use
SSD, wud it be faster?

In particular against ransomware as one highly successful one as extracted below:

Sky News Technology Correspondent Tom Cheshire described the attack as "unprecedented". The ransomware appears to use NSA 0-day …
0
I was told that Malware bytes works with Norton and wouldn't be a redundant package to install on my pc.
I'm looking for second, third and fourth opinions.
0
Like millions of others, I wake up to view many spam messages on my devices. I dislike it immensely. Is there a string or are there strings of words and phrases that I can use without trying to come up with all of them myself that I can exclude? For example, I NEVER want to see any email or sms that contains: "you have been selected" or "congratulations" or "important new breakthrough" or "blue pill". You get the idea. I don't mind creating rejection rules but I would like to start with one creation session that would catch a large percentage of crap and bury it before I even see it. I don't want to get so deep into this quest that I subscribe to any email forwarding service. I will also add, in case it gives anyone some ideas, that I have my own domain and can add and delete any number of emails I wish. I have learned that (obviously) since a questionnaire or sales inquiry indicates "we will not share this data with anyone" is pure @%#$^!%$. Miffed.  I use Outlook on my PCs.
0
Dear Experts

We have email accounts of the prospects, customers who purchased and who did not purchase,  over the years this has become huge list and is available in sales force automation software , we are using SugarCRM, the list contains third party contacts. as email campaigns on this lists are making our domain black listed and messages are getting delivered to spam.  please suggest is there any software which validates and separates the good mail accounts and bad mail accounts , please suggest the software or any such service available
0
Dear Experts

We used act-on marketing tool to send email campaigns approx 4000 contacts as of not 77 opened and 45 bounced, but few who have opened they had received the mail in spam, these list is opted-in, how can for few it goes to inbox and few it goes to spam, few said they got it inbox and few say they go it in spam both who said this are from gmail account. can you please suggest what would have gone wrong. how to make sure 100% inbox delivery and necessary measures please

Thanks in advance.
0
Having a spam problem when I send the emails directly from my server, I asked my client to open an email account on her server.
I used smtp authentication with email address and email password.
Here is the detailed answer, can anybody explain me the reason that I cannot send and the solution please.
Thank you.


PEAR_Error Object
(
    [error_message_prefix] =>
    [mode] => 1
    [level] => 1024
    [code] => 10006
    [message] => Failed to send data [SMTP: Invalid response code received from server (code: 550, response: 5.7.1 Rejected by spam filter (17211ed8-34a9-11e7-9a8c-336c9f1d8145) [CSP-02])]
    [userinfo] =>
    [backtrace] => Array
        (
            [0] => Array
                (
                    [file] => /opt/cpanel/ea-php56/root/usr/share/pear/PEAR.php
                    [line] => 577
                    [function] => __construct
                    [class] => PEAR_Error
                    [type] => ->
                    [args] => Array
                        (
                            [0] => Failed to send data [SMTP: Invalid response code received from server (code: 550, response: 5.7.1 Rejected by spam filter (17211ed8-34a9-11e7-9a8c-336c9f1d8145) [CSP-02])]
                            [1] => 10006
                            [2] => 1
                            [3] => 1024
                            [4] =>
                        )

                )

            [1] => Array
                (
         …
0
WatchGuard's M Series Appliances - Miecom Approved
WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

I started receiving the  same  response  from various email addresses

"SMTP error from remote mail server after end of data: 550 5.7.1 Rejected by CYREN-40-Customers Valid spam filter"

When I check this link http://www.cyren.com/ip-reputation-check.html 
It says the below altough I have been sending for at least 2 years with the same ip and address

Risk Level:      Unknown
 Description:      The IP has only recently started sending mails, and therefore still has an Unknown reputation

How can I handle the reject?
0
Implement SPF check on my Trend Micro IMSVA but a spam mail come through with status "Neutral". Is it possible to tune the config.ini file to block this type of email ?


Received-SPF: Neutral (as1.abc.com: 207.210.xxx.1xxx is neither permitted nor denied by domain of xxxxx@yahoo.com) identity=MAILFROM; client-ip=207.210.xx.xx; envelope-from=xxxx@yahoo.com; helo=server.xxxx.com)
Received: from server.xxx.com (unknown [207.210.xx.xx])      by
 as1.abc.com (Postfix) with ESMTPS      for
 <enquiry@abc.com>; Mon, 24 Apr 2017 22:21:31 +0800 (HKT)
Received: from xxx.hostwindsdns.com ([104.168.xx.xx]:57942
 helo=yahoo.com)      by server.xxx.com with esmtpsa
 (TLSv1:ECDHE-RSA-RC4-SHA:128)      (Exim 4.89)      (envelope-from
 <xxxx@yahoo.com>)      id 1d2ero-0008KH-Io
C--temp-SOP_IMSVA_9.0_SPF.PDF
0
I have configured my spf on the gateway. Is there any tool that can spoof my company domain such that I can stimulate a spoof email to my mail server and see whehter the gateway can block it or not.

Thx
0
We have a problem where emails to certain domains are being blocked as spam, it’s gradually getting worse. We get bounce messages such as “5.3.0 - Other mail system problem 550-'Administrative prohibition”, “5.0.0 smtp; 5.3.0 - Other mail system problem 553-'Blocked Using Spam Pattern, Your Message May Contain The Spam Contents'”.
I have checked all the major black lists and all the minor ones that I could find, I’ve also checked reputational databases and all are showing as good for our domain and IP addresses. We are being blocked by major email management orgs such as messaglabs, mimecast and Sophos devices so I’m fairly confident that an org such as Sophos has blacklisted us and is propagating this to customers and partners.
I’m trying to work with the IT departments of affected recipients but they have their own problems and naturally aren’t prioritising our issue. Can anyone think of a way of finding out who has blacklisted us, avenues to go down, backdoors I can knock on, etc?
0
How to configure DMARC / SPF and DKIM on my Exchange 2010 such that it can check the incoming email address of our company domain is delivered only dedicated IP address (ie, our antispam gateway).

Thx
0
Any idea where the SMTP log file  is located in my IMSVA (Trend Micro InterScan Messaging Security Virtual Appliance) ? I need to backup the log file daily.

Thx
0

AntiSpam

Various techniques are used to prevent email spam (unsolicited bulk email). No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email (false positives) vs. not rejecting all spam (false negatives) - and the associated costs in time and effort. Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by email administrators, those that can be automated by email senders and those employed by researchers and law enforcement officials.