AntiSpam

Various techniques are used to prevent email spam (unsolicited bulk email). No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email (false positives) vs. not rejecting all spam (false negatives) - and the associated costs in time and effort. Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by email administrators, those that can be automated by email senders and those employed by researchers and law enforcement officials.

Share tech news, updates, or what's on your mind.

Sign up to Post

I need to add a spf record to avoid spoofing and I use register.com as dns provider. They told me to add the following into the txt record.

@     "v=spf1 include:spf.registeredsite.com ~all"

I did that. When I sent a test mail to my gmail account, the mail went through but the header showed me it is has a softfail and the error message is as following:

pf=softfail (google.com: domain of transitioning me@mysite.com does not designate 192.168.0.1 as permitted sender) smtp.mailfrom= me@mysite.com;

For your information, my A record is the following:

*.mysite.com        10.10.0.1     <- webserver
mail.mysite.com      192.168.0.1   <- emailserver

Note: Please pardon the email address and ip addresses in this post are not real for security reason.
0
Learn Ruby Fundamentals
LVL 12
Learn Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

We had to upgrade to reCAPTCHA v3 from v2.  I am seeing a lot more spam coming through the sites... wondering if anyone knows how I can adjust settings or something to help.

thanks
0
We've got a Linux server which has been running as a mail server (Sendmail) for years

DNS listings for SPF, DKIM, DMARC and ADSP has been in use for the past 3 months with no issues.

For DKIM we're using OpenDKIM and two days ago we've installed OpenDMARC and are still in the testing phase (We're not sending reports at this time)

BUT

For the life of me I can't figure out what I'm missing

I'm trying to figure out how to get Sendmail via OpenDMARC to follow an established policy of a received email by Rejecting or quarantining a email (as specified) if the message alignment fails .
0
What is the best spam filter for AOL Desktop Gold under Win 10 ?
0
Hello Experts,

Does anyone have any suggestions on spam filtering through MX records?  Currently we are using office 365 trough Microsoft and hosted exchange by go daddy.  GoDaddy's spam filtering would make us upgrade to the next business package. A cost we do not want yet.  

Thank you,

-GTS
0
I've recently enabled SPF/DKIM/DMARC for our email system.  My understanding is that this will help fight email spoofing?

But what about other malicious email events?  How do I thwart email virus and attacks coming from sites that are not spoofing?
0
Hi,

I'm in process to migrate my users mailboxes from Exchange 2007 to O365.

I set a Send Connector rule to send all emails for migrated recipients to O365 MX server. Now  I got a msg from O365 like:

mail.protection.outlook.com #550 5.7.1 Service unavailable, Client host [x.x.x.x] blocked using Spamhaus. To request removal from this list see http://www.spamhaus.org/lookup.lasso

Why my Hub Transport is considered as spam? How can I whitelist my server in O365?

Thanks
0
WordPress site getting SPAMMED, not sure how to stop it.

My website, FortressHarvard.com

has a Download button, and when you fill your Name and Email, then click the button, you get an email with the URL to my book's Preface and Chapter 1. Also, I get an email to my "info@" email's inbox with the name and email of the person requesting the downloading.

I am getting spammed there, by some sort of robot, and do not know how to stop it.

This started yesterday morning, and continued every few minutes, non-stop. I even added a CAPTA requirements this morning, but that had no impact.

How do I stop this SPAM?

Thanks
0
Hi,
What's the best anti-spam-virus cloud filtering service that one can use before email arrive to my internal Exchange Service?
I use to use MXLogic which was bought by McAfee which discontinued the service and I moved to ZeroSpam which is not that good.
I have been told ProofPoint is really good but couldn't find any reviews or gatner,
tx!
0
We have 3 apps that a user runs on his computer every other day: 'SUPERAntiSpyware', 'Spy-Bot Search and Destroy' and 'Comodo Antivirus'.  The user runs the 3 apps at that same time whenever cleaning up is desired.  The user would leave theses tools running overnight.

The app 'Comodo Antivirus' never finds a virus.  The apps 'SUPERAntiSpyware' and 'Spy-Bot Search and Destroy' always finds spyware.  In  the morning the user would first click 'SUPERAntiSpyware' to delete or isolate the threats reported and then do the same to 'Spy-Bot Search and Destroy'.  Finally restart the computer.   Note, prior running the apps, the user would run cCleaner to cleanup any junk in his drive.

To-Date, there is no problem we have identified and all seems to be ok.  Our question is more directed to know EE opinion on:

  • Why 'SUPERAntiSpyware' and 'Spy-Bot Search and Destroy' display different results?
(Spy-bot would show registry entries and superantispyware would show files)
  • Any negative effect by running these 3 apps simultaneously?
  • Finally, is it necessary to run cCleaner prior running the apps?
0
Starting with Angular 5
LVL 12
Starting with Angular 5

Learn the essential features and functions of the popular JavaScript framework for building mobile, desktop and web applications.

Using Exchange 2013, is there a mail to block internal user usurpated email?

More and more users are getting unwanted email like « From: "legitusername@contoso.com" realspamsender@windowslice.com »
I'm looking for rule that block mails displaying @contoso.com that aren't sent from consoto.com email adresses.

Any help woud be appreciated,
Thanks!
0
Hi , our public UP is being blacklisted by CBL.

Reason given: This IP is infected (or NATting for a computer that is infected) with an botnet that is emitting email spam. The infection is probably sendsafe.

I'm assuming that one o the 25 or so computers in my network is infected.

Question: Is there a way usnijg the Sonicwall to determine in a machine is acting as an SMTP server and sending out spam email?

My SonicWall is a new model NSA 2600 with updated SonicOC
0
Here's the good news about the user - they are 89 years old, and receive and send email and texts on their iPad and iPhone.

They are having problems with AOL/Yahoo email

The issue is that they cannot receive email from their son, because for some reason, their son's company domain is on some sort of blacklist.  The company uses Outlook 365 and some sort of mail authenticator  mime cast.com

AOL doesn't have a whitelist option yet.
They have identified the messages as being not spam in the Junk box, but that doesn't stop the mail from going into the junk folder.

It is too much to ask an 89 year old person who has mastered email on devices to change their email address.
I have instructed them to check their junk box as regularly as they check their inbox.

It would be nice if there was a way to get the AOL/Yahoo filtering system to allow mail from the company domain.

I have attached a header from a message that was sent to junk, if that is of any help.

MXtoolbox has analyzed and found messages to be on a blacklist
MX Toolbox report


Thanks.

-------------------------

X-Apparently-To: jwb@aol.com; Wed, 24 Oct 2018 19:01:52 +0000
Return-Path: <john@pxxxxxxp.com>
X-YahooFilteredBulk: 63.128.21.182
Received-SPF: pass (domain of pxxxxxxp.com designates 63.128.21.182 as permitted sender)
X-YMailISG: RD0lkWgWLDt9Eokj4OV7S0B0GjdN9EXqXiK_FGw9i6AP6Su3
 SoPLLyRX6Gstjx7xgDzW.hDYmw7WDObZs1yGDcCgTZPU.0RpAY8d5LC1ve8K
 …
0
Key VP of Sales is receiving large amounts of Junk Email. Company owners want his email filtered out. What can an IT guy do? We have a standard hosted email like everyone else. Do I have to get EXchange Server? I don't even know if there is any advantage to that, Exchange Server does not have any advanced features for filtering??

Once of the owners asked me "Do we need to hire someone to go through the VP's email every day to manually go through every email?"

Is he right? CDW told me about Trend Micro, but i dont know if this is the solution. Actually it does not appear a solution exists except to hire someone, is this really the case??
0
I get a lot of spam, and sometimes cannot unsusbcribe, especially if the website asks me to put in the email address I wish to unsubscribe and does not do it automatically from the link. This is because I have maybe 50+ aliases set up over the years, which I have and still need to keep.
I use Office365 and Outlook 2016 as the client.
How can I determine which of my email address alias a message was sent to when I receive it. I don’t just wish to know I received an email sent to Any alias. I want to know which one of my aliases people used. For instance I wish to know if it was sent to office@ or accounts@ etc. But I can never know... Outlook does not tell you. From what I read, a possible solution is to create a rule in outlook to sort mail, but that means to to create 50 rules, and 50 inboxes and do new rules and new alias inboxes every time I add an alias is a headache.
Is there any way to know which of my aliases were used? Any third party software even or plugin? It’s stupid that Outlook only shows my main email name in the sent to field, Even when an actual alias that was used. Maybe I’m missing something?
Please help.
Thanks.
0
Hello, we use Exchange 2016 in house - we are looking for a 3rd party spam solution, what do you recommend?
0
Hi,

I have a user who send email with url to more then 100 000 recipients. The 365 ATP Safe Link block its.

I know I can create an exception rule but the real root cause is still there because the other mail servers proctection (others mailfilter) will might block it too. My question is how can I know what is consider as malicious in the email fromat that we sent. Like that I can explain to user to not add this or do that.

Thanks
0
Hello,
My client IPs has blacklisted only at Sorbs
Sorbs website – „Site Down for Maintainance“
http://www.sorbs.net
Im waiting for Sorbs website to find out reason and to delist IP but in the meantime what can I do to find source of the problem.
Any advice?
Maybe it is false positive?
http://forums.gfi.com/dnsblsorbsnet-has-alot-of-false-positives-m900742006.aspx
0
From security reporting & analysis, I'll need to access our
Exchange Online (think it's ver 2016) to view

a) Spam, phishing, blocked emails
b) the blocking policies (whitelisting, greylisting, blacklisting) in place
c) DKIM, SPF, DMARC settings

I'm completely newbie to MS Exchange: can let me know screen by
screen (or step by step) where to view this after being granted
access to Exchange Online?

We did not get 3rd party email filtering tools (like Proofpoint),
just purely what's offered by O365
0
Fundamentals of JavaScript
LVL 12
Fundamentals of JavaScript

Learn the fundamentals of the popular programming language JavaScript so that you can explore the realm of web development.

We have an office 365 tenant with about 20 some users, we have been receiving a lot of spam though our domain, among other things we recently setup and turned on DKIM. Since that time we did receive spam but interestingly we received phishing emails from the same domain name that we believed DKIM would block.
Do you know of any way to verify if DKim is working?
0
My friend is using a service called SpamArrest to manage his unruly inbox. Any new senders will receive an email back from the server asking they pass a "capcha" type non-robot test. After that, they're whitelisted and may email freely.

He's moved to Office 365 and SpamArrest isn't compatible.

The goal is a robust email whitelisting cloud service that will work with O365 Exchange and Outlook Desktop Client. Do you know of a product that can meet this need?

Thank you,

John
0
Hi, im deploying Barracuda Cloud Spam, we have Exchange 2016 in house, i believe i have to allow certain IPs from Barracuda, where would i make this change?
0
Tough spam problem can't seem to isolate. Out of 20 users only one affected. Spam is not going through the spam filter incoming or outgoing. Has to be something on a local device infusing the spam into the users inbox. Nothing in sent either. Have removed the computer they work from in the office, disabled the NIC. Ran a malware scan on they're laptop and the ccleaner bug was found, see below for details regarding the CCleaner incident.

CCleaner v5.33 and CCleaner Cloud v1.07 Security Notification. Not sure if this is related.

Haven't run a scan on the users phone doing so now.

The bug is the same one identified here.
0
Hi,

We are running an out of warranty MacAfee appliance of secure email.
Now we are looking for a Cloud based solution that scans out email for virus / spam /adware and all other kind of nasty things that does not belong in our network.
We want to have a good control over the spam settings and release spam when there is a false positive to release the mail to the user.
We have 500 emails clients and likely, we are growing so looking for an enterprise solution.
What do you recommend or do you use for your email spam/virus solutions?
Many Thanks.
Harm
0
Hi Folks,

I'm new here. Glad to be a part of this prestigious group. Lately we're observing random spams with below header. Needed some help with improving 365 spam filtering for this case. Thanks, much appreciated.

SYXPR01MB1086.ausprd01.prod.outlook.com with HTTPS via
 SY3PR01CA0107.AUSPRD01.PROD.OUTLOOK.COM; Thu, 26 Jul 2018 00:03:00 +0000
Received: from ME2PR01CA0098.ausprd01.prod.outlook.com (2603:10c6:201:2c::14)
 by SYXPR01MB1088.ausprd01.prod.outlook.com (2603:10c6:0:a::17) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.973.21; Thu, 26 Jul 2018 00:02:59 +0000
Received: from SY3AUS01FT011.eop-AUS01.prod.protection.outlook.com
 (2a01:111:f400:7eb5::200) by ME2PR01CA0098.outlook.office365.com
 (2603:10c6:201:2c::14) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.995.16 via Frontend
 Transport; Thu, 26 Jul 2018 00:02:59 +0000
Received: from shark4.inbox.lv (194.152.32.84) by
 SY3AUS01FT011.mail.protection.outlook.com (10.152.234.115) with Microsoft

 SMTP Server (version=TLS1_1, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256)
 id 15.20.995.12 via Frontend Transport; Thu, 26 Jul 2018 00:02:58 +0000
Received: by shark4.inbox.lv (Postfix, from userid 2004)      id 5DC7456544; Thu,
 26 Jul 2018 03:02:55 +0300 (EEST)
Received: from localhost (localhost [127.0.0.1])      by shark4-in.inbox.lv
 (Postfix) with ESMTP id 4A53656542      for …
0

AntiSpam

Various techniques are used to prevent email spam (unsolicited bulk email). No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email (false positives) vs. not rejecting all spam (false negatives) - and the associated costs in time and effort. Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by email administrators, those that can be automated by email senders and those employed by researchers and law enforcement officials.