[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x

AntiSpam

Various techniques are used to prevent email spam (unsolicited bulk email). No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email (false positives) vs. not rejecting all spam (false negatives) - and the associated costs in time and effort. Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by email administrators, those that can be automated by email senders and those employed by researchers and law enforcement officials.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi Experts, AFAIK there are 3 ways to anti-spam to an Exchange 2016 environment: SPF, DKIM and DMARC

I can configured SPF record on domain control panel but not sure about the 2 others, does anyone have experience with them? Can we configure them on Exchange mailbox server, or public DNS of ISP?

Many thanks in advance,
1
2017 Webroot Threat Report
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

When we send an email through our company it is very commonly flagged as junk by the recipient. Can this be fixed? What do i need to do to fix this? We're using exchange from our own in house server. No we dont mass email people. We have never been hacked and used as a bot that im aware of.  Our in coming does go through an online spam filter.
0
Hi All,

Can anyone here please let me know what do I need to do in order to successfully cutting over the Anti Spam solution from onPremise Linux VM into the Cloud Solution with no data loss or user email flow interruptions?

As at the moment on my Exchange 2013, the Send Connector Smarthosts listing the local IP address for the 2x Linux VMs.

Do I just change it to the Public IP address of the Cloud Anti-Spam provider ?

Note: My Public DNS server is running on my On-premise Windows Server 2008 R2 VMs.

Thanks,
0
A client's email can't reach our server due to SPF record check.
xxx.com does not designate permitted sender hosts

The client's SPF is

v=spf1 a:research.tenxxx.com include:spf.protection.outlook.com include:spf.zixxx.com, include:servers.mxx.net -all

Is there some wrong for the record ?

Thx
0
A sender try to pretend our email domain (eg. abc.com) but add a subprefix on it (ie, mail.abc.com) which in fact we doesn't use it.

The sender email is in fact come with @brisanet.com.br but in Outlook, it only show the fraud email address, (ie. @mail.abc.com) within any information for the sender's actual email address.

SPF check has been enabled in our server and it can't block it. Is it because of the sender using mail.abc.com instead of abc.com which allow him to pass the SPF check.

Any chance that we can block this type of fraud mail ?

Thx
C--temp-Screen1.png
C--temp-Screen2.png
0
We have 2 Exchange Servers 2010 SP3. One is installed on Windows Server 2008 R2 and other is installed on Windows Server 2012 R2. I have enabled Antispam settings on hub transport on both exchange servers, all settings are enabled. We don't have edge transport server.
Users are getting spam emails with some particular contents in emails. As CEO asked me to create a rule so that emails with those contents or subject should be filtered out and blocked. So,  i added that phrases from spam email into content filtering properties under "Block messages containing these word or phrases" and enabled Delete messages (SCL Rating >= 8), Reject Messages (SCL Rating >= 7), Quarantine messages (SCL rating >=6). Also defined Quarantine  Mailbox Email. Then i send a message with same contents (which i added in block messages) in email from my gmail in order to test but the message was not blocked and i received the message in my corporate email. It was supposed to be blocked but it didn't.
Antispam.JPG
0
we have a client using SBS2011 with on site Exchange 2010.  they are using trend worry free business advanced anti virus/spam on the server.

there is a particular external sender who cant send our client emails.  there's no bounce back message, the message doesn't appear to even hit the server according the exchange message tracker, i also queried Trends spam filter and nothing from them appears to be quarantined.  i disabled Trend spam filtering but as of yet still nothing.  i can send to the client fine but it seems to be this one sender who cant, and its to any email address with the clients domain not just a particular person.  ive also checked blacklisting for sender and receiver which are clear and i've white listed the senders IP and domain in Trend.

the sender has tracked the message they sent and its saying it has left their servers, so not quote sure whats going on.
0
Earlier today I got rid of the search.yahoo.com redirect. I ran avast smartscan and malwarebytes, and I've rebooted. It's only on Google Chrome, and there are no extra extensions installed. Any ideas? Thanks.

Capture.JPG
0
we have very recently switched from a barracuda antispam appliance to using exchange online protection. we are a hybrid config with no mailboxes yet migrated to on-line.
I'm having an issue trying to get the spam scoring to "work". i.e. I get messages with the scl set to 6 in the header but they are not going to the junk folder as desired. we have had 2 microsoft tickets on the topic.
first thing, after reading an online article, we added 2 transport rules to our on-prem that are supposed to take anything with an scl of 6 and move it there. then Microsoft told my boss to turned off the users ability to set junk filter properties and have it set to disable.
second, today they told me it wont ever deliver them to the junk folder so I have set it to quarantine, which we really don't want unless its the only option.

surely there has to be a way to have the junk folder work... I'm attaching a screenshot of the automation advice when I opened todays ticket and had the message analyzed in case it helps.
automation.png
0
I will split points as equally as I can, this is asking for an opinion.

My website/email server hoster has recently introduced a spam filter on their servers.  This spam system has decided experts-exchange.com has started to spam me.  Apparently because the concerning information is often very similar (probably Question alert:, Help Answer:....) and because the body of the text sometimes contains unrecognisable words (possibly things like: what does for(int x=1;x<q*q;x+=3){q=foo(x);} mean).

Now comes the fun bit.
I have asked if I can white list the email address.  No, the spam filter works only with IMAP and is self learning.
I have pointed out I use POP3.  The spam filter works on all emails both POP3 and IMAP, but only learns on IMAP.

My opinion is that this filter is well meant but actually a terrible idea.  What are your opinions.
0
Q2 2017 - Latest Malware & Internet Attacks
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

I had a spam problem about a month ago, which I fixed on my end.  I notice now that email I send to recipients at gmail are automatically being marked as spam.

My mail server is Unix - Communigate Pro running on an old PowerMac. Outbound mail goes to my SMTP server, which is a Dell SonicWall ES-3300    I changed the IP address after the spam got past the SonicWall, and put the new address into my DNS, which is hosted by DYN.com

I looked at the header of a message I sent to my gmail account.  I see something wrong with the SPF record  

X-Mlf-Uniqueid: o201708020314430029673
Arc-Seal: i=1; a=rsa-sha256; t=1501643684; cv=none; d=google.com; s=arc-20160816; b=fxKfyh5i6PzjoNNZkIMPSigH31cy4YQ3IwPn/XLlJekZPjdgLTVrCmwlzwGh2orLVN GAg7JYp8zmTIKmoj2fOo5/v5m9m+aMH16VJDa7PKxY2H5qYRt9OHehY+o6UqP95Il9lz 3/cqc1G6Fo+j3t0oCCa8H/JW4+03+o3X9nlX+ioY6gOoFGy7GtWzW4OJpxiJZUjxhtxp FgenvR03ekg/ZHQv7j3P/FIoDPhoQK/EzgofSx6a7qKwl0D4jY8YzBVvcQjfHYaJV96j porICVs9nghyv8bE7Oy34UxkqG3ZLJznTB4WqAmYzkC8Nw3duZRcC8G0B+ZXQXz1s7mi Jz0A==
X-Received: by 10.55.197.88 with SMTP id p85mr27288566qki.281.1501643684625; Tue, 01 Aug 2017 20:14:44 -0700 (PDT)
X-Mlf-Version: 8.3.2.6531
Return-Path: <prvs=138714c1e1=larry@computerlarry.com>
Arc-Authentication-Results: i=1; mx.google.com; spf=softfail (google.com: domain of transitioning prvs=138714c1e1=larry@computerlarry.com does not designate 24.89.176.52 as permitted sender) smtp.mailfrom=prvs=138714c1e1=larry@computerlarry.com
0
Hi

We are looking for a email filtering solution and have been speaking to mimecast and proofpoint (enterprise version with TAP). Having had sales style demos both products look very similar so wanted so real world guidance.
We currently have 365 for email with EOP and it is doing a very poor job of filter spam, virus attachments and protecting against targeted phishing (fake CEO)
0
User was tricked at home, he took the whole bait and hook, paid $ to a fake Microsoft person and allowed them on his computer. Anyway after running some tools and removing malicious malware he still has on his desktop a fake phone number that shows on his Task bar area. This is a Vista O.S. how do I remove?
I will be reformatting the computer in a  couple week.
0
Hello,

I am doing some testing of spam filtering solutions. Is there a service that will just send you spam to an email address? Thanks.
0
We have a Barracuda spam/Firewall 300 here that's got about 30,000 blocked/deferred messages in the outbound queue that I need to get deleted. I can't even bring up the outbound queue in queue management. I spent over an hour with Support and they cant connect with the guy couldn't figure out how to connect with it....that's a different issue. How can I clear these out? Its killing our mail throughput?? I know its got SSH but I can't connect to it. I'm not local to the system but I've got full admin rights. I cant even pull the export out of it.
0
I manage a small network (84 users) We currently have a Barracuda Email Security 300 that is getting a bit long in the tooth and is in need of replacement. So, with that said I am looking at Fortimail (Because we have a Fortigate 200D) and Barracuda Essentials for Email Security.

I do know that in terms of price that Barracuda solution is cheaper but I hate having to evaluate based on price (But that's what the higher Up's see) Has anyone used the Fortimail solution? is it more or less the same compared to the Barracuda solution? I do think both offer "sandboxing" and that is something I am interested in..
0
Dear Experts,

My clients and I tried to send emails to proofpoint customers but they get deferred or delayed.

I have done a blacklist check and our IP address is not blacklisted.

Is there anyway to contact proofpoint and inform them about this and get it resolved?
0
Hello,

Looking for suggestions for the best anti-spam solution (software, not hardware)

Currently using Spamexperts, but still receive 5-8 spam messages per week, perhaps this is the best possible without blocking valid / clean messages?

I am looking for a hosted solution.

Thank you,
0
Hi,

Any good free anti virus software that i can download and install on my window 10 laptop?
any good reliable dependable ones for free. please advise
0
Important Lessons on Recovering from Petya
LVL 10
Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Trying to create an send connector to first send e-mail to our spam filter service.  

Here is the configuration:
Type=Internet
Address Space:  Type=SMPT, Address=*, Cost=1
Network:  Route mail through the following host:  Smart Host:  NA0100.SMTPOUT.COM
Source Server:  equal our server.  

All outbound mail is being delivered, but it is not reaching the spam filter site.  Their technical support thinks it is the fault of the Send Connector and they are lacking in Exchange expertise.

Inbound works great and I would like the added benefits of the outbound for this customer, especially since they are a sensitive site.

Thank you for your assistance.
0
Hi Experts,

is it possible to activate the antispam filter in EXCH2013 ?
How to check if its activated ?
0
Hi, we are deploying our own Exchange Mail server but do not have budget for Email security devices, such as Dell Sonicwall or Barracuda. How can anyone please suggest the best AV software (license) for Exchange Mail server? we did some research and found out some options like Kaspersky , Avast , ESET, AVG but have not decided yet. Thank you.
0
Dear Experts

I have been told by few that even if we have good list that is opted in contacts if we use email marketing tool like mail chimp, campaign monitor etc   and engage with customers about our new product offerings still the mail will deliver to spam. I am not accepting this but they say such mails will either go to spam or they go to promotional emails category. please suggest is this how it works. thanks in advance
0
Currently our Proofpoint can take from a few minutes to 3 hours before it detects new
emails containing certain attachments & links (ie new threats) are 'malicious' or spam.
To claw back malicious emails 2-3 hours later is rather late. Wud rather have late delivery.

Our Bluecoat MAA that protects against malicious downloading (or malicious sites) can
take up to several minute : just encountered one case yesterday where malicious .eot
files were downloaded by several users before it blocked users from downloading.
This Bluecoat MAA is supposed to protect against 0-day and unknown threats as well
but we have got quite a few infections/downloads in the past: possibly its 'sandboxing'
is not real-time / fast enough.

I'm hesistant to deploy endpoint IPS (HIPS) on workstations at this moment so skip
this for the time being as HIPS can impact legit services/apps if not tested thoroughly
while network based tools like MAA (& Trendmicro Discovery) are less disruptive.

Besides educating users (which we have done quite a lot), I'm looking for sandboxing
products that could perform much faster : I read one academic article that products
that implement 'prefetching' using multi layer of caches are much faster.  If they use
SSD, wud it be faster?

In particular against ransomware as one highly successful one as extracted below:

Sky News Technology Correspondent Tom Cheshire described the attack as "unprecedented". The ransomware appears to use NSA 0-day …
0
I was told that Malware bytes works with Norton and wouldn't be a redundant package to install on my pc.
I'm looking for second, third and fourth opinions.
0

AntiSpam

Various techniques are used to prevent email spam (unsolicited bulk email). No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email (false positives) vs. not rejecting all spam (false negatives) - and the associated costs in time and effort. Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by email administrators, those that can be automated by email senders and those employed by researchers and law enforcement officials.