IT PRO: Blogs: Simon Bisson & Mary Branscombe : Spam

Home

Simon Bisson & Mary Branscombe 's Blog

Spam Fighting in Exchange

By Simon Bisson & Mary Branscombe in Editorial

Posted in Spam, Email on August 6, 2008 at 9:09 am

How can you fight spam with one of the most common email servers out there? After all, surely that should mean it’s an easy play for the spammers, with enough holes to get every V1agr4 advert and pump-and-dump scam into your users’ mailboxes.

It turns out it isn’t - and that the built-in tools are effective spam blockers.

If you’re not using Exchange 2007 Content Filter (or Exchange 2007’s Intelligent Message Filter) turn them on. This is one of the most effective weapons in your arsenal. It’s regularly updated, and it scans messages for common spam formats. Mesages are categorised and given spam ratings, which you can use to reject, quarantine, or file messages in users’ Junk Mail folders. CF is surprisingly easy to use - set it up, set the basic filtering rules, and then occasionaly check your quarantine mail box for false positives.

Exchange 2007 has even added whitelisting for persistently filtered false positives. Once a domain is whitelisted, there’s no more delving in the spam folders for Twitter invites or press releases from Kaspersky and Sophos.

I’d been running my server like that for some time, when I discovered another trick that turned out to make a huge difference. Exchange actually supports using real-time block lists (RBLs), which are lists of spam IP addresses hosted by services like SpamCop and Spamhaus. It’s trivially easy to add new block lists to Exchange - just find the lookup address on the block list site (Spamhaus’ is zen.spamhaus.org), and add it and the provider name in the Block List Provider section of Exchange’s anti-spam tools.

Without RBL support turned on I was getting 500 or so spam messages in my quarantine a day, making it hard to filter out the few false positives. With it on, I’m down to less than 100. Managing my spam is a lot easier - and with whitelisting, I’m having to look in the spam folder a lot less often…

–Simon

Not yet rated

Loading ...

Tag cloud

Dopplr Jeff Jones bea SBS geotagging O2 visualisation Microsoft digital signature cracking Internet Trolltech Greasemoneky anti-virus email thin client fingerprint HR automation hierarchical temporal memory CUDA bandwidth eu Adobe EMC onboarding amherst DisplayLink mscape licensing HD Firefox Dell legislation numbers social networking flash GPS robot productivity 64-bit office html hardware geocaching HTC hold music Vista i-mate interoperability server Toshiba Portege R500 desktop. PC RIA ADFS 2.0 information etech NVIDIA christmas acquisitions upgrade migration wireless USB green IT Corsair beta NGSCB Facebook terabytes forensics Trend Micro Jeff Hawkins QWERTY Windows Server 2008 Seagate traffic Palm Ask.com World Wide Telescope SSVAGENT.EXE open source RBL Google IO wifi Trampoline phone management O'Reilly ballmerbot Internet Explorer RAZR bbc iplayer identity theft Frauenhofer TSA Hugh Thompson Previous Versions virtualisation regulation wildfire 3G Beacon DSL WPF whitelist OQO security paradox Gartner security theatre Motorola AskEraser Express Gate storage ruggedized Web 2.0 software quiz yahoo toshiba biometrics 4x HD todo list community dual display user interface Moonlight Bill Gates Silverlight cisco OpenID Loki MacBook Air service oriented enterprise video pen computing exabytes disk space Girl Geek Dinners disk Secunia Google Spreadsheets processors HMT isp fibre machine learning patent TouchSmart enterprise architecture accessories Mozilla Xen security regulations green printing smartphone vulnerabilities CardSpace support fire OFCOM Windows Mobile Linux Bill Cheswick ucsd CalIT2 Verbatim data GPU hacking HSDPA Wyse Google Sets fraud co-processor MacWorld 2008 accelerator Lenovo AuthenTec HTML 5 active digitiser performance mobile ofcom network CES Fire Eagle UMPC advertising Intel cloud service google online applications CTO utilities privacy Asus merger politics automation HP Barracuda Reqall Tripit virtual desktop mobility VSSAdmin BT Numenta business intelligence user experience enterprise timezones MING identity metasystem EEE mobile data tariffs SMB 2 streaming media Tablet PC Tablet Kiosk firewall Hp 2710p Credentica Enterprise 2.0 Future in Review deperimeterization provisioning optical interconnects mobile Visual Studio Netscan National Insurance mash-up lawsuit BBC MRDA Google mobile Linux browser Palladium patch Tuesday Mono AMD gaming SP1 management oracle isps spam fighting NAS TNT Nokia RSA 2008 Xobni Internet Explorer 8 .NET Location mysql mobile working conference IBM conferences hp microsoft research Apple spam Volume Shadow Copy Gears sun iPhone Crossfader payroll network TechEd 2008 open CPU high performance computing fingerprint scanner exchange MIX08 images business

Highest Rated Blog Posts

Nobody knows what Web 2.0 really is (100%)
Songs of distant satellites (100%)
Log in and lock in (100%)
Mommy, why is there a home server in the office? (100%)
Employees are our most valuable asset (snigger) (100%)
Locking down IT or blocking creativity (100%)
Video opera? What would you do with huge bandwidth and millions of pixels? (100%)
Consumer BlackBerrys are good for business (100%)
HD Trek (100%)
Top tips for speeding up Vista (100%)

Spam Fighting in Exchange

Tag cloud

Archives

Most commented posts

Highest Rated Blog Posts

Advertisement