Results 1 to 8 of 8

Thread: Spam control with Exchange 2000

  1. #1
    Senior Member
    Join Date
    Nov 2001
    Posts
    257

    Spam control with Exchange 2000

    I was just wondering if anyone here has used any spam blocking software in conjuction with exchange 2000. Apparently it's not good enough for the higher ups to have outlook rules where the spam may flash into their inbox and remain there for a whole 2 or 3 seconds while the rule is processed, it has to be blocked by the server.

    So I'm looking into software, and am looking for recommendations. Due to the confidential nature of our e-mail we cannot use any of the off-site filtering solutions.

    I've looked into several products, the most effective of which is one where a sender would have to click on a hyperlink in a reply e-mail before their mail is delivered (thus registering them, it happens only on the first e-mail sent to our domain.) However there are concerns with customers being displeased by this approach. Anyway, suggestions? Keep in mind it must work with microsoft exchange, as my old linux pop server did not have all the pretty calender functions these people 'need'.
    -Shkuey
    Living life one line of error free code at a time.

  2. #2
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    It really depends on how your mail routing is setup. At my company this is how we do things.

    At the proxy/firewall we have secure email relays. These relays run perlmx and spamassassin. We also subscribe to an ORDB and block all mail from hosts that are known spammers or confirmed open relays. The secure mail relays are sun solaris servers using sendmail as the SMTP daemon. These products are just doing SPAM blocking, we are not using the virus features

    here are links to those various products:
    http://www.spamassassin.org/
    http://www.activestate.com/Products/PerlMx/

    The next step in our mail flow are a couple of NAI Webshield servers which is how we do our first level of virus blocking. We also block all "level 1" attachments. These are attachments like .exe .cmd .wsh, etc......

    We then send everything through another set of sun solaris servers which perform directory lookups and mail forwards. We have multiple mail systems inside of my company so this is how we allow for everybody to have handle@mycompany.com addresses, while they may not all be on the same mail system. This second level of sendmail systems also allows us to have very strict controls on mail that stays internal to the company. We basically force all mail to flow through these servers. We do attachment blocking here as well.

    Then everything flows into exchange where we use groupshield for exchange to scan all attachments for virii as well as blocking all level1 attachments. Unfortunately all spam blocking for exchange is 3rd party. You can use smtpsinks but that is pretty resource intensive and doesn't work that well.

    quick goggle search turns up these apps-

    http://www.appriver.com/arm/exchange.htm
    http://www.re-soft.com/product/siqwallexchange.htm
    http://www.slipstick.com/addins/content_control.htm

    there are quit a few others... Sorry I can't make any recommendations or suggestions as I only have experience using unix based spam filters.

    I read about a client based spam filter that is supposed to be one of the best developed so far. It basically worked by the client having two mailboxes. One mailbox is a spam mailbox, they actually recommend you do some things to increase the amount of spam going to that mailbox. The second is the actual mailbox that the client will use. It then creates patterns off of the spam mail that is received in the bogus mailbox and applies those rules to the real inbox. Pretty nifty stuff.. Can't remember the name of it though... I'll update this post if I find it.

  3. #3
    Senior Member
    Join Date
    Nov 2001
    Posts
    257
    Thanks. I was going to give you some points for being so helpful, but apparently I have to spread my points around first. Something wrong with the AP system? checking my records it's been quite some time since I gave you any.

    My organization isn't big enough to warrant so many boxes being used on just mail, but perhaps one more running something unix based would work out. I have found all sorts of linux/unix based solutions out there, very few for exchange.
    -Shkuey
    Living life one line of error free code at a time.

  4. #4
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    From my experience I am really skeptical about putting any 3rd party product on top of exchange. It seems that the vendors who write stuff for exchange do the same stupid things that MS programmers are so famous for. We had major problems when we first deployed Groupshield, but NAI has resolved most of the issues now that they are several versions into their products. It really seems that the sendmail based solutions are the easiest, and perhaps the most effective solutions. And a relatively small linux system can route a lot of mail. So you shouldn't have to drop major bucks on an expensive server to handle the load.

    I have not worked much with their products, but from what little bit I have used the Trendmicro products for exchange seem to be far above what everybody else has out.

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Posts
    257
    Yeah, I'm also hesitant to put 3rd party products on exchange because it runs so poorly out of the box anyway.

    I do have norton antivirus for exchange installed on it which works great and I havent had any problems (thankfully). I think I am going to set up a linux box and test that for a few days to see how it works out, thanks for the suggestions.
    -Shkuey
    Living life one line of error free code at a time.

  6. #6
    Senior Member
    Join Date
    Sep 2001
    Posts
    150
    Have you checked out Mail Essentials from GFI software? www.gfi.com

    Yeah, it's a 3rd party add-on, but from what I've heard of the software it is good, but as usual...expensive which is what turned my old company off from using it. If you can afford it, it seems like a good tool, but check out other people's reviews as well.

  7. #7
    Shadow Programmer mmelby's Avatar
    Join Date
    Jul 2002
    Location
    Ft. Myers, FL
    Posts
    291
    I did not want to run anything else on our Exchange server either (we already have Norton running for antivirus). We installed MailScan on our smtp relay (NT box). It is working very well after some tweaking. It also provides additional virus and worm elimination (takes some load off of Norton).

    MailScan can be found at http://www.mwti.net/index.asp
    Work... Some days it's just not worth chewing through the restraints...

  8. #8
    Senior Member
    Join Date
    Apr 2002
    Posts
    889
    A couple things you can do first off you need a good firewall with IP blocking, given the fact I know how sometimes owners blame IS for their own stupidity like giving out their email adddress...dah on a web site.

    Check the IP or look into if your firewall supports real time blocking. Most spam comes off branches of IP's, so if you must check the IP's and enter them manually it is a good reason not to be bothered with why is my screen saver not working.

    I found the firewall the best to block IP addys legs of them and face it most end up off of UUNET, ban all of Asia and parts of Europe unless you are doing business there. Guess the thing is you are in charge of a network and ask these things. OK been around the block..ok world have an MCSE and that's all? No slamming you but I am amazed at Network Admin asking how to do really basic stuff. I am sure more here would also like to know, or at least I hope thay would. Great thread
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •