Re: New Spam Question
- From: "Bharat Suneja [MVP]" <bharat@xxxxxxxxxx>
- Date: Tue, 29 Jan 2008 07:54:36 -0800
Mentioning the version of Exchange you're on helps in answering such questions:
- Message headers can be spoofed easily.
- If you don't see the recipient's address in message headers, chances are it's a b.c.c.
- SenderID is one way to protect yourself against spoofing. Enable SenderID Filtering, publish SPF record for your domain(s).
http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
- Look at message headers and determine the source IP address(es) where these messages are originating from. Add them to Connection Filtering -> Global Deny list. Enable Connection FIltering on SMTP VS.
- Consider using RBLs.
- If not already using Content Filter (or Intelligent Message Filter in Exchange Server 2003), consider using that as well.
- Enable Recipient Filtering on SMTP VS. In Message Delivery -> properties | Recipient Filtering | check "Filter recipients who are no in the Directory". This drops a large amount of spam.
- If using Recipient Filtering, it's recommended to enable SMTP tarpit as well. It is enabled by default on Exchange Server 2007 Receive Connectors:
Enabled by default: SMTP Tarpit in Exchange Server 2007
http://exchangepedia.com/blog/2007/01/enabled-by-default-smtp-tarpit-in.html
SMTP tar pit feature for Microsoft Windows Server 2003
http://support.microsoft.com/kb/842851
- You can also add SMTP addresses/domains that you receive a lot of spam from to Sender Filtering (Message Delivery -> properties) and enable Sender Filtering on SMTP VS. This is not very effective of efficient, but helps at times.
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
NEW blog location:
exchangepedia.com/blog
----------------------------
"Seanie" <Seanie@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:27D29485-1F6C-48A2-9F98-4A00E0078574@xxxxxxxxxxxxxxxx
Hi all
Recently I am receiving spam emails from http://www.royaleurogaming.com
Our service provider uses Microsoft exchange server for email accounts. I
only have 2 accounts. eg. info@xxxxxxxxxxxxxx and reader@xxxxxxxxxxxxxx
(these are examples)
The spammers send emails to people@xxxxxxxxxxxxxx or anyname@xxxxxxxxxxxxxx
How is it possible that info@xxxxxxxxxxxxxx receives in its mail box emails
addressed to reader@xxxxxxxxxxxxxx
Everyday now I am receiving spam from these guys, yesterday from
http://www.blindscasino.com, the day before from
http://www.classmatescasino.com
Today I received in my mail box (info@xxxxxxxxxxxxxx) an email who was
addressed to mom@xxxxxxxxxxxxxx
How is this possible.
Any ideas.
.
- Prev by Date: Re: Configuring Mobile Services and RoadSync
- Next by Date: Re: Missing Self-Addressed SMTP Email
- Previous by thread: Re: certificate issues with Outlook 2007/Exchange 2003
- Next by thread: Re: New Spam Question
- Index(es):
Relevant Pages
|
