Re: SMTP Woes

From: Jack Peacock (peacock_at_simconv.com)
Date: 03/14/05 

Date: Mon, 14 Mar 2005 15:19:11 -0800

"MR" <comconix@newsgroup.nospam> wrote in message
news:uSOQjHMKFHA.656@TK2MSFTNGP14.phx.gbl...
> i thought that i could have all my mail routed to my ISP and give them the
> list of valid email addresses in my company (only about 15) and then using
> a POP3 connector, pull the filtered messages into my server.
You might want to look at the Exchange Intelligent Message Filter first, as
a replacement for the ISA message filter (MS says don't use both). It
functions as a front end filter for incoming email. You can also include
spammer blacklists in Exchange 2003 (I use Spamhaus). I manually block
certain domains in ISA and Exchange if I know for certain no one in the
company receives mail from legitimate sources there.

One often neglected area is to take a look at who is hitting your DNS
server. Gather some statistics from the ISA firewall about the heaviest DNS
requesters. Block a few of the unrecognizable ones at the top of the usage
list and see what happens. Is there any reason a single requester would
send 10's or 100's of requests a day to your DNS server? Look for DNS zone
transfer requests too, chances are they aren't legit if they don't come from
your ISP's DNS servers (and make sure your external DNS blocks zone transfer
to anyone except your ISP).

Do you have any valid reason to assume your ISP can do a better job at
filtering spam than you can? Ask yourself why they let it through in the
first place, if they have better tools to catch it. And how will your ISP
know the difference between your legit senders and spammers? I for one
would not care to have the mailman filter my snail mail before delivering it
to my house.
  Jack Pea***

Loading