Re: Am I an Emule Server?
- From: "Brian Cryer" <brianc@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 5 Oct 2007 09:50:56 +0100
"Gregg Hill" <bogus@xxxxxxxxxxx> wrote in message
news:u5LPP$qBIHA.4160@xxxxxxxxxxxxxxxxxxxxxxx
Brian
So I guess NDR behavior can be done differently for different forms of
filtering. I have Recipient Filtering turned on (and SMTP tarpitting set
to 35 per a friend's call to MS support to prevent harvesting). I just
sent a test message from my Yahoo account to a non-existent user at my
domain, and the NDR I got back was from Yahoo's mail server as expected.
Cool.
I also use connection filtering with zen.spamhaus.org and this custom
error message "Your mail server IP address %0 is listed as a spam site by
the RBL provider %2. Please call your intended recipient and give them
this exact error message." and the return status codes from spamhaus.org
(I don't understand what those do).
This is a great idea. We used a custom block list for a while based on an
analysis of where our spam came from. What we did find was that some of the
sending servers were gateway servers that were also being used by some of
our genuine customers. So do look into whether you can unblock some IPs if
you find you need to.
I have Sender Filtering turned on with six entries so far (recommended
during my friend's MS support call). The support tech said that would cut
out a lot of spam.
Since I anticipate you asking, here is the list. I added the .ru block.
*@*.ru
@hinet.net
@hinet.net.tw
@mail2000.com.tw
@yahoo.com.jp
@yahoo.com.sg
I do not deal with anyone who sends from one of those domains, so it works
for me.
Good idea. Not something I use ... but now that you've given me the idea I
will investigate the possibilities for us.
I have an SPF record for my domain, and I have SenderID turned on and set
to reject. That way, if the claimed sending domain has an SPF and it
fails, it is likely a spoof, and if it is not, then the sender still gets
an NDR generated by his/her own server. Correct?
I'm aware of SPF records but (to my shame) am quite ignorant. Its something
I need to come up to speed on.
I have the IMF set at 8 and 8 so that anything flagged gets archived. I
use 8 and 8 so that anything that gets through goes to Trend Micro CSMS
for SMB's "End User Quarantine" and not the Junk E-mail folder. I do not
like the IMF set any lower, as I get false positives too often.
I have downloaded but not installed the trial for Vamsoft ORF.
That's what I do to combat the rat bastiges!
There was a phrase in a comic I used to read as a child ... nuke em till
they glow.
Looks like you've doing a better job on spam than I am. Well done, keep it
up.
--
Brian Cryer
www.cryer.co.uk/brian
.
- Follow-Ups:
- Re: Am I an Emule Server?
- From: Gregg Hill
- Re: Am I an Emule Server?
- References:
- Re: Am I an Emule Server?
- From: Ebbe Kristensen
- Re: Am I an Emule Server?
- From: Lanwench [MVP - Exchange]
- Re: Am I an Emule Server?
- From: Neil Hoskins
- Re: Am I an Emule Server?
- From: Gregg Hill
- Re: Am I an Emule Server?
- From: Brian Cryer
- Re: Am I an Emule Server?
- From: Gregg Hill
- Re: Am I an Emule Server?
- Prev by Date: Re: Fax Console of Server not seen on some XP nodes
- Next by Date: RE: Server Status Report not working
- Previous by thread: Re: Am I an Emule Server?
- Next by thread: Re: Am I an Emule Server?
- Index(es):
Relevant Pages
|
Loading
