General discussion

Locked

Restricting Email to Fight Spam

By R. A. Caluste ·
Ok, here's a typical scenario:
a) Employee at remote bldg connecting to network via vpn over a wireless broadband connection (translation: slow connection) tries to check email. Employee finds out he has 100+ new messages, 95% of which is spam. Boss follows-up important email to employee, which employee is painfully waiting to download.
b) Employee receives 100 new messages (95% of which is spam), opens an email attachment from someone he knows, and unwillingly unleashes an annoying worm in the network (W32/Dumaru).

I don't have an email spam filter. I have ISA Server 2000 and Exchange Server 2000.

I am thinking of cutting everyone off (except managers) from sending and receiving email messages to and from the Internet,ie restricting email to internal use only. I will be creating delegated email addresses for official use of departments (ex marketing@emailaddress.com) that can communicate outside.

I am expecting violent reactions to this move. However, my question is, is there a better alternative other than spend for a good email spam filter?

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by VinnyD In reply to Restricting Email to Figh ...

The easiest way to fix this is to change the employee's e-mail address.

This would be a good solution if this employee is the only one getting so much spam.

Yes it is a pain to have the employee contact all those people who know the e-mail address but it is also time to review who actually has his e-mail address (only give it out to business contacts).

To combat the virus and worms you should have effective antivirus software installed on the client computers and if your exchange server is receiving the mail you need antivirus protection there as well.

Your antivirus protection should have prevented the employee from unleashing the w32/dumaru worm into your network!

Collapse -

by R. A. Caluste In reply to

Poster rated this answer.

Collapse -

by TechieRob In reply to Restricting Email to Figh ...

Ok before I dive head first into ISA configuration work, I must know one thing:
Are Employee email addresses managed by your Exchange server?? Like mine, for agument sake is rstewart@laneford.com.au. Our Exchange server handles all @laneford.com.au accounts. If they are set up with this setting, we have a leg to stand on.
Personally, I love ISA. Within it are "Application filters", one of which is "SMTP filter". If your ISA server is on the external interface (i.e. between the users and the net) we can configure ISA to filter all incoming emails. There are 3 main areas I am concerned with: Attachments, Keywords and Domains

Collapse -

by TechieRob In reply to

Attachment filtering is exactly as it sounds. It filters attachments.
What I have put in place is a block of all exxecutable type attachments including (not limited to)
.exe .zip .pif .scr .bat .ace .reg .vbs
and so on and so forth. This kills 99% of mass mailers which add attachments :)

Keyword filtering is more for spam. Like attachments you can add names to the list. Things like "Hot" "Sex" "Porn" "Microsoft"
you might want to add to the list......

Ok, maybe not microsoft

Lastly, if you are getting bombarded by one particular domain, hit them with the Domain filter option :) Exactly the same as the above to, just add the domains a vioala!

Collapse -

by TechieRob In reply to

Attachment filtering is exactly as it sounds. It filters attachments.
What I have put in place is a block of all exxecutable type attachments including (not limited to)
.exe .zip .pif .scr .bat .ace .reg .vbs
and so on and so forth. This kills 99% of mass mailers which add attachments :)

Keyword filtering is more for spam. Like attachments you can add names to the list. Things like "Hot" "Sex" "Porn" "Microsoft"
you might want to add to the list......

Ok, maybe not microsoft

Lastly, if you are getting bombarded by one particular domain, hit them with the Domain filter option :) Exactly the same as the above to, just add the domains a vioala!

Collapse -

by TechieRob In reply to

Excuse the double post :S
The last thing to obviously check is that after you configure the setings, to actually have the service running. The SMTP filter is disabled by default, but you can easily enable it via the first tab on the properties page. For future reference, check www.isaserver.org for tutorials on basically everything and anything :)

Collapse -

by R. A. Caluste In reply to

Thank you for your answer.

Collapse -

by R. A. Caluste In reply to Restricting Email to Figh ...

This question was closed by the author

Back to Software Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums