Spam annoyance (corporate)
Discussion
Over the last month or so our spam has increased a fair amount (spam getting through, I mean).
It tends to be more the older employees (as in been here longer) so I'm hoping that points to it being external, rather than someone internal having a trojan, as their addresses will have been in the wild for longer. I've had a look at two of the most "afflicted" recipients' machines and can't find anything dodgy. However, most of the spam is appearing to come from the recipient's email address, which is what got me thinking trojan in the first place. Any thoughts on that?
We're currently using Sophos for our AV, with PureMessage bolt on for spam blocking, but it seems to be losing the battle.
Anyone got any recommendations for SME size solutions, products, suggestions that can be deployed alongside SBS 2003 + XP? I'd prefer server level, simply for ease of deployment, or if it does have to be desktop level, something with an MSI so I can roll it out via GPO.
Cheers
It tends to be more the older employees (as in been here longer) so I'm hoping that points to it being external, rather than someone internal having a trojan, as their addresses will have been in the wild for longer. I've had a look at two of the most "afflicted" recipients' machines and can't find anything dodgy. However, most of the spam is appearing to come from the recipient's email address, which is what got me thinking trojan in the first place. Any thoughts on that?
We're currently using Sophos for our AV, with PureMessage bolt on for spam blocking, but it seems to be losing the battle.
Anyone got any recommendations for SME size solutions, products, suggestions that can be deployed alongside SBS 2003 + XP? I'd prefer server level, simply for ease of deployment, or if it does have to be desktop level, something with an MSI so I can roll it out via GPO.
Cheers
http://www.messagelabs.co.uk/
I just set this up for a client and it is working exteemly well for him. He used to have GFI but it never seemed to work for him.
I just set this up for a client and it is working exteemly well for him. He used to have GFI but it never seemed to work for him.
Allanv said:
http://www.messagelabs.co.uk/
I just set this up for a client and it is working exteemly well for him. He used to have GFI but it never seemed to work for him.
Yup, Messagelabs is used on 30 of our sites and works a treat. Mention Delta Comtech Ltd when you order and we get a few beer tokens.I just set this up for a client and it is working exteemly well for him. He used to have GFI but it never seemed to work for him.
spandexx said:
Allanv said:
http://www.messagelabs.co.uk/
I just set this up for a client and it is working exteemly well for him. He used to have GFI but it never seemed to work for him.
Yup, Messagelabs is used on 30 of our sites and works a treat. Mention Delta Comtech Ltd when you order and we get a few beer tokens.I just set this up for a client and it is working exteemly well for him. He used to have GFI but it never seemed to work for him.
The spam is made to appear to come from the recipent because it gets around some stupid and misconfigured spam filters by tricking them into thinking it is internal mail.
Copy and paste the headers into here to see the path it has taken: http://www.levinecentral.com/mail_parse/default.as...
If you fancy going it alone and not using a hosted solution, then have a look at MailScanner: http://www.mailscanner.info/ You really need to know Linux and SMTP servers to make it work though, but once it is up and running, it works very well.
Copy and paste the headers into here to see the path it has taken: http://www.levinecentral.com/mail_parse/default.as...
If you fancy going it alone and not using a hosted solution, then have a look at MailScanner: http://www.mailscanner.info/ You really need to know Linux and SMTP servers to make it work though, but once it is up and running, it works very well.
http://www.cloudmark.com/en/home.html
I use the home version, which is a peer-to-peer type affair (it communicates back to Cloudmark which emails you block/unblock on a trust system). I believe the corporate system uses the same database. Hit rate is very good, a I rarely have to manually block spam, and false hits are almost never a problem.
I use the home version, which is a peer-to-peer type affair (it communicates back to Cloudmark which emails you block/unblock on a trust system). I believe the corporate system uses the same database. Hit rate is very good, a I rarely have to manually block spam, and false hits are almost never a problem.
Allanv said:
He used to have GFI but it never seemed to work for him.
I know where you're coming from. I bit the bullet and paid for someone familiar with it to configure it properly for us - well worth it. It traps pretty much everything with very few false positives - if it considers anything suspect it delivers it to our Junk E-mail folders but they are few and far between.The downside is it's another app to run on a server and the email does get downloaded before checking - I assume the online services mentioned do all the checking before it gets that far?
Once the license expires maybe I'll have a look at one of the online alternatives...
I'd recommend the SonicWALL email security appliance range - it gives you fantastic control and is extremely effective.
Disclaimer: We are a SonicWALL reseller.
We could probably route you through our own filtering solution too - we have two layers of anti-virus and anti-spam before our email server (which hosts many domains and accounts for our clients) and it's brilliantly effective.
Disclaimer: We are a SonicWALL reseller.
We could probably route you through our own filtering solution too - we have two layers of anti-virus and anti-spam before our email server (which hosts many domains and accounts for our clients) and it's brilliantly effective.
Cloudmark.
The accuracy rate is frightening quite frankly, we've used it for about 9 months and I dread to think how much crap would be in peoples inboxes without it.
It's behind an smtp gateway which is home-brew running Postfix and MailScanner which refuses an unholy amount of mail as well.
The accuracy rate is frightening quite frankly, we've used it for about 9 months and I dread to think how much crap would be in peoples inboxes without it.
It's behind an smtp gateway which is home-brew running Postfix and MailScanner which refuses an unholy amount of mail as well.
LordGrover said:
Allanv said:
He used to have GFI but it never seemed to work for him.
I know where you're coming from. I bit the bullet and paid for someone familiar with it to configure it properly for us - well worth it. It traps pretty much everything with very few false positives - if it considers anything suspect it delivers it to our Junk E-mail folders but they are few and far between.The downside is it's another app to run on a server and the email does get downloaded before checking - I assume the online services mentioned do all the checking before it gets that far?
Once the license expires maybe I'll have a look at one of the online alternatives...
I have used it in SME's to 10 unit offices to corporate big names and it just works, but saying that GFI is the top of the list for installed software in spam control.
I work for a large US conglomerate and we have had the same. We use Google as out mail scrubber - They state that it's one of the biggest bot net attacks they have seen. They said they check each mail for 2000 known traits and this mails from this latest spam attack negotiates them all. They have written some filters for us and it seems to have worked.
www.spamstore.co.uk seem pretty good. we've been using them for about a month now.
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff