Re: Mitigating Spam - Particular Scenario
Question asked by Hemen Shah - November 1, 2015 at 4:08 AM
Unanswered
Hi,
 
I am using SM 14.x and Antispam is running fine with all support from Bruce's Antispam document,
 
Now i had particular scenario where customer's particular email id might have been infected or their outlook due to which there was bulk mail relay from their email id, we did identify the issue based on SM alerts of X Mails in Y mins but now our MX IP got listed in 2-3 black lists.
 
Now how can i avoid such scenario, i have installed Declude Hijack but somehow it seems didnt stopped it, 
so how can i avoid such scenario in future, we keep educating customer about cleaning their system but this is bound to happen when customer is novice.
 
Thanks

1 Reply

Reply to Thread
0
EDITED FOR FORMATTING:  Using  the Opera  browser, on an Android device, does not bode well with this portal -- loosing linefeeds.

The latest revision of the spam document has additional information on outbound trigger notifications. If you are not already on 14.3, then it's an absolute MUST UPGRADE, but after the next minor, tentatively schedule for this coming week.
 
We've been running a SPECIAL BUILD which corrects SOF and DMARC errors which were caused by an SPF query anomaly that the SmarterMail techs appear to have resolved very nicely, and I believe that will be included in the next minor release.
 
You must also make certain Greylisting is enabled, and that nether Greylisting or spam settings can be overridden by users - and that means limiting admins, because they can override whether you want them to or not! TURN OFF VOUNCE NOTIFICATIONS. They will only get you blocked as a spammer. Neither you, nor your users need them.
 
Contact a tech to help you configure those set, and then lock them down. Finally, make certain you have properly setup DMARC and FEEDBACK LOOPS with the 14 major ISPs who require them.
 
They need to be setup for EVERY DOMAIN YOU HOST, and it's a tedious process which will more than pay for the time you spend doing the FBL setup in not being repeatedly blocked.
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting

Reply to Thread