Re: Mitigating Spam - Particular Scenario
Question asked by Hemen Shah - 11/1/2015 at 4:08 AM
I am using SM 14.x and Antispam is running fine with all support from Bruce's Antispam document,
Now i had particular scenario where customer's particular email id might have been infected or their outlook due to which there was bulk mail relay from their email id, we did identify the issue based on SM alerts of X Mails in Y mins but now our MX IP got listed in 2-3 black lists.
Now how can i avoid such scenario, i have installed Declude Hijack but somehow it seems didnt stopped it, 
so how can i avoid such scenario in future, we keep educating customer about cleaning their system but this is bound to happen when customer is novice.

1 Reply

Reply to Thread
Bruce Barnes Replied
EDITED FOR FORMATTING:  Using  the Opera  browser, on an Android device, does not bode well with this portal -- loosing linefeeds.

The latest revision of the spam document has additional information on outbound trigger notifications. If you are not already on 14.3, then it's an absolute MUST UPGRADE, but after the next minor, tentatively schedule for this coming week.
We've been running a SPECIAL BUILD which corrects SOF and DMARC errors which were caused by an SPF query anomaly that the SmarterMail techs appear to have resolved very nicely, and I believe that will be included in the next minor release.
You must also make certain Greylisting is enabled, and that nether Greylisting or spam settings can be overridden by users - and that means limiting admins, because they can override whether you want them to or not! TURN OFF VOUNCE NOTIFICATIONS. They will only get you blocked as a spammer. Neither you, nor your users need them.
Contact a tech to help you configure those set, and then lock them down. Finally, make certain you have properly setup DMARC and FEEDBACK LOOPS with the 14 major ISPs who require them.
They need to be setup for EVERY DOMAIN YOU HOST, and it's a tedious process which will more than pay for the time you spend doing the FBL setup in not being repeatedly blocked.
Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting

Reply to Thread