Outgoing Spam Protection
Question asked by Ron Raley - 3/9/2024 at 3:50 PM
Every now and then, a user device gets a virus and causes havoc via SMTP as an internal spammer.

We have IDS alerts, throttling, etc.

Problem is, we have very little protection for these attacks. MessageSniffer and Cyren produces too many false positives for outgoing spam checks.

What are you doin?

3 Replies

Reply to Thread
Ron Raley Replied
On this subject, it would be awesome to have a template to email to the domain administrators. Letting them know we have disabled a user account and what to do in order to alleviate the threat and enable the user again.
Douglas Foster Replied
What types of infections are you seeing?  I would hope that URIBL filtering and attachment type restrictions would catch most outbreaks.
Matthew Titley Replied
I had similar problems with using Cyren for outbound scanning. I've since switched to Message Sniffer but haven't attempted to re-enable outbound scanning. I'd love to do it though.

Reply to Thread