Announcement

Collapse
No announcement yet.

SPAM Email

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • SPAM Email

    Currently the Exchange domain im looking after is processing daily in the region of 50-60% of SPAM email. This is being dealt with by a "Borderware" email filtering appliance upstream from Exchange. Out of interest what are acceptable figures amongst guys here as to SPAM percentages as it is my opinion that 50-60% daily is simply too much. Our resident Security officer believes otherwise. Note we have around 6000 mailbox enabled users. Im only looking for rough figures in the ball park or opinions on this matter as opposed to a solution. As it is my belief on delving a bit deeper that this SPAM problem is the reason for the Conficker outbreak on the LAN as i can see a number of emails with malicious payloads along with malformed headers that im sure are the reason for the virus along with a poor patch management policy thats quite reactive.. hey ho...

  • #2
    Re: SPAM Email

    As spam is out of your control, why worry as long as your border device is catching it

    For comparison, I have seen 90% of emails coming in to one site being blocked (or not) as spam, others are lower

    A lot depends on your domain name (com is a better target than biz, for example) and how well advertised it is
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: SPAM Email

      I too have seen 90% spam on some domains. It's outwith your control as it happens external to your network. Yes, some user behaviour may exacerbate the problem E.g using their corporate email addresses on sites that they shouldn't but there's little else you can do.

      The site I saw this at was running Sophos PureMessage, and was so laden down by spam that internal email was taking 10+ minutes to deliver. We had to install an email appliance much like you have to ease the server load.

      Keep your anti-spam and AV definitions up to date and try and educate your management on the benefits of good patch management, there's really little else you can do.
      BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
      sigpic
      Cruachan's Blog

      Comment


      • #4
        Re: SPAM Email

        Originally posted by Ossian View Post
        As spam is out of your control, why worry as long as your border device is catching it

        For comparison, I have seen 90% of emails coming in to one site being blocked (or not) as spam, others are lower

        A lot depends on your domain name (com is a better target than biz, for example) and how well advertised it is
        Agreed there are a number of issues present here but the majority are down to poor process procedure as well as Exchange/ email hygiene. The appliance upstream though is poorly configured and not dealing with UCE mail correctly. That though is academic in terms of its configuration. I was more looking at percentages in the ball park namely because the so called "Security Analyst" is an idiot

        Comment


        • #5
          Re: SPAM Email

          Can you explain what you mean by "processing 50-60%"
          Is it
          a) 50% of incoming email getting blocked as spam
          b) 50% of email that gets through is actually spam

          I would also be very careful about what you call work colleagues in a public forum -- things have been known to come back and haunt people
          Tom Jones
          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
          PhD, MSc, FIAP, MIITT
          IT Trainer / Consultant
          Ossian Ltd
          Scotland

          ** Remember to give credit where credit is due and leave reputation points where appropriate **

          Comment


          • #6
            Re: SPAM Email

            I wish ours was 50-60% of inbound email was spam.

            Our device is currently registering 90% of inbound messages as spam/viruses and yet we still have messages come through to our users.

            At the moment we have 2 devices installed before mail gets to our mail server so ours is thouroughly checked and scanned.

            If as you say that you are seeing 50-60% of email coming into your org that is spam then i would seriously look at getting these messages forwarded to you from users and reporting them to the security analyst.

            Unfortunately regardless of the device you will NEVER be able to stop all spam completely unless you disconnect from the internet.

            Comment


            • #7
              Re: SPAM Email

              This product I understand is very good. http://www.petri.com/spam_marshall.htm
              1 1 was a racehorse.
              2 2 was 1 2.
              1 1 1 1 race 1 day,
              2 2 1 1 2

              Comment

              Working...
              X