Zdroje informací pro profesionály v oboru IT >
Domovská stránka fór
>
Antigen
>
Spam to non-users on our domain
Spam to non-users on our domain
- Hello,
I've had to reinstall Antigen because it just kept having problems. Before I had set it up so that people who aren't in our organization were dropped and wouldn't show in the Quarantine list. So, people like "_upro_cruz@domain.com" - who aren't a user, won't show in the Quarantine list.
Before, when we had a support contract and was helped setting this up, I was told that if someone sent us an email to multiple users, like "mike@domain.com" and "joe@domain.com" an one was spelled wrong that both would get rejected and wouldn't show on the list. I understand this potential problem and am willing to accept it again. I just really HATE spending a couple hours deleting spam from the list of users that aren't even ours - just to get to our users and look through those.
Thanks,
-Mike
Všechny reakce
- Hi Mike,
Antigen doesn't have any feature to differentiate between users for the Quarantine. The Quarantine is enabled per feature (anti-virus, anti-spam, each filter) and does not take user names into account. Can you remember how you were previously told to set this up? If I knew that, I may be able to clarify why it isn't working (and if it'll ever work).
Kind Regards,
Andy Day
CSS Security, Sr. Support Engineer (Antigen/Forefront Server Security) - Thank you for the reply Andy.
The function did work, but maybe I didn't describe it well enough. We started using this product when Sybari owned it and a few years ago, there was some nasty spam going around that would pull embedded images of Viagra and such, so filtering this was difficult. I spent many days with telephone support with filters trying to get src=cid pictures from coming through and his name is Lloyd Glen Jr.
This man helped me make some setting changes for this question and I don't totally remember how it was done, but somehow a lookup was done against the exchange users. This is what I don't remember, if exchange took the email first and discarded the emails not for it and then passed it to Antigen, or if Antigen could work with AD or Exchange and reject those emails that weren't in the enterprise. His warning was that if someone was emailing multiple people in our organization and misspelled one person, the whole email campain would be rejected. We deal with the same people, so they have all of us in an address book and there would be a slim chance Antigen would reject something because of that. We ran that way for over a year, and when it stopped working, our telephone support contract ran out. Now it is getting so out of control that we need to fix it to the way it was because I'm spending too much time wading through non-users.
My current setup is Windows 2003 SP2, Exchange 2003 SP2 and Antigen v9.1.1097 SP1.
ASM until 2011
Antigen until 2011
Antigen Mode: VSAPI
