Sign in
 
HomeOnline20132010Other VersionsLibraryForumsGalleryEHLO Blog
TechCenter >
Spam control from inside

Answered Spam control from inside

  • Tuesday, October 18, 2011 4:38 PM
     
     
    Sign In to Vote
    0
    We are using MS Exchange 2007. We have a large userbase. Users have download privileges for research purposes. We have problems with spam propagating from inside our network, either because of misconduct or mistaken download events. I want to use the mail queue to single out any email address from inside our network propagating large amounts of email over a given time period...ex: john doe's computer is sending out 50 emails every night at 10 oclock. I would like Exchange to alert me when this happens. I can then use the alert to write a script to temporarily suspend his email account thereby decreasing the amount of spam propagated from our network.... Now the question...Is there a way to configure Exchange to send the alert in real time if a particular email address sends bulk emails to the queue? If so, please answer and let me know your suggestions.... also, I am relatively new at the server configuration process so if I ask a dumb question I apologize in advance
     

All Replies

  • Tuesday, October 18, 2011 7:07 PM
     
     
    Sign In to Vote
    0
    1. What you can try is to import the messgage tracking logs in Excel and then create report or filter and see where the spam may be coming from (which users).
    2. Not sure if you have AV on your clients PC and if they block port 25.
    3. Run regular scans on your client PC's.
    Sukh
     
  • Thursday, October 20, 2011 7:27 AM
     
     Answered
    Sign In to Vote
    0

    Hi,

    Exchange do not have that feature. Do you have anti-spam application installed together with Exchange?

    I think that may help you to end up spam messages inside the network.

     

    Xiu

     

     
  • Monday, October 24, 2011 1:36 PM
     
     
    Sign In to Vote
    0
    Our concern is not incoming spam....we have a spam blocker which blocks outside spam coming in....our problem is inexperienced users getting phished and falling for it. We were trying to find a solution through IT means that would help to block the messages from inside the network bieng sent out.
    • Edited by QDOGG111 Monday, October 24, 2011 1:36 PM
    •  
     
  • Monday, October 24, 2011 1:39 PM
     
     
    Sign In to Vote
    0

    It can be difficult but educate users

    Phishing websites? Dont they get picked up by your web proxy?

    Sukh
     
  • Monday, October 24, 2011 2:15 PM
     
     
    Sign In to Vote
    0

    Yes.. but users also have access to their email resources from home and their home computers sometimes use outside web proxies...the problem with that is we cannot control what they do from home. Often times emails are downloaded to the system from home opening the system to attack. This does not happen often enough to put us on the blacklist of major spam blockers but it does happen enough to annoy the IT Dept staff, and put us on the block list for anyone using Trend-Micro's spam-blocking service. Also, it seems to be happening during ours when our office is closed. We think that this problem is occuring because maybe information was compromised at some earlier time and is bieng activated somehow ( sort of how doom was done). Please let me know your views


    • Edited by QDOGG111 Monday, October 24, 2011 2:16 PM
    •  
     
  • Monday, October 24, 2011 9:59 PM
     
     
    Sign In to Vote
    0
    On Mon, 24 Oct 2011 14:15:28 +0000, QDOGG111 wrote:
     
    >Yes.. but users also have access to their email resources from home and their home computers sometimes use outside web proxies...the problem with that is we cannot control what they do from home. Often times emails are downloaded to the system from home opening the system to attack. This does not happen often enough to put us on the blacklist of major spam blockers but it does happen enough to annoy the IT Dept staff, and put us on the block list for anyone using Trend-Micro's spam-blocking service. Also, it seems to be happening during ours when our office is closed. We think that this problem is occuring because maybe information was compromised at some earlier time and is bieng activated somehow ( sort of how doom was done). Please let me know your views
     
    Run your outbound e-mail through your spam filter. Don't allow
    outbounf connections on port 25 to anywhere except your spam filter.
     
    If you can't control the use of your domain name through published SPF
    data, you don't manage outbound e-mail from your Exchange server, and
    you don't prevent unmanaged outbound connections you're doomed.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     
    --- Rich Matheisen MCSE+I, Exchange MVP
     
  • Monday, October 24, 2011 10:30 PM
     
     
    Sign In to Vote
    0

    Educate users?

    Those who are causing this.

     

    Sukh
     
  • Tuesday, October 25, 2011 1:50 PM
     
     Answered
    Sign In to Vote
    0
    Thanks guys...we'll try routing through the spam filter
     
  • Wednesday, November 02, 2011 3:01 AM
     
     
    Sign In to Vote
    0

    You can introduce

    http://technet.microsoft.com/en-us/library/bb726973.aspx

     

    http://technet.microsoft.com/en-us/network/bb545879

     

    Where Technology Meets Talent