|
|
|
|
|
|
|
|
|
|
|
|
|
|
FIGHT BACK AGAINST SPAM
A quick tip that'll block bajillions of unsolicited messages
By David Gewirtz
Ahhhh! What a great week. My junk mail load has dropped so much that I've regained almost an hour a day. And all it took was one little configuration change to our mail server (and reading a manual).
Up until this week, I got thousands upon thousands of email messages a day. My running average was more than 7,000 messages a day. If an hour went by and I didn't hit Send/Receive, I'd get 300 or so new messages.
What bugged the crap out of me was that we had three layers of spam defense already. All our mail is routed through Prominic's Postini service. Postini (just bought by Google) is a service that filters your email, removing spam, and sending on the good messages to your server.
"My junk mail load has dropped so much that I've regained almost an hour a day."
|
Next up, we had tarpitting and a second layer of SpamAssassin spam filtering on the mail server. Third, I use SpamBayes within Outlook to grab the remaining thousands of messages a day.
Skipping Postini
I'd honestly been quite disapppointed in Postini. I couldn't understand how it couldn't tell that certain messages were junk, in particular those for male enhancement drugs and those clearly not in English. How could they make it past Postini? Turns out, Postini wasn't missing those messages. The messages never went through Postini at all.
To use Postini, you change your MX records (the Mail Exchange records) to point first at the Postini servers. When a mail server sends a message, it looks at the MX record to know which IP address to send the message to. When you lookup mail.zatz.com, for example, our MX records return the IP addresses for Postini's servers.
As a result, the sending mail server is supposed to send the email message to Postini's servers, Postini runs its filters, and then those messages deemed not spam are forwarded to our own mail server. Technically, the only mail our mail server is supposed to get is that sent to it by Postini's servers.
But instead of looking at our MX records, all those spammers simply found where zatz.com was located and sent mail directly to our mail server, completely bypassing Postini's filtering. The net result was 30 to 60 minutes a day of me filtering through my Questionable box and dealing with 7,000+ new messages. And I wasn't alone. All the ZATZ users had the same problem.
Fixing the problem
One day last week, I finally noticed something interesting. Most of the spam messages didn't have Postini's headers. Generally, when a message passes through Postini, it embeds headers in the message, something like this:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
-- Advertisement --
ONLINE GROUP CALENDAR - FOR UP TO 100 OF YOUR CLOSEST FRIENDS
Stay organized and in control with 24/7 access to all of your important events, projects and files --whether you're at work, at home or on the road.
You can share your calendar, projects and files so everyone in your office is up to date. Plus, search your entire group to find times when everyone is available to meet, manage company resources and much more.
Organize your entire team for as low as $9.95 per year (and yes, that's where the decimal place is supposed to be!)
Tap here to get started right away. |
-- Advertisement --
BECOME CONFIDENT AND PRODUCTIVE WITH OUTLOOK 2007 IN SIX WEEKS
You can become a confident, productive user of Outlook 2007 in six weeks.
The Introduction to Outlook 2007 online course makes it happen in just twelve short lessons. The course features an instructor-led online discussion forum, regular assignments and quizzes, printable class notes, and a certificate of completion.
Learn more, then register today, at http://www.ed2go.com/courses/io7. |
|
|
|
|
|
The Power Magazine for Microsoft Outlook and Exchange Users at OutlookPower.com
Copyright © 1998-2009, ZATZ Publishing. All rights reserved worldwide.
Outlook is a trademark of Microsoft Corporation.
|
|
|
|
|
|
|
