It's automated. By "known", I mean that it is a list of email addresses that outbound emails have been sent to. The spam filters see and log this info for later comparisons.
There is initial push-back when you turn a feature like this on, since no one is known. But this typically rectifies itself pretty quickly. Depending on your antispam solution, there are various methods for prepopulating this information prior to activation. If your domain is a spam target, it can be advantageous. Some products can keep permanent lists as well as time-expired lists. -- Espi On Fri, Oct 6, 2017 at 7:10 AM, Rimmel, Carl <[email protected]> wrote: > Wow… so how do you manage your known sender list? > > > > *From:* [email protected] [mailto:listsadmin@lists. > myitforum.com] *On Behalf Of *Micheal Espinola Jr > *Sent:* Thursday, October 05, 2017 12:40 PM > *To:* [email protected] > *Subject:* Re: [Exchange] PDF Spam > > > > I typically do not allow any attachments from unknown senders, and/or I > use a greylisting mechanism to counter it. > > > -- > Espi > > > > > > On Thu, Oct 5, 2017 at 7:55 AM, Rimmel, Carl <[email protected]> wrote: > > We have been seeing an uptick in SPAM containing PDF attachments. The > PDFs are composed of a full-page image that, when moused-over, points to a > malicious web site. We have tried to use Transport Rules to block these > based on the moused-over URL but Exchange seems unable to properly detect > these embedded URLs. We are able to use Transport Rules to block PDFs with > plain text so we know that the server is inspecting them properly. > > > > Any ideas on how to battle these pesky messages? > > > ------------------------------ > > > CONFIDENTIALITY NOTICE: This email contains information from the sender > that may be CONFIDENTIAL, LEGALLY PRIVILEGED, PROPRIETARY or otherwise > protected from disclosure. This email is intended for use only by the > person or entity to whom it is addressed. If you are not the intended > recipient, any use, disclosure, copying, distribution, printing, or any > action taken in reliance on the contents of this email, is strictly > prohibited. If you received this email in error, please contact the sending > party by reply email, delete the email from your computer system and shred > any paper copies. > > Note to Patients: There are a number of risks you should consider before > using e-mail to communicate with us. See our Privacy & Security page on > www.henryford.com for more detailed information as well as information > concerning MyChart, our new patient portal. If you do not believe that our > policy gives you the privacy and security protection you need, do not send > e-mail or Internet communications to us. > > >
