We have had tremendous success with IMGATE. Its freely available here:
http://imgate.meiway.com/
Just subscribe to the IMGATE list. Although it says its for imail it works just as
well with exchange or any other MTA. It does require the use of a Unix and a "server"
but its quite easy to setup and maintain.
Our server: (nothin special)
900 celeron
128 meg ram
mirrored ide drives
My stats from yesterday:
Grand Totals
------------
messages
14715 received <--- Emails received by spam filter
3341 delivered <--- Emails delivered to exchange
2 forwarded
1 deferred (9 deferrals)
123 bounced
12664 rejected (79%) <--- spam rejected
0 reject warnings
0 held
0 discarded (0%)
you will notice it doesent quite add up to 100% but thats because this server also
filters outgoing mail as well as incomming. Cant have the bosses getting infected and
with virii and send out those nasty attachments. We currently dont have an AV solution
but so far in 18 months no one behind the filter has been infected with a mail virus.
A couple things the filter can detect:
1. Can check for forged addresses like mail servers claiming to be yahoo.com or
hotmail.com it checks to make sure they are who they say they are
2. Can check if the person sending the email is a valid/active account. Like if [EMAIL
PROTECTED] doesent exist on blah.com's mail server then it can reject mail from that
users.
3. Can check Sending MTA's ip aganist RBL and RHSBL.
4. Can preform regular expressions aganist the helo, headers and body of the message.
Some benefits besides spam filtering:
1. Its unix so you know its stable.
2. It hold's mail for your exchange server in the event it is down. (works really good
if you have 2 of these they back up each other)
3. Because its rejecting email instead of content filtering it saves you bandwidth.
4. The logging functionality makes it extemely useful when trying to diagnose mail
problems especially with other servers.
5. You can firewall all access to your exchange sever from the internet except for
this box thus hiding your exchange server from the outside world. (if you wanted
Outlook Web Access you would have to open port 80)
-----Original Message-----
From: Fyodorov, Andrey [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 07, 2003 8:34 AM
To: Exchange Discussions
Subject: how does everyone fight this spam?
Hi all. We are receiving a lot of these bogus messages every day - "bug
notice", "failure message", "report", "error advice", "bug
announcement", etc. Some of them have a fake Microsoft address in the
from line. They seem to be generated by a virus. Our antivirus programs
(SurfControl and NAVEX) catch and kill the virus, but the messages still
get through. They don't seem to have any consistent subject or From
address...
It seems that other organizations should be affected too, I am just
wondering how others are dealing with these messages.
Thanks!
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Web Interface:
http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Web Interface:
http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
