Date: Fri, 23 Apr 2004 10:32:34 -0500
From: "Scott Heath " <[EMAIL PROTECTED]>
Subject: [IMail Forum] spam filtering what to do with the suspected spam?
Reply-To: [EMAIL PROTECTED]
OK, I've got a small question, I know what I'd like to do, but I want to know what you all do as mail admins.
We run a ASSP > NAVG > imail setup, my suggestion. I plan on getting rid of NAVG for declude anti-virus in the near future so thats not an issue.
Currently the former admin is catching all suspected spam, and refusing it, never even makes it to NAVG, while I do partly agree with this, it's an all or nothing approach, with the possibility of losing business due to false positives.
ASSP has a setting that lets you copy all suspected spam to an email address, I've done this on other networks and it works fine, if theres a false positive, I go find it, put it in that person's account and life goes on, once a week it gets purged.
Does anyone else do anything different?
Thanks! Scott ----------------------------------------------------------------------
Scott, Here's what I do:
All suspected spam (usually 99.98% of it is real spam, thank you ASSP!) goes to an iMail mailbox called "spamcatcher". I run the following batch file every day in the wee morning hours through the Windows (NT/2k/XP) Scheduler. It keeps the spamcatcher mailbox smaller, and deletes saved spam after 5 days or so. You can see how this can be extended to many more days by adding main5.*, main6.* etc. to the batch file.
It's a good idea, I've read, to cycle the ASSP service every day, and this happens here as well. This is now working fine for me on 4 mail of my clients' mail servers.
**** begin cycle_smtp.bat ****
@ECHO. @ECHO ... cycle_smtp.bat - stops and restarts ASSP and smtp services ... @ECHO ... also renames spamcatcher mailboxes, gets rid of oldest file ... @ECHO.
@REM change to spamcatcher user folder c: CD \imail\users\spamca~1
@REM delete oldest file - rename remaining files DEL main4.* REN main3.* main4.* REN main2.* main3.* REN main1.* main2.*
@REM stopping services NET STOP "anti-spam smtp proxy" NET STOP "imail queue manager service" NET STOP "imail smtp server"
@REM rename main mailbox @REM when new mail arrives, new main mailbox files will be re-created REN main.* main1.*
@REM restart services NET START "imail smtp server" NET START "imail queue manager service" NET START "anti-spam smtp proxy"
EXIT
**** end cycle_smtp.bat ****
BTW, some people with anti-virus programs to sell for iMail don't want me to tell you this, but the standard Symantec Anti-Virus Corporate Edition client (or their server Anti-Virus "client") works fine to kill viruses on the iMail server because ** every incoming email gets converted to a file ** by iMail. The client just has to be set to scan ALL files, and to clean, (and if clean fails) then quarantine infected files.
BTW #2: As a protective measure against outside mail addressed to your spam mailbox, you can set an incoming rule for user "spamcatcher" to delete all mail addressed TO spamcatcher. This is because ASSP "forwards" mail to that mailbox; it arrives addressed TO the original recipient (ok, maybe I mean "victim").
-Paul
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
