I am getting ready to set up SPAM filtering on our 8.12 I mail server any suggestions on lists to use etc?
Chris,
I have posted our settings quite a few times but here you go. We are very happy with these settings and the use of the DNS tests that we have settled on have been one of the biggest saviors to blocking spam.
------------------------------
Connection Filtering
DNS Black list
spamhaus sbl-xbl.spamhaus.org
SpamCop bl.spamcop.net
List list.dsbl.org
ahbl dnsbl.ahbl.org
njabl dnsbl.njabl.org
Blitzedall opm.blitzed.org
ORDB relays.ordb.org
DSBLMulti multihop.dsbl.orgenable Verify MAIL FROM address Delete after 2 matches Prefix subject with: [SPAM-C] ------------------------------- Content Filtering
Use: Current Host Forward to address I have a "spam" account setup Prefix subject with: [SPAM-S]
Advanced settings are 30%, 90% and 15
Phase Filtering Use: Current Host Scan: Subject and body Normalize Words Forward to address I have a "spam" account setup Prefix subject with: [SPAM-P] ------------------------------- Content Filtering (HTML)
Use: Current Host enable Invalid Tag enable Script Tag enable Deceptive URL enable Deceptive Text Email is spam if 2 features are detected Forward to address I have a "spam" account setup Prefix subject with: [SPAM-H]
URL Domain Black List
Use: Current Host
Forward to address I have a "spam" account setup
Prefix subject with: [SPAM-URL]
------------------------------
I maintain a list of domains that I remove from the URL Blacklist that IMail supplies and I quickly remove those names from their list. I have a folder on the server that I upload the updated anti-spam tables, url blacklist, whitelist, etc... to and then I run a batch file on the server that copies those items the individual domains under the imail folder. I then stop/start SMTP and the Queue Manager to have the updates activated. I have the task to check imail for updates and to then update our server automatically appear on my tasklist every two weeks and will then check Ipswitch everyday until the task is cleared for when they post updates.
--------------------------------
If a message trips the filters I have the info manager for the account that spam gets forwarded to reply with the following message:
--------------------------------
Automated response - Quarantined Email:
Your message to: "Recipient Name" regarding: "Subject of the bounced message"
did not reach the recipient on our server due to content our system considers to be SPAM. If your message was valid, please:
1. Forward THIS message to [EMAIL PROTECTED] (note, not your original message)
2. CHANGE the Subject Line of this message to: "PLEASE VERIFY".
We will then examine and place your message in a queue to be forwarded to the intended recipient. Allow time for the review, generally within 24-hours. Requested mail will be reviewed, ALL OTHERS WILL BE DELETED WITHIN 48 HOURS. We will also confirm your message with the recipient.
Click on the link below if you would like to know how and why your message may have been quarantined.
http://www.summitinternetservices.com/tests.htm
System Administrator
[EMAIL PROTECTED]
Summit Internet Services
------------------------------------
The address that mails gets forwarded to that trips the inbound rule has the info manager message that gets bounced back
-------------------------------------
Automated response: Possible Virus/Worm Content
Your message to: "Recipient Name" regarding: "Subject of the bounced message"
Did not reach the intended recipient this is most likely due to executable content in the message.
If this is not the case we recommend that you compress your executable program with an application like WinZIP (http://www.winzip.com) and then resend your file in ZIP format. You may also forward THIS email to [EMAIL PROTECTED] and we can check our filters to see if we can forward your message for you.
Click on the link below if you would like to know how and why your message may have been quarantined.
http://www.summitinternetservices.com/tests.htm
System Administrator
[EMAIL PROTECTED]
Summit Internet Services
--------------------------------------
I got the DNS Blacklist that I am using after some input from two other guys on the imail listserv and Scott at Declude. You can get the full list of DNS Blacklist here:
http://www.declude.com/Junkmail/support/ip4r.htm
Hope these settings that I use will help cut down on the amount of spam your users are getting.
---------------------------------------
Also, instead of using the URL-Blacklist supplied by Ipswitch (LOTS and LOTS of False Positives) use William's list that he kindly makes available to the rest of us.
http://www.vantekcommunications.com/spam/
Hope these settings work as well for you as they do for us. Let me know how it goes.
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
