On the last forum, there was a chain that discussed SPAM and someone had a software solution that worked really well for them...
Ring a bell?
Edited By Leisher on 1087326006
Spam
I use SpamPal.
It's free, and has been about 99% affective. Last week I had a couple days where four spam messages got through, but it's usually between 0-2.
You install it, then change a couple Outlook Express settings. (Basically, change the SMTP to 127.0.0.1 and the login name to <original name>@<original SMTP setting>
It's free, and has been about 99% affective. Last week I had a couple days where four spam messages got through, but it's usually between 0-2.
You install it, then change a couple Outlook Express settings. (Basically, change the SMTP to 127.0.0.1 and the login name to <original name>@<original SMTP setting>
SpamPal looks at the incomming email, and adds **SPAM!** to the begining of the message subject. I added a rule to Outlook Express to automatically put all messages with "**SPAM!**" into the Deleted Items folder. (Tools, Message Rules, Mail...)
This way, if I want, I can go through the messages to see if anything was misidentified. After the first few months I stopped bothering to check, because the only thing it ate accidently was a newsletter I was too lazy to terminate myself.
I'm not sure about add-ins. Every once in awhile it suggests some updates.
This way, if I want, I can go through the messages to see if anything was misidentified. After the first few months I stopped bothering to check, because the only thing it ate accidently was a newsletter I was too lazy to terminate myself.
I'm not sure about add-ins. Every once in awhile it suggests some updates.
This is a question for you IT folks: What Spam filtering program are you using and how do you have it configured?
I'm using Trend IMSS on a mail gateway and ScanMail on the mail server itself. I'm not blocking any specific addresses and I haven't altered the default filters too much since installation. The only things I have done are change notification email, set automatic updates, removed a few words from the profanity filter (our company lawyer's name is Dick), and changed the default action on all the filters.
That has worked fine for us for two years with only a few incidents where I had to go in and find a message that was mistakenly marked as spam.
Recently though, it seems like spammers are using a new (or old) tactic to slip spam through. They're writing their spam message in multicolored, wobbly letters (like you see in the security code when you sign up for certain sites or contests), then they're inserting the message as a picture into .pdf files. Apparently, spam filters don't scan pictures within attachments and those are flowing right through.
Has anyone else seen this tactic? If so, did you stop it and how? So far, I'm only seeing a few of those get through, but I'd like to halt it now before every spammer on the planet is doing it.
I really don't want to start blocking email addys if I can avoid it. It's too much overhead.
I'm using Trend IMSS on a mail gateway and ScanMail on the mail server itself. I'm not blocking any specific addresses and I haven't altered the default filters too much since installation. The only things I have done are change notification email, set automatic updates, removed a few words from the profanity filter (our company lawyer's name is Dick), and changed the default action on all the filters.
That has worked fine for us for two years with only a few incidents where I had to go in and find a message that was mistakenly marked as spam.
Recently though, it seems like spammers are using a new (or old) tactic to slip spam through. They're writing their spam message in multicolored, wobbly letters (like you see in the security code when you sign up for certain sites or contests), then they're inserting the message as a picture into .pdf files. Apparently, spam filters don't scan pictures within attachments and those are flowing right through.
Has anyone else seen this tactic? If so, did you stop it and how? So far, I'm only seeing a few of those get through, but I'd like to halt it now before every spammer on the planet is doing it.
I really don't want to start blocking email addys if I can avoid it. It's too much overhead.
“Every record been destroyed or falsified, books rewritten, pictures repainted, statues, street building renamed, every date altered. The process is continuing day by day. History stops. Nothing exists except endless present in which the Party is right.”
I've started getting those lately too in personal email. I've not heard of anyone getting those at our corporate site, but I have no idea what corporate filtering we do (other than it's extremely aggressive). I'll see if I can find out.
For the newco, we're thinking of going with Barracuda's appliance coupled with Symantec antivirus/antispam on the Exchange server.
For the newco, we're thinking of going with Barracuda's appliance coupled with Symantec antivirus/antispam on the Exchange server.
It's not me, it's someone else.
-
DoctorChaos
- Posts: 1579
- Joined: Fri Oct 08, 2004 7:58 pm
Leisher wrote:(our company lawyer's name is Dick)
Must resist lawyer joke.....
Seriously, some companies take the no attachments or html in the email body. That way you can't mistakenly launch a trojan or a virus. It'll also prevent the image or pdf trick. Although it will be a pain in the ass to go through all that crap on the mail server to free up 'real' email. You'll also have to train your users to send forwards as inline text rather than an attachment.
Ugh, training users...
Wadda mean? Other people can read this?!
Blocking attachments is out of the question. I don't think any company can justify doing that. You'd have to hire a full time person or team depending on the size of your company just to handle all the calls from users asking where their documents went.
Doing some research today I did learn why everyone got nailed with this .pdf spam last week. Over 5 billion emails containing that thing were sent out. The purpose? The boost the price on the stock they were advertising so they could sell when it got higher.
And here's why I fucking hate people: The damn stock went up 20%.
Fucking idiots.
Doing some research today I did learn why everyone got nailed with this .pdf spam last week. Over 5 billion emails containing that thing were sent out. The purpose? The boost the price on the stock they were advertising so they could sell when it got higher.
And here's why I fucking hate people: The damn stock went up 20%.
Fucking idiots.
“Every record been destroyed or falsified, books rewritten, pictures repainted, statues, street building renamed, every date altered. The process is continuing day by day. History stops. Nothing exists except endless present in which the Party is right.”
I don't know what we use here, but I do know that a couple weeks ago we added a greylist policy.
Basically, any new email address that sends a message to our server gets greylisted. Their message is refused for 20 minutes. After 20 minutes if that email address resends the message, then it's accepted and all further messages from that address are allowed through right away. If the message is not resent, then it assumes that the message was from a spammer.
I don't remember seeing *any* spam in my company account since they started doing that.
It works pretty much unseen from people who use web-based email, but people in Outlook Express get a "greylist" message their first time, and the message sits in their outbox for a bit.
Basically, any new email address that sends a message to our server gets greylisted. Their message is refused for 20 minutes. After 20 minutes if that email address resends the message, then it's accepted and all further messages from that address are allowed through right away. If the message is not resent, then it assumes that the message was from a spammer.
I don't remember seeing *any* spam in my company account since they started doing that.
It works pretty much unseen from people who use web-based email, but people in Outlook Express get a "greylist" message their first time, and the message sits in their outbox for a bit.
So all a spammer needs to do is write a very simple "greylist" rule to redo those spams that get the greylist bounceback message.Paul wrote:It works pretty much unseen from people who use web-based email, but people in Outlook Express get a "greylist" message their first time, and the message sits in their outbox for a bit.
And then add that email to the "known good addresses" list.
"Be bold, and mighty forces will come to your aid."
So all a spammer needs to do is write a very simple "greylist" rule to redo those spams that get the greylist bounceback message.
And then add that email to the "known good addresses" list.
Exactly.
I was telling a user today that even blocking them becomes pointless. They get messages saying they've been blocked meaning your email is active. That just made it more valuable. They simply start emailing me from all 8000 of their other accounts and I'm getting mail from all the people they sold my email address.
Ditto for blocking domains, IPs, blah, blah, blah.
There is no permanent solution or everyone would have it and spammers would be out of business.
Hell, the price of some bogus stock wouldn't have jumped 20% in a week.
“Every record been destroyed or falsified, books rewritten, pictures repainted, statues, street building renamed, every date altered. The process is continuing day by day. History stops. Nothing exists except endless present in which the Party is right.”
GORDON wrote:So all a spammer needs to do is write a very simple "greylist" rule to redo those spams that get the greylist bounceback message.
Yeah. But they have to get around to it.
So far nada.
Oh yeah, it does does the typical spamblocking stuff as well. We just turned on the greylisting thing a little while ago. But since then things have been great.
Edited By Paul on 1183753689
sender ID?
Nope.
Yeah. But they have to get around to it.
So far nada.
Oh yeah, it does does the typical spamblocking stuff as well. We just turned on the greylisting thing a little while ago. But since then things have been great.
Like you said, it's new and they haven't gotten around to it. They will.
If there's one thing I have faith in, it's the dedication some people have to avoid getting a real job.
Edited By Leisher on 1183754020
“Every record been destroyed or falsified, books rewritten, pictures repainted, statues, street building renamed, every date altered. The process is continuing day by day. History stops. Nothing exists except endless present in which the Party is right.”
Merge
I normally do not advocate jail time for non-violent offenders. I am sorely tempted to reverse that philosophy.
Edited By Malcolm on 1440524056
I normally do not advocate jail time for non-violent offenders. I am sorely tempted to reverse that philosophy.
Wallace, 47, of Las Vegas pleaded guilty on Monday to charges of fraud and criminal contempt, admitting that he compromised the Facebook accounts of about 500,000 users and used them to send more than 27 million spam messages through the company's servers in 2008 and 2009, according to Bloomberg. Wallace also admitted that he violated a court order to not access the social network.
...
He's facing up to three years in prison and a $250,000 fine.
...
The case dates back to 2009 when Facebook sued Wallace and two other spammers for phishing and spamming schemes that compromised many accounts. The social network obtained a restraining order in February 2009 and a $711 million judgment in October
Edited By Malcolm on 1440524056
Diogenes of Sinope: "It is not that I am mad, it is only that my head is different from yours."
Arnold Judas Rimmer, BSC, SSC: "Better dead than smeg."
Arnold Judas Rimmer, BSC, SSC: "Better dead than smeg."
Convicted spammers should be required to go apologize in person to each individual they sent a spam email to and each person can either charge them $1 per piece of spam or punch the spammer in the nose. Recipient's choice.
Yes, that's a life sentence.
Yes, that's a life sentence.
"ATTENTION: Customers browsing porn must hold magazines with both hands at all times!"