How to prevent or detect email spamming that comming from multiple valid smtp host ?

[14 byte] By [708683] at [2007-11-25 7:07:40]

«« Maillist in iMS 5.1
»» When will iMS 5.2 be released?

# 1

As already mentioned, this is a very broad question, but I may have an answer that can address it... broadly.

The main problem with handling spam is that you have to know something is spam and the parameters with which to identify it as such. Only then can you create and apply appropriate filtering to handle them.

A package I've actually had fun with recently is <a href="http://razor.sourceforge.net/">Vipul's Razor</a>. It is best described as 'distributed spam cataloguing'. That is, once a number of administrators at various sites have submitted and identified a piece of mail as spam, an SHA Digest of that exact message is generated and catalogued. If the exact same message comes into your server, Razor will identify it and handle it as you wish.

I was skeptical at first, but after running it on my personal mail server for two weeks, I did not lose a single legitimate piece of mail. However, a little over 70% of all the spam was identified and eradicated. I went from almost 50 spam messages per day to my pesonal email account to 15 messages. Not perfect, but reasonable considering I didn't lose even one piece of legitimate email (which was my real concern all along).

Unlike other distributed spam systems that we are all familiar with, this solution targets individual email messages -- not entire accounts, domains or address blocks. In some solutions, as great as they are, entire hosts can be blocked off and if you are running the spam blocking package, anyone emailing your users from that host will have their message bounced or deleted before it ever reaches their intended user. This can be a problem if the user is a legitimate sender who just happens to share an ISP or IP with someone else who has had a habit of spamming. And it can occasionally tick your users off when they find out.

There may be other solutions out there that I'm not aware of, but this is a cheap (free) solution worth playing with.

708684 at 2007-6-29 17:38:00 >

top of Java-index,E-Mail, Calendar, & Collaboration,Sun Java System Messaging Server...

# 2

That question is too broad to be answered correctly. Is there a more specific scenario you're expirencing that perhaps we could help with?

But, in general you can combat spamming by many meansin this server. First and easiest would be to employ the mappings file to block all mail coming from a specific user or users. Just use the FROM_ACCESS mapping.

Also, look into employing some of the channel keywords like 'dnsfromverify'.

And, there are always the Sieve filters.

The question you pose is the dillemma of every mail administrator. Determining a way to combat it largely depends on the type of attack you're expirencing.

However, if you are being spammed by 'valid' (hard to define this on the internet) SMTP hosts, the first step in my book would be to contact the domain administrator for that domain and notify them that you are being spammed by their users.

709463 at 2007-6-29 17:38:00 >

E-Mail, Calendar, & Collaboration

Sun Java System Messaging Server

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

How to prevent or detect email spamming that comming from multiple valid smtp host ?

E-Mail, Calendar, & Collaboration New Topic

E-Mail, Calendar, & Collaboration Hot Topic

E-Mail, Calendar, & Collaboration

All Classified