mrmaxx Posted October 26, 2006 Share Posted October 26, 2006 I'd like some feedback on what companies (besides CESMail/SpamCop, of course <G>) do a good job of filtering spam/viruses, etc from email? I'm making a proposal to my bosses that we should go with a spam filtering service (I *really* like SpamCop email service, but I have to give 'em options.) I've researched several, including FastPC.Net (never heard of 'em, but they're cheap); Postini ($3/user per month); MailFoundry (they do email hosting??) Just to give 'em perspective, I mentioned an "email appliance" for filtering, but if we do that, I'm gonna recommend that we use a spare PC and install linux. :-) I personally would prefer to have some third party do the filtering for us, so we don't have to accept the spam, just to trash it afterwards. So, anyone got any comments/questions/suggestions? As I said, I *like* and *recommend* SpamCop/CESMail, but there are cheaper services out there, and ISTR hearing good things about MailFoundry. Link to comment Share on other sites More sharing options...
Telarin Posted October 26, 2006 Share Posted October 26, 2006 Well, if you have your own mail server, then you can use whatever blocklists you find most effective and reject email during SMTP before accepting the DATA portion of the transaction. Personally, I use the following: bl.spamcop.net sbl-xbl.spamhaus.org dnsbl.sorbs.net ko.tqmcube.com (Korea regional blocklist, but not always online) prc.tqmcube.com (China regional blocklist, but not always online) ng.ascc.dnsbl.bit.nl (Nigeria regional blocklist) ru.ascc.dnsbl.bit.nl (Russia) br.ascc.dnsbl.bit.nl (Brazil) tw.ascc.dnsbl.bit.nl (Taiwan) If the sending server is not on any of these blocklists, Exchange allows the DATA portion of the message to come through. It then runs the message through IMF (Intelligent Message Filtering) which does some combination of Bayesian (sp?) filtering and will reject the message if it gets a high enough score. If the score is in the "might be spam" range, then it is dropped into the Junk E-Mail folder in Outlook for the recipient, otherwise it is delivered to the inbox. My users average about 1-2 spams per day, of those 99% go to the Junk E-mail. It is rare for one to end up in the inbox. Link to comment Share on other sites More sharing options...
mrmaxx Posted October 26, 2006 Author Share Posted October 26, 2006 Well, if you have your own mail server, then you can use whatever blocklists you find most effective and reject email during SMTP before accepting the DATA portion of the transaction. Duh! Why didn't I think of that! :-) I'll have to read up on how to do that in Exchange 2003. :-) Thanks for pointing that out! Now all I have to do is get 'em to spring for an antivirus MAIL scanner... We've currently got Symantec 9.0 Corporate/Small Business edition, but that doesn't scan the email.... Link to comment Share on other sites More sharing options...
StevenUnderwood Posted October 26, 2006 Share Posted October 26, 2006 Duh! Why didn't I think of that! :-) I'll have to read up on how to do that in Exchange 2003. :-) Thanks for pointing that out! Now all I have to do is get 'em to spring for an antivirus MAIL scanner... We've currently got Symantec 9.0 Corporate/Small Business edition, but that doesn't scan the email.... We actually use Postini in front of our Exchange 2003 server and are extremely pleased. The vendor who came in to help with the implementation was originally pushing using DNSBL's directly on the server until they saw how effective Postini was for us (almost 6100 messages/78.4% of all messages quarantined yesterday). When we started with them, they saved us their annual fee with the reduction of bandwidth used over our T1. We currently have a fixed price fiber connection so that calculation is no longer figured. We also run Microsoft's Antigen for Exchange on the server which did catch some of the early versions of a recent virus outbreak before Postii caught up (less than an hour later). Link to comment Share on other sites More sharing options...
Farelf Posted February 16, 2008 Share Posted February 16, 2008 ... We also run Microsoft's Antigen for Exchange on the server which did catch some of the early versions of a recent virus outbreak before Postii caught up (less than an hour later).Just noting I have had a very positive report on Antigen. It is perhaps mostly known for filtering out virus and other security threats, but noting the M$ scope Help Protect Your Messaging and Collaboration Servers from Viruses, Worms, spam, and Inappropriate Content and my correspondent's crediting it with catching the 95% of their messages which are spam, this sounds like it meets a real need in spam control and monitoring as well. Which is a greater role than that for which it may have been considered capable. One slightly negative comment was that it is resource-hungry (more accurately, the processes used take time), some implementations may need to (f'rinstance) cut back on the number of AV engines used. One situation - ISP who filters, user accounts can have (inwards) filtering turned on or turned off and if turned on there is no way to review the caught messages (ISPs invariably just drop them). Such is the case with iinet.net.au. If a user is going to turn off the ISP's filtering, so to regain control of inwards mail, then the user had best have their own filtering ready to take on that task - or that user is going to drown. Thanks Mike Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.