• United States

A starting point for blocking spam

Apr 14, 20032 mins
Enterprise ApplicationsMalwareMicrosoft Exchange

Nutter helps an e-mail admin improve his spam blocking abilities

I am the e-mail administrator for a college Exchange server. We are starting to get more complaints about spam/porn e-mail. We are using Exchange 2000, and the options with it seem to be limited. What are my options for blocking spam?

– Via the Internet

I can think of  five options for blocking spam on your server:

  • Block by sender.
  • Block by domain
  • Block based on content
  • Block based on being from a known spammer/open relay.
  • Reverse DNS.

Options 1 and 2 are done at the Exchange server. Option 1 is an option, but one I strongly suggest due to the administrative overhead associated with keeping up with this. Also, when you upgrade to the next version of Exchange or a different mail server, it will require you to completely re-enter the list.  The same goes for Option 2, although you will only be working with domain names with this.

Option 3 will require a third-party product such as GFI Mail Essentials or NAI’s Webshield SMTP. Depending on how you choose to implement this, you may want to consider putting this type of product on a separate box to let it handle the processing there.

Option 4, blocking e-mail based on being from a known spammer or open relay, will take some tweaking of whatever package you choose. GFI Mail Essentials has this feature also. ORFilter, a free download for Exchange 2000 only, can provide just the Blacklist lookup function.

Option 5, using reverse DNS to verify the identity of the mail server, can be done with a third-party program call ORF Enterprise. This can also perform black list lookups and allows reverse DNS to be implemented as well. You may find that to get the level of spam rejection you want, it may be necessary to use more than one of the packages I mentioned to provide a failsafe option and minimize spam sneaking through.