Saturday, March 31, 2007



I have seen more often these days, people asking about how to stop spammers, or make Exchange a little bit stronger for defending itself for this endless spam war. Receiving blank messages or spam makes a business valuable time and resources waste, and top of that we have to deal with angry managers and unhappy users. I have decided to put some notes together for those who need some guides in order to achieve my goal of making Exchange a little bit more secure and strong.

Goals and Objectives
1. Use antivirus and spam software with your exchange, I am little bias and like Trend Micro in this matter, Trend is doing great job, if you are corporate than you may want to implement hardware solution, Iron port, Barracuda, end etc. 2. Use IMF Microsoft Intelligent Message Filter, it is FREE (-: 3. Enable Sender filtering (follow reading this article I will illustrate this) 4. Enable Filter messages with blank senders 5. Enable Drop connection if address matches filter 6. Add your own domain (whole domain into Block list) I know this will sound weird (- : This wont cause any mail interruption, even though it sounds like it, basically it will stop someone is spoofing a valid address from your company and sending message back inside your Authoritative SMTP domain and making it look like it came from inside
Make sure you do not have application within your network; this might break some of the applications which are relaying exchange to send inbound or outbound e-mails 7. Enable Recipient filtering 8. Enable Filter recipients who are not in the Directory 9. Add regularly spammers either Whole domain (@smapmer.com) or single e-mail address (smapmer@spam.com) into block list 10. Enable SMTP Tar pitting Ben Winzenz explains A Collection of Random Thoughts http://winzenz.blogspot.com/2005/12/enabling-smtp-tarpitting-in-windows.html Microsoft SMTP tar pit feature for Microsoft Windows Server 2003 http://support.microsoft.com/?id=842851 Of course Henrik Walter with simple plain style, one of my favorite http://www.msexchange.org/tutorials/Windows-based-SMTP-Tar-Pitting-Explained.html
We are almost done. A good exchange administrator should check to make sure Spam software is getting updated; file signature is up to date. You don’t want to wake up when your boss come to office and telling at you, what is going on I am getting a lot of spams. Prepare a good documentation of your own environment; make sure your e-mails Queues are not growing up fast.
Best Regards
Oz Ozugurlu

No comments: