Category Archives: Anti-Spam

Antispam education, Software and How to.

Corporate Antispam Solutions

Linux Mail Servers or other SMTP servers

Hexamail Guard
Kaspersky Anti-Spam Enterprise Edition
Declude MailProtector
Ruckus MailFILTER
Vorras Classifier
GWAVA for Novell GroupWise
Trend Micro

Exchange

MailSite MP Email Gateway Software
Symantec Premium AntiSpam
Hexamail Guard
MailFender for Exchange Server
iQ.Suite
Pro Exchange Spam Smacker
XWall
modusGate™ MS Exchange Anti-Spam Gateway
GWAVA for Microsoft Exchange
Trend Micro

Windows

BCware NoSpam
Pinjo
DynaComm i:mail
MAILsweeper Business Suite
SpamBolt
Surf Control
AlliGate
Spam Sleuth Enterprise
NetIQ MailMarshal
Visnetic MailScan
Omniquad Mailwall
Lightspeed Total Traffic Control
SMTPTrap
Philter
Fluffy the SMTPGuardDog
Catch!
IDRSMTPProxy
Spam Manager Professional
MailMax
eTrust Secure Content Manager
Leon
mxORB
GWGuardian
Rockliffe MailSite MP
ADVmserve

Gateway (Appliance or Installable Software)

Astaro Security Gateway
Alligate (Windows)
IMGate (FreeBSD 7)
Symantec Brightmail Gateway
iQ.Suite (Windows \ ISA)
Axway MailGate (Linux)
XWall
Active SMTP
ModusGate Antispam Appliance
MXtreme
Cloudmark Authority
SpamTitan
MailFoundry
iForce Mail Firewall
Barracuda Networks
Roaring Penguin CanIt Appliance
SpamKiller 3000 series Appliances
Watchguard Spamscreen
Arska Mailwall
Bizanga

Domino

M-Switch Anti-Spam
Symantec Premium AntiSpam (Exchange and Domino)
SpamSentinel
MIMEShield    

Service (Third party Hosted MX) – Subscription Based

SpamSentinel
MailSite MP Email Gateway Software
Declude MailProtector
Postini (Now a Google service)
Mxpolice
SPAMfighter
MXGuarddog
CudaMail
Remote Anti Spam
GFI MAX MailProtection

Email address Spoofing – Someone is Using My address to Send Spam

Someone is Using Your Address to Send SPAM

You just got a bounce-back email saying that your email didn’t reach the destination because the recipient doesn’t exist. Nothing unusual, this is something that happens to anybody who is using email regularly; except you didn’t send that email. How could this happen? If you are an email server administrator and many of your users get this kind of bounce-back they all start to complain at once, thinking that your server has been hijacked. What can you do to stop this, and how to reassure your users that you haven’t been hijacked?

Sender Address Forgery known as email address spoofing is not a new technique. It is used for many things from spamming organizations to sending viruses and supporting scamming schemes where the sender fakes his identity.

Effective ways to stop Spammers to Use Your Domain Name

Publish SPF Data
SPF (Sender Policy Framework) is a method that allows you to publish which mail servers are authorized to send email for your domain. SPF uses a DNS record that tells email servers which servers are the servers that are trusted sources of email for the specific domain and how much to trust other sources of email originating from that domain. Destination servers might have the SPF checking implemented or not. Many of the today’s servers are SPF checking enabled.
Destination servers check this record and act in consequence. Anti-spam software on servers receiving emails, score an email based on SPF record and other criteria and accept or reject the email based on the total score. For instance if the SPF record tells that any emails originating from non authorized servers should not be trusted the email gets the necessary points to be treated as SPAM and it gets rejected. If the SPF record treats the non authorized servers neutral the message could pass or could be rejected if other it contains other SPAM characteristics.
Do not publish any email addresses on Web pages. This is the most common place for spammers to get valid email addresses and use them to forge email messages

If your company runs its own mail server configure it to ignore email sent to non-existent addresses in your domain. If your server sends a non-delivery report you reveal to a spammer valid addresses in your domain (the ones that don’t send NDRs). This attracts spam to those addresses. You waste bandwidth. The most common reason to send NDR’s for non-existent addresses is to let people know that they misspelled the address. Miss-addressed email can get lost easier.

If your domain gets blacklisted because of spoofing you have to contact the list which blacklisted you and show the Administrator what you did to correct the problem. This is very unlikely since the sender usually spoofs only the email sender and not the server’s address. A blacklist Admin should be able to figure out this.