Increased Spam Passing through since 8.51 Enterprise update

Discussion forum for Enterprise Edition.
Post Reply
Ruffs
Posts: 25
Joined: Sun Jan 14, 2007 4:21 pm

Increased Spam Passing through since 8.51 Enterprise update

Post by Ruffs » Mon Jul 07, 2014 5:42 pm

Hi All,


Was just wondering if anyone else had noticed an increase in spam slipping through in recent weeks since the 8.51 update was applied to any of your servers?

Have noticed a lot more coming through, and it's seemingly to do with including the receiving email addresses domain being included with an =<domainname> before the @ symbol.

For example:

MAIL+FROM:<KidsLiveSafe-scott=mydomain.com@swmdco.com>

This would allow any email through where the email being sent to the recipient was, in appearance, containing the sending email address still.

Any other people noticed this issue?


Kind regards,


S :)

rfwilliams777
Posts: 1321
Joined: Thu Nov 11, 2004 5:26 pm
Location: Kingsville, Texas

Re: Increased Spam Passing through since 8.51 Enterprise upd

Post by rfwilliams777 » Fri Jul 11, 2014 3:37 am

Nope, but I am using MXScan to do the majority of the filtering.
Robert Williams, Owner
www.WWSHosting.net
#1 in MailEnable Business-Class Email Hosting - Switch to Williams Web Solutions and get your first 2 months FREE!
We can be hired to help you with your Mail Enable server, too!

Ruffs
Posts: 25
Joined: Sun Jan 14, 2007 4:21 pm

Re: Increased Spam Passing through since 8.51 Enterprise upd

Post by Ruffs » Fri Jul 11, 2014 7:19 am

Thank you Robert, but this has literally only started since the 8.51 update was applied. Prior to that we weren't receiving these levels of spam sneaking through.

The primary reason I brought it up, or wanted to bring it to attention here, was that I'm concerned that it is somehow taking advantage of a possible fault in ME's current acceptance checking, perhaps the validation of the MAIL FROM command is simply doing a Contains check in the string for the domain name and the users mailbox to validate against the recipient, and if the MAIL FROM contains the recipients primary information (domain and mailbox) then it's letting it through without the usual spam checks.

All the emails getting through seem to be using the same technique, of adding the users email address but with an = instead of an @ in the mailbox side of the stated MAIL FROM, but as the domain side matches the server from which the message is coming from, it seems to be passing the PTR back check tests as well.

I'm not sure if there is a means to submit possible technical/security issues to the team for review?

rfwilliams777
Posts: 1321
Joined: Thu Nov 11, 2004 5:26 pm
Location: Kingsville, Texas

Re: Increased Spam Passing through since 8.51 Enterprise upd

Post by rfwilliams777 » Fri Jul 11, 2014 6:39 pm

I would recommend sending to them; however, my point of mentioning MXScan is the fact I don't rely on ME being my frontline spam filter. It serves secondary after all the filtering MXScan does because ME's filtering is not great if you host various companies and/or accounts that have been out there for years.
Robert Williams, Owner
www.WWSHosting.net
#1 in MailEnable Business-Class Email Hosting - Switch to Williams Web Solutions and get your first 2 months FREE!
We can be hired to help you with your Mail Enable server, too!

MarkM
Posts: 20
Joined: Mon Apr 28, 2014 4:18 pm
Location: Pittsburgh, PA, U.S.A.

Re: Increased Spam Passing through since 8.51 Enterprise upd

Post by MarkM » Tue Jul 29, 2014 4:22 pm

I agree with rfwilliams777. We are using MXScan and when we switched to b8.51 we monitored the spam for several days. No real noticeable increase in SPAM at all. The fact that ME was not filtering out enough even with SpamAssissan configured lead up to start using MXScan. Well worth the investment and not that hard to configure once you understand what is is trying to do.

Mark M.

Ehenzel1978
Posts: 98
Joined: Mon Dec 31, 2012 4:48 pm
Location: Leland, NC 28451

Re: Increased Spam Passing through since 8.51 Enterprise upd

Post by Ehenzel1978 » Tue Jul 29, 2014 4:48 pm

I also noticed a major uptick in the levels of spam coming through with the 8.51 upgrade. That's when I went to MXscan. Since installing and tweaking it, our spam levels are lower than ever. Although, it took about 3 weeks to get it tweaked right. I had major problems with the country blacklist overriding everything else. We have factories in China, and MXscan did not like seeing email from them. We even have a few people over there that are on our email domain, and even those were getting rejected. Once it all got sorted out though, it has been great.
Eric Henzel
IT Department
Leather Italia USA

Ruffs
Posts: 25
Joined: Sun Jan 14, 2007 4:21 pm

Re: Increased Spam Passing through since 8.51 Enterprise upd

Post by Ruffs » Tue Jul 29, 2014 5:32 pm

Well, glad to hear I wasn't the only one that noticed the increase.

Thank you for the suggestions folks, may have to look at additional options.

Post Reply