SUMMARY

Recommendations for detecting and reducing the volume of spam received by MailEnable.

MailEnable provides an extensive array of spam blocking, and content filtering features that can be enabled to reduce the volume of received unsolicited e-mail or spam.

The following actions should be considered:

• Do not have a catch-all set for domains. Spammers will make up email addresses for the domains hosted and try to send to them.
• Enable the setting 'Reject mail if sender address is from an invalid domain' . This is in the SMTP connector Security properties. This will stop the mail server from accepting email from people who have put an invalid domain as their From address.
• Enable the option for requiring that those sending mail to the server have a DNS PTR record defined for the IP address of their mail server. This setting is configured under the properties of the SMTP connector in the MailEnable Administration Program. Not having a PTR record usually indicates that the sender is on a dial-up/cable/ADSL connection. 
• Enable the option to require that anyone sending from a locally hosted e-mail address needs to authenticate. This prevents spammers from using your local envelope sender to send spam to other users on your server. This setting is configured under the properties of the SMTP connector in the MailEnable Administration Program and is called address spoofing prevention.
• Configure the SMTP connector to use one or two RDNS blacklist providers; since this will prevent you receiving spam from known spammer IP addresses. Spamhaus Zen and Barracuda blacklist are recommended. Be aware that you must register with Barracuda to use their blacklist. When using a blacklist, make sure you are using your own DNS IP address in your SMTP options. If you use an external DNS such as 8.8.8.8 from Google then reverse DNS blacklisting will not work. 
• Enable the URL blacklisting option, since it will scan messages for URLs that are known to be spam links. Spamhaus Zen blacklist is appropriate for this.
• (Professional/Enterprise) Enable Sender Policy Framework validation. This setting is configured under the properties of the SMTP Connector in the administration program.
• (Professional/Enterprise) Enable greylisting under the SMTP settings in the administration program. This will reduce spam by delaying new messages briefly, since spammers will generally not retry a delayed address.
• (Professional/Enterprise) Create a filter to block emails that fail the DKIM test.
• (Professional/Enterprise) Bayesian Filtering is a self learning spam system that uses complex algorithms to detect spam by comparing message content against a dictionary. All filtering actions can be executed on the Bayesian criteria being met. The global Spam Protection filter checks for Bayesian results, so make sure you are training the Bayesian dictionary.
• (Professional/Enterprise) Configure one or more filters containing known spam term or word patterns. For example, a filter containing terms like Viagra (and combinations thereof using wildcards or text patterns) will catch mainstream spam.
• (Professional/Enterprise) If you have purchased SpamAssassin in a Box from JAM Software, or have a server running SpamAssassin you can access through an available port, enable the SpamAssassin plugin in the administration program under the Servers->localhost->Extensions->Message Filter branch. You can then create global filters to perform an action if a message is detected as spam.
• There are several dedicated third party anti-spam solutions that can be used to complement MailEnable's integrated spam blocking and content filtering. These are outlined here: https://www.mailenable.com/kb/content/article.asp?ID=ME020344

MORE INFORMATION

Also, review the following articles regarding reducing incoming spam.

Spam - Frequently Asked Questions: Article ME020354

Blacklisting methods: Article ME020084

Bayesian Filtering: Article ME020346