SUMMARY

Recommendations for detecting and reducing the volume of spam received by MailEnable.

MailEnable provides an extensive array of spam blocking, and content filtering features that can be enabled to reduce the volume of received unsolicited e-mail or spam.

The following actions should be considered:

• Do not have a catch-all set for domains. Spammers will make up email addresses for the domains hosted and try to send to them.
• Enable the setting 'Reject mail if sender address is from an invalid domain' . This is in the SMTP connector Security properties. This will stop the mail server from accepting email from people who have put an invalid domain as their From address.
• Enable the option for requiring that those sending mail to the server have a DNS PTR record defined for the IP address of their mail server. This setting is configured under the properties of the SMTP connector in the MailEnable Administration Program. Not having a PTR record usually indicates that the sender is on a dial-up/cable/ADSL connection. 
• Enable the option to require that anyone sending from a locally hosted e-mail address needs to authenticate. This prevents spammers from using your local envelope sender to send spam to other users on your server. This setting is configured under the properties of the SMTP connector in the MailEnable Administration Program and is called address spoofing prevention.
• Configure the SMTP connector to use one or two RDNS blacklist providers; since this will prevent you receiving spam from known spammer IP addresses. Spamhaus Zen and Barracuda blacklist are recommended. Be aware that you must register with Barracuda to use their blacklist. When using a blacklist, make sure you are using your own DNS IP address in your SMTP options. If you use an external DNS such as 8.8.8.8 from Google then reverse DNS blacklisting will not work. 
• Enable the URL blacklisting option, since it will scan messages for URLs that are known to be spam links. Spamhaus Zen blacklist is appropriate for this.
• Enable MailEnable's Sender Policy Framework (not available in the Standard edition). This setting is also configured under the properties of the SMTP Connector in the MailEnable Administration program.
• Enable greylisting under the SMTP Connector properties in the administration program (not available in the Standard edition). This will reduce spam by delaying new messages briefly, since spammers will generally not retry a delayed address.
• Create a filter to block emails that fail the DKIM test (not available in the Standard edition).
• Bayesian Filtering is a self learning spam system that uses complex algorithms to detect spam by comparing message content against a dictionary. All filtering actions can be executed on the Bayesian criteria being met.
• If using MailEnable Professional or Enterprise Editions, configure one or more filters containing known spam term or word patterns. For example, a filter containing terms like Viagra (and combinations thereof using wildcards or text patterns) will catch mainstream spam.
• There are several dedicated third party anti-spam solutions that can be used to complement MailEnable's integrated spam blocking and content filtering. These are outlined here: http://www.mailenable.com/kb/content/article.asp?ID=ME020344

MORE INFORMATION

Also, review the following articles regarding reducing incoming spam.

Spam - Frequently Asked Questions: Article ME020354

Blacklisting methods: Article ME020084

Bayesian Filtering: Article ME020346