SUMMARY
Recommendations for detecting and reducing the volume of spam received
by MailEnable.
DETAILS
MailEnable provides an extensive array of spam blocking, and content
filtering features that can be enabled to reduce the volume of received
unsolicited e-mail or spam.
The following actions should be considered:
- Do not have a catch-all set for domains. Spammers will make up email
addresses for the domains hosted and try to send to them.
- Enable the setting 'Reject mail if sender address is from an invalid
domain' . This is in the SMTP connector Security properties. This will
stop the mail server from accepting email from people who have put an invalid
domain as their From address.
- Enable the option for requiring that those sending mail to the server
have a DNS PTR record defined for the IP address of their mail server. This
setting is configured under the properties of the SMTP connector in the
MailEnable Administration Program. Not having a PTR record usually
indicates that the sender is on a dial-up/cable/ADSL connection.
- Enable the option to require that anyone sending from a locally hosted
e-mail address needs to authenticate. This prevents spammers from using your
local envelope sender to send spam to other users on your server. This setting
is configured under the properties of the SMTP connector in the MailEnable
Administration Program and is called address spoofing prevention.
- Configure the SMTP connector to use one or two RDNS blacklist
providers; since this will prevent you receiving spam from known spammer IP
addresses. Spamhaus Zen and Barracuda blacklist are recommended. Be aware
that you must register with Barracuda to use their blacklist. When using
a blacklist, make sure you are using your own DNS IP address in your SMTP
options. If you use an external DNS such as 8.8.8.8 from Google then reverse
DNS blacklisting will not work.
- Enable the URL blacklisting option, since it will scan messages for
URLs that are known to be spam links. Make sure you use a blacklist
that provides the blocking of URI hosts, such as SURBL.
- (Professional/Enterprise) Enable Sender Policy Framework
validation. This setting is configured under the properties of the SMTP
Connector in the administration program.
- (Professional/Enterprise) Enable greylisting under the
SMTP settings in the administration program. This will reduce spam by
delaying new messages briefly, since spammers will generally not retry a
delayed address.
- (Professional/Enterprise) Create a filter to block emails
that fail the DKIM test.
- (Professional/Enterprise) Bayesian Filtering is a self
learning spam system that uses complex algorithms to detect spam by
comparing message content against a dictionary. All filtering
actions can be executed on the Bayesian criteria being met. The global
Spam Protection filter checks for Bayesian results, so make sure you are
training the Bayesian dictionary.
- (Professional/Enterprise) Configure one or more filters
containing known spam term or word patterns. For example, a filter containing
terms like Viagra (and combinations thereof using wildcards or text
patterns) will catch mainstream spam.
- (Professional/Enterprise) If you have purchased
SpamAssassin in a Box from JAM Software, or have a server running
SpamAssassin you can access through an available port, enable the SpamAssassin
plugin in the administration program under the
Servers->localhost->Extensions->Message Filter branch. You can then
create global filters to perform an action if a message is detected as spam.
- There are several dedicated third party anti-spam solutions that can be
used to complement MailEnable's integrated spam blocking and content
filtering. These are outlined here: https://www.mailenable.com/kb/content/article.asp?ID=ME020344
MORE INFORMATION
Also, review the following articles regarding reducing incoming spam.
Spam - Frequently Asked Questions: Article ME020354
Blacklisting methods: Article ME020084
Bayesian Filtering: Article ME020346