Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution
How does SPAM effect you? <ul><li>In general: </li></ul><ul><ul><li>Spam is increasing at a rate of 60% per year </li></ul...
Three Type of Solutions <ul><li>Firewallproxy based </li></ul><ul><ul><li>Installed between the internet and incoming SMTP...
Features <ul><li>Six levels of spam filtering </li></ul><ul><ul><li>From least to most aggressive </li></ul></ul><ul><li>O...
Supported Filtering Levels <ul><li>Blocking verses “Tagging” messages </li></ul><ul><ul><li>Supports updating message subj...
Supported Filtering Bypasses <ul><li>Sending server DNS host name </li></ul><ul><li>System messages </li></ul><ul><li>Loca...
Logging <ul><li>All valid and blocked messages are logged to a database </li></ul><ul><li>Local logs exist on each server ...
Administration & Reporting <ul><li>Web based administration </li></ul><ul><ul><li>Keywords </li></ul></ul><ul><ul><li>Good...
Web Based Administration Keyword and Domain Filters
Web Based Reporting
Additional Details <ul><li>Supports Access, SQL, or MSDE for data storage </li></ul><ul><li>All keywords can be managed vi...
Upcoming SlideShare
Loading in …5
×

Pro Exchange SPAM Filter An Exchange 2000 based spam ...

455 views
376 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
455
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Ferris Research http://www.eweek.com/article2/0,3959,476541,00.asp
  • Pro Exchange SPAM Filter An Exchange 2000 based spam ...

    1. 1. Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution
    2. 2. How does SPAM effect you? <ul><li>In general: </li></ul><ul><ul><li>Spam is increasing at a rate of 60% per year </li></ul></ul><ul><ul><li>Spam accounts for over 25% of all e-mail </li></ul></ul><ul><li>Time Wasted </li></ul><ul><ul><li>End users deleting spam </li></ul></ul><ul><ul><li>IT staff dealing with users effected by spam </li></ul></ul><ul><li>Legal Issues </li></ul><ul><ul><li>Many spam messages contain business inappropriate content </li></ul></ul><ul><li>Wasted Resources </li></ul><ul><ul><li>Increased storage space </li></ul></ul><ul><ul><li>Increased backup and restore times </li></ul></ul>
    3. 3. Three Type of Solutions <ul><li>Firewallproxy based </li></ul><ul><ul><li>Installed between the internet and incoming SMTP mail servers </li></ul></ul><ul><ul><li>Prevents spam from getting to mail servers </li></ul></ul><ul><li>Mail server based </li></ul><ul><ul><li>Installed on each incoming SMTP mail server </li></ul></ul><ul><ul><li>Prevents spam from getting to user’s mailboxes This is where our SPAM solution operates </li></ul></ul><ul><li>Client based </li></ul><ul><ul><li>Installed or configured on each client independently </li></ul></ul><ul><ul><li>Deletes or moves messages from a user’s Inbox </li></ul></ul>
    4. 4. Features <ul><li>Six levels of spam filtering </li></ul><ul><ul><li>From least to most aggressive </li></ul></ul><ul><li>Optional support for: </li></ul><ul><ul><li>“ Blacklist” server checking </li></ul></ul><ul><ul><li>Dynamic blocking of future spam from newly detected hosts </li></ul></ul><ul><li>Detailed logging of all incoming smtp mail </li></ul><ul><li>Web based administration of filters </li></ul><ul><li>Web based reporting of all valid and blocked messages </li></ul>
    5. 5. Supported Filtering Levels <ul><li>Blocking verses “Tagging” messages </li></ul><ul><ul><li>Supports updating message subjects to indicate a message is possibly spam instead of blocking messages </li></ul></ul><ul><li>Spam detection criteria: </li></ul><ul><ul><li>Sending server’s IP listed in the public “Blacklist” servers </li></ul></ul><ul><ul><li>Keywords in the message </li></ul></ul><ul><ul><li>Invalid format of message header </li></ul></ul><ul><ul><li>Known spam hosts </li></ul></ul><ul><ul><ul><li>By IP and DNS host names </li></ul></ul></ul><ul><li>Dynamic blocking of new hosts </li></ul>
    6. 6. Supported Filtering Bypasses <ul><li>Sending server DNS host name </li></ul><ul><li>System messages </li></ul><ul><li>Locally sent messages </li></ul><ul><li>Planned (Not in beta) </li></ul><ul><ul><li>Target e-mail address </li></ul></ul><ul><ul><li>Group Membership </li></ul></ul>
    7. 7. Logging <ul><li>All valid and blocked messages are logged to a database </li></ul><ul><li>Local logs exist on each server containing details on all valid and blocked messages </li></ul><ul><li>Separate local log files by type of spam </li></ul><ul><ul><li>Blacklisted </li></ul></ul><ul><ul><li>Keyword match </li></ul></ul><ul><ul><li>Known spam hosts </li></ul></ul><ul><li>Single log file that contain all new spam host </li></ul><ul><ul><li>Log can be used to build a list of known spam hosts </li></ul></ul>
    8. 8. Administration & Reporting <ul><li>Web based administration </li></ul><ul><ul><li>Keywords </li></ul></ul><ul><ul><li>Good and bad domains </li></ul></ul><ul><ul><li>Triggers that cause dynamic blocking of a host </li></ul></ul><ul><ul><li>Management of dynamically blocked hosts </li></ul></ul><ul><li>Web based reporting </li></ul><ul><ul><li>Show all valid messages </li></ul></ul><ul><ul><li>Show all blocked messages </li></ul></ul><ul><ul><ul><li>Filter by blocked reason </li></ul></ul></ul><ul><ul><li>Filter by message recipient </li></ul></ul><ul><ul><li>Statistics of total, blocked, and valid messages </li></ul></ul>
    9. 9. Web Based Administration Keyword and Domain Filters
    10. 10. Web Based Reporting
    11. 11. Additional Details <ul><li>Supports Access, SQL, or MSDE for data storage </li></ul><ul><li>All keywords can be managed via web interface </li></ul><ul><li>Filter level and other settings are stored in the registry on Exchange server </li></ul><ul><ul><li>Final version will have a web front end to these settings </li></ul></ul><ul><li>Host creation script included to process new hosts log file </li></ul><ul><ul><li>Creates new host records (contact) in the AD to block future messages </li></ul></ul><ul><ul><li>Stores the reason why the contact was created, the message header that was flagged as spam, and additional information on the host that is blocked </li></ul></ul><ul><ul><li>Queries valid and good domain lists to prevent these hosts from being blocked </li></ul></ul>

    ×