BP111 : Controlling Spam Mail In Your Organisation

I decided I’d have a look at another spam session to get a different outlook on how to control spam within your mail system. This session is more of a best pratices session then a new features session so it will be interesting to see what else can currently be done to control spam. Ok, the room is starting to really fill up now so quiet at the back and lets get started.

The first part of the session by Richard Schwartz dealt with the design of SMTP mail and how the RFC-821 and RFC-822 standards are broken and how they both contribute to the spread of spam. Should these standards be fixed to control spam. Is it even possible to change a standard that is used on every mail system in the world.

Dieter Stalder then talked about the tools within Domino that you can use to block spam. An important point that was made was to make sure that your backup mail servers have the same protection as your primary ones. Research shows that spammers are starting to direct spam at secondary MX records in the hope that they won’t be protected as well. He then talked about website harvesting and showed some experiments that he did himself that showed that his own site was harvested on a regular basis.

One way of seeing how much spam your systems are dealing with is the set your mail server to HOLD undeliverable emails instead of bounce them back ( which may generate dead messages ). This will show people trying to do generic account and dicionary attacks on your smtp server. If your using Message Tracking then there is a free utility from http://www.spamresearch.net that will expand the message tracking store database so you can get further details from it.

Back to Richard and a big ‘Close Your Relay’ request. This is probably the most important message that any email admin should take heed of. One problem with blocking at the protocol level is that you might block messages destined to abuse or postmaster accounts. You might miss important messages that you need to respond to. He then went on to talk about the capibilities of Bayesian Filters. Again he agrees that Bayesian filters are BEST used on a per user basis.

Richard finished off the session by mentioning the vendors here at Lotusphere that are providing anti-spam solutions. He also mentioned the OpenNTF kSpam project as a good solution to look into.

By the way, Chris Linfoot posted a great PDF and explaination on the flow of email within a Domino system today which charts the points of spam control. Check it out if you get a chance.