Archive

Posts Tagged ‘spam’

ca.gov email servers under spam attack

 

ca.gov

For the past couple of days many ca.gov domains have been under attack with a huge volume of spam. The result is effectively a denial of service of the mail servers, as they are saturated with connection attempts. This has caused various many emails to sporadically bounce because the sending SMTP mail servers are unable to connect to the ca.gov mail servers.

Using an inbound hosted mail filtering service such as Postini or MxLogic can help avoid this problem for your organization because they host multiple inbound SMTP servers, and have a focus on the stability and reliability of these services so you don’t have to worry about it.

Advertisements

Exchange 2007 Distribution Lists

3d postman with envelope and bagA new default security feature in Exchange 2007 comes for Distribution Lists. In prior versions of Exchange, the default behavior was that anyone could sent an e-mail to a distribution lists. However, beginning in Exchange 2007, this default behavior was changed to be only authenticiated users were authorized to send mail to distribution lists. The rationale appears to be that the vast majority of distribution lists are for internal purposes only, and to expose these distribution lists to external senders, would essentially provide a really easy method to spam a bunch of people.

Think of it this way, does your organization use any othe following distribution e-mail addressses?

  • company@domain.com or domain@domain.com
  • staff@domain.com
  • everybody@domain.com
  • employees@domain.com or allemployees@domain.com
  • managers@domain.com or management@domain.com

However, unfortunately most of us assume that a product continues to work the way it did in prior releases. Then when the product stops working, we need to go back and figure out what we didn’t know we didn’t know. Here is the error message your external sender is likely to receive:

Delivery has failed to these recipients or distribution lists:
sales@company.com
Your message wasn’t delivered because of security policies. Microsoft Exchange will not try to redeliver this message for you. Please provide the following diagnostic text to your system administrator.

At the beginning of the detailed diagnostic message is shows:

#550 5.7.1 RESOLVER.RST.AuthRequired; Authentication required ##.

Now this example may be great, because most of your distribution groups you probably do not want exposed to external senders. However, sales might be one you do want exposed. So how do you do this in Microsoft Exchange 2007?

  1. Within Exchange System Manager
  2. Go to the distribution list’s properties
  3. Click on the Mail Flow Settings tab
  4. Double-click Message Delivery Restrictions
  5. Un-check the box “Require that all senders are authenticated”

There is no need to restart the server or any services. However it may take a couple of brief moments to take effect.

That’s all there is to it. Enjoy!

Anti-Spam via SPF: Sender Policy Framework

VirusSPF is an excellent method of preventing email spoofing, protecting your users from having their domain show up on spam throughout the world. SPF, however, is only as effective as you make it, as it requires changes to your DNS servers for each domain you host email for.

It is in the best interest of all email users everywhere that domain administrators add SPF records to their domain that indicate what servers are authorized to send email for their domain. Encouraging your domain administrators to adopt SPF protects them from being the victims of spoofing, and reduces the spam threat on not only your server, but others throughout the world as well.

More information can be found at http://www.openspf.org/.