I'm curious what alot of you system admins use to prevent spam on your companies computers? I work for a Christian school here in Florida (Non-Profit) and like most private christian schools money is always a factor when it comes to technology.

We have put stop gaps in place by way of Anti spam programs on client PC's, but as you can imagine that does very little. Does anyone have some suggestions to slow this beast down?

Do you run a mail server locally, like MS Exchange? If so, most "Exchange" antivirus applications now have filtering features. I use Symantecs Exchange AVF (AntiVirusFiltering) on several clients.

If you just have local e-mail clients pulling down POP mail...2x suggestions.

1) Most "better quality" mail hosting places are implementing SPAM removal at the server level. Example being the guy next door to my office...where I host my clients vanity e-mail (name@mycompany.com). Most better mailserver admins are doing "reverse DNS lookup" and only accepting mail that passes the rev dns test as coming from a legit source. Also they'll run SPAM filtering software on the mail servers to remove the bit that passes the first test. Many are also introducing antivirus at the POP mail server level, we're getting ready to do that also. That way, the ISP eliminates the SPAM and viruses! :D

2) Run a SPAM removal software on the clients PC if you can't get #1. I've recently been turned onto Cloudmarks software.

http://www.cloudmark.com/

It's really good...take a look. I love the way it works...you get definition updates, similar to antivirus software. Checkout the site.

Thanks for the info YOSC. Any ideas why it is so difficult to find prices for this stuff on a website? In answer to some of your questions we run the email server here locally. Cost is a bigtime issue here because donations and student tuition is our main sources of income. Simply put we can't afford expensive solutions. I recognize you get what you pay for, but right now we would just like to slow this stuff down a little bit. Our I.T. department is a 2 man team of which I make up 50% of that team. Im still learning everything that we have in place here so forgive my ignorance regarding all of our hardware.

What kind of mail server is it locally? MS Exchange receiving mail via DNS? Or using any POP3 connectors?

Also...do you have a website with any e-mail addresses listed on it? Such as some "contact list" of staff? If so...are the addresses "encrypted"? If no, harvesting spiders will get 'em, and upload to spam database lists. You're doomed against a rising tide there.

http://www.declude.com/


Just don't let my brainiac sys admin configure it for you. :rolleyes:

What kind of mail server is it locally? MS Exchange receiving mail via DNS? Or using any POP3 connectors?

Also...do you have a website with any e-mail addresses listed on it? Such as some "contact list" of staff? If so...are the addresses "encrypted"? If no, harvesting spiders will get 'em, and upload to spam database lists. You're doomed against a rising tide there.

Ill have to get back to you regarding the type of server. Let me ask you something YOSC. How does one encrypt address listed on a website?

Ill have to get back to you regarding the type of server. Let me ask you something YOSC. How does one encrypt address listed on a website?Well, you know on a website, where you see an e-mail address on some contact area, or whatever. If you right click that e-mail link, and select properties, you'll see something like mailto:joe@cool.net (joe@cool.net). That's what the harvesting spiders see...and collect, and report back to whoever the SPAM agencies was who send them out on the web.

If you use an encryption method when you code the e-mail links into your page, you'll see this instead when you right click it and select properties.

"<script type="text/javascript">
//<![CDATA[
function hiveware_enkoder(){var i,j,x,y,x=
"x=\"783d227c4126347c41343760263b663a3c373d376836673b36373c363a37693a383767" +
"3a3a3a393a3a37693a3a373b3b3737383a3b373c373937663a3a3a3d36383766373a376837" +
"393736363a3a3d3b3937663b3b373d3638376637363a683b3937393a3b37693a3b37393b3b" +
"37373a3637373a3a37353b3d37343a3b37393638373c363a373b363937393636373b363c37" +
"663b36373c363637693b3a3a373b3537393a3a3a363b3a37373b3a37383b3937363638373c" +
"3a34373d363a376737373736363a3a3d363a373d373a3a663b3a37683b3a3a3d602637373f" +
"7d363a412b39372b3f3a3a6a733937762c3a376d413937343f3b376d4038377c3236377069" +
"3637726b3637786c3d373f6d373a2f413637362d3737217d34372f41373a79723636697736" +
"376765663b74693d372c2b6836292b3b362f7c3b373277663a79663a3a77786a3b762c3636" +
"6d303c3a362d3d372d3f6837237d263f6e41697a65702c7c32676c657645782c342d2d3f7c" +
"417c327779667778762c352d3f7d412b2b3f6a73762c6d41343f6d407c327069726b786c3f" +
"6d2f41382d217d2f417c327779667778762c6d30362d3f236a73762c6d41363f6d407c3270" +
"69726b786c3f6d2f41382d217d2f417c327779667778762c6d30362d3f237d417d32777966" +
"7778762c6e2d3f223b793d27273b783d756e6573636170652878293b666f7228693d303b69" +
"3c782e6c656e6774683b692b2b297b6a3d782e63686172436f646541742869292d343b6966" +
"286a3c3332296a2b3d39343b792b3d537472696e672e66726f6d43686172436f6465286a29" +
"7d79\";y='';for(i=0;i<x.length;i+=2){y+=unescape('%'+x.substr(i,2));}y";
while(x=eval(x));}hiveware_enkoder();
//]]>
</script>"

You see that and go "huh?" Well...so do the harvesting spiders.

Check out this link:
http://hiveware.com/

http://www.hiveware.com/enkoder_form.php

Now doing this won't immediately cut down on your SPAM...but it will help in preventing further SPAM..you wont be added to as many lists down the road. It's a preventative measure you can do in little time, for no cost. So why not?

Thanks for the links man. I will give them a look. :)

Thanks for the links YOSC, I can use that script on my website. :thumb:

re hive encoder

That encoder works pretty well, the only drawback is added weight to web pages and also some clients (viewers) may have javascript disabled, thus the mailto: links on web pages will break.

other & better solutions:

The best solution for email links on web pages is to use a mail form rather than mailto: links. A mail form can submit using (1)the viewer's email client or (2)submit drectly to a mail program on a server.

Those are the two basic types of mail forms. In 1 above, the mail form must contain a line such as:
<form action="mailto:JoeSmith@yahoo.com" method="post" enctype="text/plain">
The address (JoeSmith@yahoo.com) CAN BE harvested by bots. However, one can convert the address to unicode and this unicode address in most cases cannot be harvested by bots. There are many free utilities to convert address and urls to unicode. Here's one:
http://www.ehits.com/AskVicki/unicoder/

Number 2 above is the best solution as the email address is not visible, even in the source code of the web page. The email address would visible (to the coder only) in the email script that resides on the server and cannot be harvested or seen by the viewer. Such scripts are available in PHP, Perl and other languages. The form on the web page would look something like this:
<form method="post" action="mail_form.php" target="_self">
There are many free mail_form scripts available. Look here:
http://www.scriptsearch.com/
http://www.hotscripts.com/

Using a mail form that is immune to harvesting bots will reduce your spam by ten fold minimuly.

Using an anti-spam solution on your local mail server will all but eliminate spam for you. However, there are no 100% workable solutions yet as even the best high dollar anti-spam systems will have errors and delete good messages and/or let some spam pass through.

The foremost thing to do would be to first of all accept only those messages addressed to specific known addresses. This is config'd in your mail server. In other words, if you have a domain called xyz.com, then all mail sent to any_name@xyz.com will arrive at the mail server. If you have 2 email accounts (joe@xyz.com and bill@xyz.com) then set it up so the only allowed messages must be addressed to those names and all others get auto deleted or bounced back.

Our newest issue is spam that comes exactly like regular mail does. Our teachers can't tell the difference between email that comes from "Joe Roberts" and email that comes from "Joe Roberts". It's pretty difficult to stop something like that. :(

So, what server operating system and mail server daemon are you using?

So, what server operating system and mail server daemon are you using?

We use Qube(Sun) for our mail server and Windows 2000 Advanced Server on the network.