Page 1: Front Cover
Front cover Lotus Domino 6 spam Survival Guide for IBM Avoid, block, and manage spam with server mail rules and mail file rules Anti-spam features of Domino 6 Third-party anti-spam products Tommi Tulisalo Ted Chappell Beth Anne Collopy Kris Hansen...
Page 3 International Technical Support Organization Lotus Domino 6 spam Survival Guide for IBM ^ January 2003 SG24-6930-00...
Page 4 “Notices” on page v. First Edition (January 2003) This edition applies to IBM Lotus Notes 6.0 and IBM Lotus Domino 6.0. © Copyright International Business Machines Corporation 2003. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP...
Page 6 IBM Redbooks collections ........
Page 7: Notices
IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead.
Page 8: Trademarks
SET, SET Secure Electronic Transaction, and the SET Logo are trademarks owned by SET Secure Electronic Transaction LLC. Other company, product, and service names may be trademarks or service marks of others. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 9: Preface
Preface In this IBM Redbook we describe how you can use IBM Lotus Domino 6 to prevent and manage “spam.” We begin by describing and categorizing spam, which is the commonly used term for unsolicited commercial e-mail. We discuss ways to prevent spam, outlining different techniques available to avoid and block spam.
Page 10 Bruce Walenius is a Critical Situation Manager for the Lotus Software Group; his geographic area of responsibility includes Europe, the Middle East, and Africa. Bruce has worked for IBM for ten years, all of it in the support organization. He started in 1993 as a software support specialist in Canada...
Page 11: Become A Published Author
Alison Chandler - ITSO Poughkeepsie Become a published author Join us for a two- to six-week residency program! Help write an IBM Redbook dealing with specific products or solutions, while getting hands-on experience with leading-edge technologies. You'll team with IBM technical professionals, Business Partners and/or customers.
Page 12: Comments Welcome
Use the online Contact us review redbook form found at: ibm.com Send your comments in an Internet note to: Mail your comments to: IBM Corporation, International Technical Support Organization Dept HYJ Mail Station P099 2455 South Road Poughkeepsie, NY 12601-5400 Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 13: Chapter 1. Introduction
In this chapter we provide an overview of spam, including a general definition, as well as a discussion of some of the categories of spam and the problems they can pose in an organization. © Copyright IBM Corp. 2003. All rights reserved.
Page 14: Definition Of Spam
Advertisers trying to sell a product or service to as large an audience as possible. Mailings designed to cheat or mislead unsuspecting or gullible Internet mail recipients with incredible get-rich-quick schemes. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 15 Hoaxes. E-mail chain letters requiring you to perform an action or suffer serious consequences. Fake virus warnings, forged messages, or deceitful mail attempting to get the recipient to respond in a certain way. Mail trying to entice you to visit certain sites, often pornographic, or of very questionable nature.
Page 16 “As requested, here is..”, or “Thanks for getting back to me, here is that site I was talking about..”. Do not be misled; if the mail was not solicited, don't answer it. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 17 Mail trying to entice you to visit certain sites, often pornographic, or of very questionable nature. – Mail of this nature is often directly to the point. “Wanna see more of me? Click here.” or “I can't believe it, you have to see this! Click here.” This type of spam is often paid for by the site in question.
Page 18 Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 19: Chapter 2. Preventing Unwanted E-Mail And Spam
In this chapter we discuss some basic spam avoidance techniques, and how to select the right approach in your environment. One highly effective way for your © Copyright IBM Corp. 2003. All rights reserved.
Page 20: Spam Avoidance Techniques
Spammers can subscribe to any usenet group. Then after downloading posts from a usenet group, the news-bots look for xxxx@domain.com patterns in posted message content and headers. When an e-mail address pattern is found Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 21: Avoiding Harvesting
they store it for use in bulk mailing. The best defense against spammer news-bots is to simply provide human-recognizable alterations to the address that make it more difficult for the news-bot to recognize any e-mail address pattern. Listserv harvesting Spammers develop programs that subscribe to list servers as any other user can, but they never send to the subscribed list.
Page 22: Confusing The Harvesters
2.1.4 Inform Users The more users know about the cause of their addresses being picked up by spammers, the greater the chance that they can avoid getting on the list. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 23 Educating users about how to avoid giving their addresses to potential spam sources will help reduce the amount of spam that comes through your systems. Have a mail policy Have a mail policy that includes the sending of spam. While you are working very hard to stop spam from arriving, it's good to make sure that none of your users is a source of this type of mail.
Page 24: How To Block Spam
These approaches are not mutually exclusive, and the “right” approach depends entirely on your organization and your users. You will want to engage some server-based spam Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 25: At The Gateway
blocking techniques if you are looking to take an aggressive approach against spam. 2.2.1 At the gateway It is possible to subscribe to third party services or purchase network devices that aim to stop spam even before your mail server receives it. These services often act as a mail relay, and screen incoming mail for content or origin.
Page 26: By The End User
You may want to conduct this survey periodically to make sure that the approach that you have selected is still appropriate. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 27: Managing The Ongoing Anti-Spam Campaign
2.2.5 Managing the ongoing anti-spam campaign Due to the nature of spam, there is no single configuration setting or secret notes.ini variable to toggle to have all spam delivery rejected. This is due to the constant change in the spam content, addresses, and the spammers themselves.
Page 28: Summary
Overall, much can be done to avoid and reduce spam delivery. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 29: Chapter 3. Domino 6 Anti-Spam Architecture
How the different anti-spam measures are divided between Domino server tasks. How the control over anti-spam measures is divided between the Domino administrator and the end-users. Common problems and recommended solutions. © Copyright IBM Corp. 2003. All rights reserved.
Page 30: The Domino Messaging Environment
Domino 6 anti-spam measures described in this redbook. The implemented strategy to fight spam in the example Domino environment is to stop spam at the Domino server. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 31 All SMTP mail is handled by this server. Spam controls as well as Server Mail Rules are implemented here, using the features available in Lotus Domino 6. Notes Client IBM eServer pSeries Lotus Domino 6 for Linux Providing SMTP Mail Services Notes Client...
Page 32: Domino 6 Messaging Components
3. The Router when messages are moved from MAIL.BOX to individual mail files Figure 3-2 is a graphical depiction of Domino 6 anti-spam messaging components. Figure 3-2 The Domino 6 messaging components Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 33: Smtp Listener/Server
3.2.1 SMTP Listener/Server Incoming SMTP messages are processed by the SMTP Listener task. This task is responsible for accepting incoming requests to communicate with the Domino SMTP server. The SMTP Listener task and the configuration settings that it uses are your first line of defense against spam. The features employed by the SMTP Listener task include: DNS blacklist filtering Inbound relay control and enforcement...
Page 34 6. Domino SMTP Listener checks Inbound Intended Recipients Controls, comparing contents of the RCPT TO. If intended recipient is not a local user, it checks Inbound Relay Enforcement and Inbound Relay Controls, comparing contents to the RCPT TO. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 35: Router
7. Originating SMTP server sends the DATA command to initiate the transfer of the message contents. 8. Domino SMTP Listener acknowledges start of DATA. 9. Originating SMTP server sends END OF DATA to indicate data transfer is complete. Domino SMTP Listener checks any inbound file size restrictions. Server mail rules are run, but only “Don’t accept message”...
Page 36: Server Configuration Features
You can now enable anti-relay enforcement to apply to all external hosts, all hosts (internal or external), or not apply checking at all. You can exclude certain hostnames from Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 37: User Configuration Features
this checking by specifying the hostname or IP address in an exclusion list. In previous versions of Domino, when you implemented Relay controls your POP or IMAP users were often prohibited from using Domino as a relay. Enhancements made in this area now allow you to provide your authenticated users with the ability to relay off the Domino server and not require relay control checking.
Page 38 Message received from a known spam domain. Inbound sender controls: Deny messages from this domain User mail file rules: Create a rule for this and don’t accept mail from this domain. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 39 DNS blacklist filters: Check inbound connection and look-up host in DNS blacklist; log and reject message if determined to be from a known spamming site. A specific host is sending a large amount of spam to your server. Inbound connection controls: Deny connection from this host. A specific e-mail address is sending a large amount of spam to your server.
Page 40 Disable the ability to route SMTP mail to your groups by enabling the server notes.ini variable on your inbound SMTP server. You can also use reader lists to control who can send mail to individual groups. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 41: Chapter 4. Domino 6 Server Anti-Spam Features
Next, we detail what can be done to control the delivery of spam with: Server Mail Rules Finally, we discuss how to control use of your server as a relay, employing: Inbound Relay Controls Inbound Relay Enforcement © Copyright IBM Corp. 2003. All rights reserved.
Page 42: How To Detect Spam
It’s not unusual to have a message that contains multiple received headers. To get the document properties of a message: 1. View the documents in mail.box (or mail1.box, mail2.box, and so forth). Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 43: Separating Legitimate E-Mail From Spam Based On Content
2. Select the document, right-click, and choose Document Properties. The individual fields are on the left and the value held in each field is on the right. If you find that Dead mail or Held mail is accumulating in mail.box, determine whether the messages are for valid users by checking the IntendedRecipient field for each message.
Page 44: Controlling Connections From Spammers
If this happens, the owner of the host can work with the DNSBL site to verify that all open relay capabilities have been closed down. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 45 DNSBL checking tends to vary from site to site. Some sites provide their service for free, while others charge a fee for their service. Contact your prospective DNSBL service provider to inquire on pricing. Listed in Table 4-1 are several commercially available DNSBL service providers. We do not recommend one service provider over another.
Page 46 Using the statistics available though Domino, you might want to make a business decision to implement tighter server mail rules, based on the sites found in the DNSBL. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 47 The field “Desired action when a connecting host is found in a DNS Blacklist” has 3 possible options: When Domino finds that a connecting host is on the blacklist, it accepts messages from the host and records the hostname and IP address of the connecting server and the name of the site where the server was listed.
Page 48: Inbound Intended Recipients Controls
1. In the Administration client click the Configuration tab and expand the Messaging section. 2. Click Configurations. 3. Select the configuration settings document for the server you want to administer and click Edit Configuration. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 49 4. Click the tabs in the following order: Router/SMTP Restrictions and Controls SMTP Inbound Controls and navigate down to Inbound Intended Recipient Controls. 5. Double-click the document or click the Edit Server Configuration button to put the document in edit mode. Figure 4-2 Inbound Intended Recipients controls 6.
Page 50 Internet address (e-mail address) to the “Deny messages intended for the following internet addresses” list. Likewise for those that you will allow to receive Internet mail. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 51: Disable Routing Mail To Groups
Be aware that entries found in both the Allow and Deny fields will result in the user’s messages being Denied. The Deny field take precedence over the Allow field. The use of Group names in the allow and deny fields is acceptable; however, the group name must be the actual group name and not that of the groupnames internet address.
Page 52 Domino Directory will now receive a delivery failure report, as shown Figure 4-4. The sender of the message will only be informed that the message was rejected for policy reasons. Figure 4-4 Delivery failure report that is generated Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 53: Inbound Connection Controls
4.2.4 Inbound connection controls Inbound connection controls were introduced in Domino Release 5 and have remained unchanged in Domino 6. The inbound connection controls allow you to specify how the Domino SMTP server will handle inbound connection requests and which hosts it will allow/deny a connection to this server. If you choose to enable “Verify connecting host name in DNS,”...
Page 54: Inbound Sender Controls
Allow entries. 4.2.5 Inbound sender controls Inbound sender controls were introduced in Domino Release 5 and have remained unchanged in Domino 6. The inbound sender controls allow you to Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 55 specify how the Domino SMTP server will process connections based on the sender address. “Verify sender’s domain in DNS,” when enabled, instructs the Domino SMTP server to verify the sender address (using the contents of the MAIL FROM field in the message header) to confirm that the sender’s domain name actually exists.
Page 56 The delivery failure report in Figure 4-8 was generated using a server mail rule. Notice that the reason for failure only indicates “Message rejected for policy reasons,” but does not make note of the sender’s address. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 57: Controlling Delivery Of Spam
Figure 4-8 Delivery Failure Report for messages denied using a Server rule As you can see from the two delivery failure reports, messages failed using the inbound sender controls provided more detail to the sender regarding why the message was failed. Either method of denial will work with a sender’s internet address;...
Page 58 2. Click Configurations. 3. Select the configuration settings document for the server you want to administer and click Edit Configuration. 4. Click the tabs in the following order: Router/SMTP Restrictions and Controls Rules. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 59 Figure 4-9 Where to set up server mail rules 5. Double-click the document or click the Edit Server Configuration button to put the document into edit mode. 6. Click New Rule to create a new rule document. Chapter 4. Domino 6 Server anti-spam features...
Page 60 • Body • Importance • Delivery priority • To • CC • BCC • To or CC • Body or subject • Internet domain • Size (in bytes) • All documents Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 61 • Any attachment name • Number of attachments • Form • Recipient count • Any recipient Figure 4-11 Choose the field to be examined by the rule b. Each field can be tested for the following conditions: • contains / does not contain •...
Page 62 Figure 4-15 Specify action – journal this message This is used in conjunction with mail journaling. For more details on mail Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 63 journaling, see the redbook Upgrading to Notes and Domino 6 , SG24-6889, and the Domino 6 Administrator Help. – move to database You can create a graveyard or quarantine database for suspicious messages. Be sure to specify the server on which you are creating the rules prior to selecting the database.
Page 64 Messages containing an inordinate number of recipients or attachments can be moved to a database or held in mail.box pending further analysis. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 65 Table 4-2 outlines various types of rules and provides suggestions on the action to take on these messages. Initially, you may want to use the “Move to Database” or “Change Routing State” actions more frequently than the “Don’t accept message” or the “Don’t deliver message”. There is no way to recover messages that were rejected using “Don’t accept message”...
Page 66: Controlling Use Of Your Server As A Relay
The wording of the field names tends to cause confusion in what setting is for what functionality. There are four fields on the server configuration document dealing specifically with the inbound relay controls. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 67 You will find the inbound relay controls on the server configuration document. Select Router/SMTP Restrictions and Controls SMTP Inbound Controls. These two fields shown in Figure 4-19 determine the names of the hosts that this Domino Server will relay mail to (Destination). Figure 4-19 Inbound relay controls (Destination host settings) These fields are used to explicitly enter the name of those hosts that you want this server to relay to, or those that you specifically want to prohibit.
Page 68 In the example, the host 9.95.91.51 can relay to the yahoo.com domain even though the domain is explicitly denied as a relay destination. Similarly, the following configuration denies relays from a specified host and allows them to a specified domain: Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 69 On a Domino 5 server, the Deny entry takes precedence, so that the named host, myhost.iris.com, is not a valid relay source. The named host cannot relay to any domain, even to allowed domains. On a Domino 6 server, the Allow entry takes precedence. In the preceding example, myhost.iris.com is allowed to relay to hotmail.com, but not to any other destination.
Page 70 All other hosts will not be allowed to relay any mail xyz.com All hosts will be allowed to relay messages to xyz.com, but not to any other domain. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 71: Inbound Relay Enforcement
Table 4-4 Avoid these inbound relay configurations Allow to Deny to Allow from Deny from Result of inbound relay setting xyz.com abc.com All hosts, except abc.com can relay mail to any destination. abc.com can relay to any destination, except xyz.com. xyz.com All hosts can relay mail to any destination except xyz.com...
Page 72 – All connecting hosts - The server applies the inbound relay controls to all hosts attempting to relay mail to external Internet domains. – None - The server ignores the settings in the inbound relay controls. All hosts can always relay. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 73 By default the inbound relay controls are enabled for external hosts. If the connecting host’s IP address resolves to a name in one of the local Internet domains, the host is considered internal. IP addresses that resolve to host names outside the local Internet domains or that do not have DNS entries are considered external.
Page 74: Protecting Your Domino Server From Active Address Harvesting Attacks
Spammers test the SMTP server response to the RCPT TO command and when the response is “positive” for a good address, the Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 75: Defending Against Active Attacks
spammer marks the e-mail address as a valid target for spam. This type of attack simulates the transmission of an e-mail with a large list of recipients. This harvesting technique is especially effective for spammers when you configure Domino 6 to validate recipient addresses during transport by enabling the “Verify that Local Domain Recipients exist in the Domino Directory”...
Page 76 Active monitoring of mail.box is required to prevent the negative impact of spam mail bombing and the accumulation of large amounts of bogus undeliverable spam mail. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 77: Chapter 5. Using Mail File Rules To Prevent Spam
In this chapter, we describe how to coach your users to design and set up effective mail file rules, how to implement anti-spam rules, and how to monitor and evaluate the rules once they are in place. © Copyright IBM Corp. 2003. All rights reserved.
Page 78: Distinguishing Between Spam And Legitimate E-Mail
Example 5-1 shows the page source information for a sample spam e-mail message. Example 5-1 Page source of a sample spam e-mail message This is the recipient of the e-mail message Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 79 “faked”. Examples are: Missing the “From” address. Multiple recipients with the same name or similar alpha spelling. For example, tommi@us.ibm.com, tommi@emaildomain.com, tommichaels@lmxxop.com Different source domain/IP than the sender. This is not always spam, but it is suspicious.
Page 80: Mail File Rules
3. Click the New Rule button to begin building an anti-spam rule. The Rule dialog box is the primary interface for developing your anti-spam rules. Figure 5-1 on page 69 shows the New Rule dialog. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 81 Figure 5-1 Notes 6 new rule dialog If you need help creating rules, beyond what is provided in this book, review the Lotus Notes 6 Help section, “Filtering new mail using rules.” Specifying rule conditions Under “Specify Conditions,” select a part of each message to check (such as sender subject ), select a state (such as...
Page 82 The e-mail from known spammers and most offensive emails can be deleted using the more restrictive rules, yet other e-mails can be recovered without extensive restore Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 83: Developing Anti-Spam Mail File Rules
procedures. In this way spam can be dealt with quickly without losing control of your e-mail. 5.2.2 Developing anti-spam mail file rules In order to develop rules for your e-mail, you should first determine what type of rules you want to create and how restrictive you want to be. By creating rules that eliminate e-mail from known spamming sources and rules that file suspicious e-mail based on content, you can start to rid your inbox of most of the unwanted mail.
Page 84 Suspicious folder for false positives, that is, desired e-mails that were initially determined to be spam. At other times, the user must assess whether more stringent criteria are required to filter out more spam. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 85 If a user established a rule that was too broad, for example, that user would undoubtedly receive e-mail that was incorrectly categorized as suspicious. On discovery of false positives, the user must make adjustments to the mail file rules to avoid such invalid categorizations in the future. Similarly, if a user was receiving uncategorized (regular inbox) e-mail that appeared to be spam, those e-mail messages should be reviewed for characteristics that might be used to categorize them as spam so that they are...
Page 86 In this way we can deny self-mail from the Internet without eliminating the ability of users to send Notes mail to themselves, which is fairly common. Figure 5-5 shows a self-mail rule that deletes these e-mails. Figure 5-5 Self-mail Rule Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 87 Scanning for text content Mail rules also allow you to scan the subject or body fields for content that can help you determine the disposition of an incoming e-mail. For example, if you are always interested in e-mail about Spacely Sprockets , you can create a mail rule that scans for Spacely Sprockets in the subject and body fields and places that e-mail message into a Spacely Sprockets folder.
Page 88 Be aware that bulk emailers are seldom legitimate business concerns, so they may create spoofed e-mail which appears to come from legitimate Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 89: Viewing Mail Rules And The Evaluation Sequence
sources. With these ideas in mind, try to build your initial rules such that the accepted e-mail addresses and domains indicate genuine e-mail from known sources. 5.2.3 Viewing mail rules and the evaluation sequence Once you have created the rules for your mail file, you need to look at the whole set and place them in the right sequence.
Page 90: Monitoring Mail File Rules
The log entry itself is show in Figure 5-11. Figure 5-11 Mail Routing Events log entry Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 91 Since we didn’t receive this e-mail, whose attempted delivery to us is shown in the log, we know our mail file rule worked and deleted the e-mail. If you are using mail file rules that file e-mails into folders, such as Incoming\Suspicious, you can examine what is in the folders to see if the rules are working the way you want them to.
Page 92 Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 93: Chapter 6. Third Party Anti-Spam Products
This chapter introduces some of the third party products available to help you in addressing the spam problem. We have divided the products into two categories: Anti-spam products that run on a Domino server Separate anti-spam server and gateway products and services © Copyright IBM Corp. 2003. All rights reserved.
Page 94: Anti-Spam Products For Notes And Domino
(false positives). In addition, once user configurations are defined, any changes to the corporate Master anti-spam configuration automatically update their corresponding user configurations. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 95 Figure 6-1 Spam destination and logging configuration Figure 6-1 shows a few of the configuration options available to administrators and users. In particular, it shows the Disposition tab from within a spamJam Master Configuration. The Disposition settings allow administrators to configure how spamJam will handle mail that has been determined to be spam.
Page 96 Users simply click a button to restore the message and are presented with options (see Figure 6-4 on page 85) to subsequently accept mail from the sending domain or address. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 97: Spameraser For Lotus Notes And Domino 6
Figure 6-4 Restoring a message to the user’s mail file spamJam benefits existing Domino environments The continuing increase of undesired e-mail plagues many end users and frustrates system administrators because of its unpredictability. spamJam gives end-users and administrators relief from the deluge of spam while providing peace of mind with full recoverability, all within their familiar Domino environment.
Page 98 SpamEraser works through a series of Domino agents which check the block list for all incoming mail and delete them if they are from someone on the list or from a domain that is in the SpamDomains list. Figure 6-5 Incoming mail queue Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 99 With the Individual or Group configurations, the mail enters the organization but never reaches the recipient if it is from a known spammer. Each user blocks spam mail by clicking a “This is Spam” button or by dragging the message to the Spam folder in their mail files.
Page 100: Iq.suite
- Anti-spam and content filtering securiQ.Xblock - Image scanning and filtering securiQ.Crypt - Encryption/decryption securiQ.Watchdog - Anti-virus protection and attachment control securiQ.Trailer - Legal disclaimers securiQ.Safe - E-mail recording and archiving Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 101: Scanmail For Lotus Notes With Emanager
securiQ.Wall The securiQ.Wall product protects companies from spam and prevents spreading of sensitive information. Some of the features include: Protection from spam, junk mail, and advertising mailshots. It blocks unsolicited e-mail by checking sender, recipient, and mail content. Protection of enterprise-critical information. This is accomplished by preventing the unauthorized sending of confidential information using lexical analysis procedures.
Page 102 Configuring rules for spam filtering You can create one or more rules that will activate filtering. Figure 6-8 shows the ScanMail view from which you can create filter rules. Figure 6-8 Filter Rules configuration Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 103 The configuration screen for a spam rule is shown in Figure 6-9. It illustrates how simple the creation and prioritization of rules is with this tool. The administrator can optionally choose to quarantine the blocked e-mail, and notifications can also be enabled for testing purposes.
Page 104: Xm Spamstop
Checks DNS Blacklist (2-20 servers) Uses and automatically creates Whitelists Checks Blacklists Checks allowed language formats Workflow system deals with spam management or allows it to flow to the user Checks message signatures (known spam) Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 105 Figure 6-11 through Figure 6-13 show some sample screens from the SpamStop product. Figure 6-11 User customizable Figure 6-12 Uses over 300 checks with point system Figure 6-13 Workflow allows for spam management Chapter 6. Third party anti-spam products...
Page 106: Other Anti-Spam Products For Notes And Domino
BrightMail's on-premise product acts as a “gateway” product, meaning that it operates in front of your Lotus Domino servers. It can intercept and scan Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 107: Activestate Puremessage
messages before they enter into your Domino system. Inbound message attachments are first scanned for viruses, then they are processed by the anti-spam filter module. If the message is determined to be spam, it is moved into a separate junk mail folder. If not, the message is then passed on to the custom message filter, and if not blocked during this process, it is delivered to the end user as a valid e-mail message.
Page 108 RBL tests don't uniquely identify a message as spam. They act as a contributing test to the probability that a given message is spam. Distributed checksum checks Razor network check supported. Provides peer-based identification of spam messages. Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 109: Trend Micro Inc. Products
6.2.3 Trend Micro Inc. products Spam Prevention Service software Spam Prevention Service software from Trend Micro is a on-site anti-spam application designed for the enterprise. It resides at the gateway, where it monitors incoming SMTP e-mail and identifies spam with a 90% to 95% accuracy rate, according to Trend Micro Inc.
Page 110: Other Anti-Spam Server Or Gateway Products And Services
6.2.4 Other anti-spam server or gateway products and services Postini Perimeter Manager from Postini Corporation EasyLink MailWatch from EasyLink Services Corporation SkyScan AS from MessageLabs Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 111: Related Publications
The publications listed in this section are considered particularly suitable for a more detailed discussion of the topics covered in this redbook. IBM Redbooks For information on ordering these publications, see “How to get IBM Redbooks” on page 100. Upgrading to Notes & Domino 6, SG24-6889...
Page 112: How To Get Ibm Redbooks
Redbooks are also available on CD-ROMs. Click the CD-ROMs button on the Redbooks Web site for information about all the CD-ROMs offered, as well as updates and formats. Lotus Domino 6 spam Survival Guide for IBM eServer Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 113: Index
Anti-spam server & gateway products & services 94 tagging messages 35 Anti-spam strategy DNSBL 33 labor estimates 15 DNSBL service providers 33 Avoiding harvesting 9 Domino 6 anti-spam configuration 23 on the server 24 © Copyright IBM Corp. 2003. All rights reserved.
Page 114 Server 68 Inbound relay controls 24, 54 setting up 68 configuration 57 troubleshooting 79 configuring 55 types 71–72 managing conflicts 56 unacceptable subject content 75 settings 55 viewing 77 Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 115 Mail policy 11 specifying conditions 49 mail.box 20, 45 Server side spam prevention features 13 Mailto tags 10 SMTP communication sequence 22 Monitoring mail file rules 78 SMTP error message for rejected messages 34 Monitoring your mail.box 64 SMTP harvesting attacks 62 Multiple actions is a single rule 70 SMTP mail handling 20 munging 10...
Page 116 Verify that local domain recipients exist in the Dom- ino Directory 24, 36, 63 Viewing the page source of e-mail messages 66 Viewing the source of a SMTP mail 31 XM SpamStop 92 Lotus Domino 6 spam Survival Guide for IBM eServer...
Page 120: Back Cover
Back cover ® Lotus Domino 6 spam Survival Guide for Avoid, block, and In this IBM Redbook we describe how you can use IBM Lotus Domino INTERNATIONAL manage spam with 6 to prevent and manage “spam.” TECHNICAL server mail rules and...

This manual is also suitable for:

Lotus domino 6

IBM AH0QXML - Lotus Domino Messaging User Manual

Notices

Preface

Chapter 1. Introduction

Chapter 2. Preventing Unwanted E-Mail and Spam

Chapter 3. Domino 6 Anti-Spam Architecture

Chapter 4. Domino 6 Server Anti-Spam Features

Chapter 5. Using Mail File Rules to Prevent Spam

Chapter 6. Third Party Anti-Spam Products

Related Publications

Index

Quick Links

Front cover

Related Manuals for IBM AH0QXML - Lotus Domino Messaging

Summary of Contents for IBM AH0QXML - Lotus Domino Messaging

This manual is also suitable for:

Table of Contents