Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×

Exchange Compatible Spam Filters? 99

Posted by Cliff from the email-pork-removal dept.
DamienMcKenna asks: "At work our license for Symantec Brightmail is coming up for renewal and I'm looking for alternatives that will cooperate with Microsoft Exchange 2003. Brightmail hasn't worked consistently since we installed it last year, has a low success rate, the client plugin has been very unstable, and it takes up far too much server resources for what it does. Given that many of the appropriate software is not available for trial (you have to base decisions off their marketing materials), does anyone have recommendations on what to use instead? It must be Windows-based (UNIX/Linux/BSD is out of the question right now), and should have an easy to use administrative interface since not all of the IT staff are very technically minded. A working plugin for Outlook for client-level configuration would also be appreciated."
This discussion has been archived. No new comments can be posted.

Exchange Compatible Spam Filters? More

Exchange Compatible Spam Filters?

Comments Filter:

  • MailMarshal (Score:4, Informative)

    by nmb3000 ( 741169 ) on Friday April 28, 2006 @07:57PM (#15224896) Journal
    The company I used to work at used MailMarshal [marshal.com] for their spam/virus filtering. The interface was pretty good, but there was no Bayesian filters, nor client-side plugins (though I don't really thing they are that much of a bonus). It was pretty easy on resources; the Poweredge server we had never seemed to have much of a problem, and it was running IIS and MSSQL at the same time (it was a smaller business).

    This was several years ago, and all those things, including a web interface and quarantines were supposed to be in the next version (and they've gone through some two or three versions since then).

    Might be worth checking out anyway.

    • Re:MailMarshal (Score:3, Interesting)

      by m0rph3us0 ( 549631 )
      I know of a company Global Relay [globalrelay.com] that offers a hosted spam/virus filter for Exchange. They also do Email archiving so that in the event of disaster your company still has access to all its email. Their mail systems are so good that they've never lost a single email in 6 years. The Chicago Stock Exchange uses their services so they are well prepared for larger organizations.

  • "Not technically minded?" (Score:5, Interesting)

    by W2k ( 540424 ) on Friday April 28, 2006 @07:57PM (#15224901) Journal
    If your IT staff is not technically minded, you have bigger problems than SPAM. Maybe it's just me, but I was under the distinct impression that the foremost qualification necessary to join the IT staff of any self-respecting company is to be technically minded. What are those people doing there if they can't do their jobs?

    What kind of a "company" is this? I guess it's too much to ask for a name.
    • Some organizations may not be able to pay the salaries that highly qualified IT people are looking for. This particularly happens with such places as school districts, which is unfortunate because school district networks usually have more malicious users than traditional corporate networks. School districts are also often forced to use Exchange/AD setups by less knowledgeable school boards. Not that this combination is unworkable, it just sometimes requires more babysitting and trouble spotting than mor
      • Don't you know the custom here? If you don't know the answer to a question, you attack the person asking it, or point out why they need to change their situation entirely to change the question into one you know the answer to. :)
      • Not that this combination is unworkable, it just sometimes requires more babysitting and trouble spotting than more inherently secure infrastructures.

        What's "inherently" insecure about AD and Exchange ?

    • IT staff don't have to be technically minded anymore. I see it every day; dicks that say to themselves "I installed Windows once" (or worse, "I use Windows at home to write letters") apply for IT jobs. Their lack of real skill means they often ask for a salary figure that is... low. Of course they get the jobs.

      Now, if you're after a client-side solution for Craplook, try SpamBayes. I have it at work (no thanks to senior management being invited to wine and dine with the Borg-team). It works OK if the u
      • I second the SpamBayes recommendation. I worked at a non-profit where spam was getting out of control for employees and there was no $ to pay for a solution. I hooked up my co-workers with SpamBayes on the client-side of Outlook one at a time so they could see how much people liked it once it started to adjust to the particular employee's spam. By the time I left, everyone was running it and everyone seemed to have adjusted.

        One of the tricks I used to make the filter a little smarter off the bat was to s
      • I agree.
        SpamBayes works fine.
        My 2cents.
    • Usually, people don't give company names in Ask /. questions. Why's this guy supposed to be different?

      That said, we do use Brightmail. I must say that this IT department must not be technically minded: Brightmail was an SOB to install, but after that it's been literally running for *looks at calendar* 9 months with zero interaction, has had a total of -one- false positive, and has something like a 99.9% detection rate, with one message that consistently got through for 2 days or so until it was added to th
    • Right on the money my friend. The problem is that people have been sold a bill of goods when they were told by MS that "computing is now easy". While the GUIs might help make things easier for low skill administrators for many tasks that used to require skill, there is no substitute for a thorough understanding of the underlying technology. One main flaw in today's IT world is that the users are driving technology. While this is liberating for them, it's like letting a wet behind the ears new teen drive
  • There are a number of companies that'll sell you a standalone device that filters spam. I think it's the only thing you might be qualified to use...
    • Would it be possible to route your incoming/outgoing email through a smart host?

      If that is an option, then you have a lot more products to choose from.

      Personally, I run Exim4 w/SpamAssassin as the smart host for out ancient GroupWise 5.5ep installation.

      And it is un-fucking-believably fantastic.
      • Well, the poster is asking for a Windows solution. Luckily, Exim / ClamAV / Perl (spamassassin) runs in cygwin!! Yeah, I know, cygwin is an abortion, but it does work.

        The poster is really asking for a push-button point and clicky GUI interface type thing ("easy to use administrative interface"), due to the non-technical IT staff and the "Must be windows" requirement which just happens to exclude the ALL the best options. Really. So the alternatives are overpriced crapware which are not nearly as effective (
    • I currently administer 30 exchange servers at multiple companies. For the companies that want spam filtering we are using Barracuda spam filters, it is a 1U Spam appliance, and is pretty much plug and play, you tell it the IP of your mail server, and once you train it, it works wonderfully. I believe they do offer free evaluation units, and like I said the companies who I have them at are very happy with them. The company that makes it is Barracuda Networks, and a simple Google search for Barracuda spam fil

  • ASSP (Score:3, Informative)

    by GrigorPDX ( 513102 ) on Friday April 28, 2006 @08:04PM (#15224930)
    ASSP [sourceforge.net] is an excellent, cross-platform, open source mail filter that is quite popular amongst my long-suffering Windows mail server admins. Perl-based and platform-agnostic it might be what you're looking for.
    • I've been using ASSP for well over 2 years now and am relatively pleased. It can be a total bitch to set up for the first time though - it helps to understand Unixy terminology as applied to mail servers.

      BUT... Once it's set up, it's easy to modify, easy to update, and fun to watch as it clears away your spam problems.

  • ORFEE (Score:3, Interesting)

    by ReverendRyan ( 582497 ) on Friday April 28, 2006 @08:06PM (#15224947) Homepage

    I've had good luck with ORFEE [vamsoft.com]. After implementing the Greylist, our spam went down about 75%. I then blacklisted the remaining spam-sending networks (only if I knew we wouldn't need to mail them) and it has now been several weeks since I've received a single piece of spam.

    It doesn't have an outlook plugin, but we haven't really needed one. It also has a trial version.

    • I second that; I've been using ORF since early 2003. ORF, Open Relay Filter, is a less than $100/per year (regardless of employees/mailboxes/email addresses/volume) software solution installed on an IIS smtpsvc gateway called Vamsoft ORF (Open Relay Filter). It builds into IIS SMTP (5 or 6) transport level, allowing filtering such as: A/MX record check, inclusive/exclusive white/blacklists for email addresses and IP addresses, cacheable DNS blacklists (SpamCop, Spamhaus, SORBS, etc.), Tarpitting, maintains
    • I agree! ORFEE blocks about 75% of incoming SMTP conenctions for me. The tremendous advantage of ORFEE over a lot of other anti-spam filters is that it can (and does by default) block at the SMTP level (ie, generates a 500 series error instead of 200 okay).

      This means that should you accidentally block a legitimate email, the original sender will be notified as their system will send a bounce, but you won't waste everyone's time sending out non-delivery-reports to spam with forged senders.

      (The usual approa

  • McAfree GroupShould with SpamKiller add-on (Score:3, Interesting)

    by hawkbug ( 94280 ) <psxNO@SPAMfimble.com> on Friday April 28, 2006 @08:08PM (#15224959) Homepage
    McAfee is what my company uses on our Exchange server. I'm a linux guy, so I'm familar SpamAssassin and I use SA on my linux mail servers. However, since SA isn't available for windows, I did some research and discovered that McAfee created a product call SpamKiller, which uses SpamAssassin as it's base, and they basically create hooks into Exchange for it. SpamAssassin is currently up to version 3.1.1, and from what I understand, the McAfee product is still using the 2.X base for their code, but it does work OK. SA does a slightly better job since it's more up to date, but with McAfee's nightly antivirus updates, you also get an updated spamfilter settings and code. I'd give it OK marks and definitely suggest using it:

    http://www.mcafee.com/us/smb/products/anti_spam/sp amkiller_mail_servers.html [mcafee.com]

  • Non-Windows doesn't mean you can't use Exchange... (Score:5, Insightful)

    by dn15 ( 735502 ) on Friday April 28, 2006 @08:15PM (#15224998)
    While you said it should be Windows-based, I wanted to make sure you are aware that you *can* have a Linux/BSD/Mac server filter spam and keep your Exchange server. It would just be a gateway that receives your mail, runs filters, and then sends the messages along to your Exchange server. Just something to think about. It would also mean your filters would not break as you upgrade your software, since it would be a separate machine from the one that runs Exchange.
    • And it works great. It hasn't been worth replacing our old Exchange setup yet, so I set up a little box running exim that handles all the incoming connections and runs them through spamassassin and clamav before forwarding to Exchange.
    • I was going to suggest something similar.

      An opensource frontend (cluster if required) that acts as a gateway to your exchange backend.

      This is exactly what my company does and it works very well. I have, infact, never recieved a single piece of spam. It can be configured to touch base with the exchange backend to insure a real account/group is on the recieving end and 550 anything else.
    • My company isn't about to switch away from Exchange in the near future. Instead, I created a jail inside the FreeBSD webserver we were already using, installed Postfix, said a few incantations [freesoftwaremagazine.com], and watched in delight as the CPU use percentage on the Exchange server fell back from three digits to one.

      The Postfix server never dies unexpectedly (99.99+% uptime last year, including maintenance downtime) and we automatically have a backup MX for when Exchange falls over - incoming mail just spools up in Postf

    • I do this too. Spam filtering is a very resource intensive process, if done properly, so taking that function off of your exchange server is not a bad idea for that reason either.

      The drawbacks, which I think the original poster listed as requirement, is that it doesn't integrate nicely into exchange. Training the bayes stuff for _your_ mail is hard (eg marking it as spam under exchange doesn't automatically adjust the bayes stuff). That being said, the solution I put togther has very low false positive rate
    • This was what I was going to suggest. Our organization uses a Lotus Domino mail server on an AS/400 platform. The number of spam scanners directly compatible with this setup is close to nil, but I just have a gateway FreeBSD machine in front of it that does the scanning. It runs a combination of Postfix/SpamAssassin/Amavisd/ClamAV to process all the mail, and then send it along to the Domino server if it passes the filter.

      It works very very well. The only drawback I've found is that it seems to be absol

  • Why not use Exchange IMF? (Score:5, Informative)

    by YU Nicks NE Way ( 129084 ) on Friday April 28, 2006 @08:22PM (#15225032)
    The IMF which ships as a part of E2K3 SP1 and later works well, and has the advantage of being free with Exchange.
  • I'm not sure if it can run on windows it seems to be all pearl based includes spamassassin and virus scanning http://www.renaissoft.com/maia/ [renaissoft.com]

  • Two suggestions - Gateway products (Score:3, Interesting)

    by bernywork ( 57298 ) * <.bstapleton. .at. .gmail.com.> on Friday April 28, 2006 @08:24PM (#15225040) Journal
    Your best bet if you want to not care if it's Exchange or anything else, go for a gateway product.

    1) If you want to house on site, then use this: Trend Micro InterScan Messaging Security Suite [trendmicro.com] It runs on windows, and has a really good hit rate for SPAM and it's even better with viruses.

    2) If you don't mind getting someone else to do it for you: MessageLabs Spam and Virus filtering [messagelabs.com]

    The IMSS solution I am not going to turn around to you and say that it's the absolute best thing on the face of the planet, as quite simply I just haven't seen something out there yet, that really makes me go WOW! It is however, a really good gateway product, and works extremely well, if nothing else, it's the pick of a bad bunch. It's very configurable, and in from my experiences with it, tends not to screw up. That's a pretty important factor for me.

    The MessageLabs solution is another gateway solution. It's not housed by you, so it takes up no server resources on your part, and the solution is extremely redundant. Certainly a hell of a lot more than you are going to get paying for it yourself in most instances. Their virus and spam definitions are essentially second to none, and the rates of false positives I have seen for spam are very good as well. Their interface on their web site isn't exactly feature rich, in actual fact it really is quite sparse, but then it does cover the basics, and their retention times for bad mails are good too.

    So for gateway products, these are what I am recommending to customers at the moment. I am tending to not push for server based (Exchange server / Information Store) AV as hardware is cheap and if it's not on there it can't cause you any problems. All this tied in with the fact that it doesn't scale leads me to think that it's not worth it. The other suggestion would be to run Exchange on port 26 and have this on port 25. That way it can be on the same box, but it shouldn't interfere with Exchange at all.

    I have no idea what your discount schedule is for resellers, so I can't even get you indicitive pricing. I also don't know where you are, so that helps me even less.

    Happy hunting!

    Berny
    • I second the message labs solution, if you can affort it. We've got over 4000 employees all with email and maybe once a week does a spam make it to one person. The only false positive reported in the last two years was, someone wanted to subscribe to bugtraq and the confirmation message kept gettting blocked. The only draw back is cost. We're paying an arm and a leg, but we are getting what we pay for.

  • Ignore the outlook plugins (Score:1)

    by Anonymous Coward
    Most of them are either tied to sub-standard products, or cause more problems than they're worth

    Go for one of the plethora of standalone appliances that go infront of exchange. Any of them will increase the security of the exchange system, and combat spam. Some even include per-user spam quarantines that the end-user can control through a simple web interface.

  • Exchange 2003 SP2 (Score:3, Informative)

    by slasher999 ( 513533 ) on Friday April 28, 2006 @08:39PM (#15225101)
    Read up on Exchange 2003 SP2. MS made significant security and spam related enhancements to Exchange 2003 with the release of that SP. There is plenty of info on Microsoft's Exchange site about SP2.

    I'd also recommend looking at GFI MailEssentials. It's cheap (free in it's "cheapest" version), simple to install and configure, and can do a good job when configured properly. Several methods for defining spam are available in the product - blacklists/whitelists, Bayesian, others.

    Finally, consider outsourcing the entire spam identification process. Postini, which I've used for years at various employers, rocks. Adminitration and all user level functions (approve/delete quarantined messages, whitelist/blacklist addresses or domains, etc.) are performed via web browser (works great with Firefox or IE). Users are given their own id/password and are notified via email when they have quarantined items (once per day). Postini also does basic antivirus scanning (via McAfee) and while that isn't adequate in itself for protecting your email environment from viruses, it does offer an extra layer of protection. It's relatively cheap as well. If you are a small company (100 users), I believe McAfee offers Postini services bundled with some of their products geared for small business.
  • ...Or at least, most of it. We're implementing the "spam firewall" box option that has been the vogue for the last few years because our Exchange spam filter is, likewise, coming up for license renewal. The last straw for me was when it came to image-only spam--for about two dozen of my 300 users, it won't block it. But it does block it for SOME people... Irritating, and hard to explain to a sales manager in the field getting six of these penny-stock-scam messages per day. I even have one guy who gets
  • http://www.barracudanetworks.com/ [barracudanetworks.com]

    Not to evangelize too much, but but I love my barracuda box. It's conceptually a linux box with spamassasin and some bayes stuff with a web interface. But its great, no per user licensing, active directory integration etc. (The AD stuff lets it tell if an email address exists in your organization or not before forwarding the message. If not, it just hangs up on the sender.)

    It isn't 100%, at least the way I have it set up because we don't want false positives ever, and my use
    • I installed one almost a year ago & it's worked great.

      There are some features like quarantine & an outlook plugin, but it works well even without those - the user's dont need to know it's there if you dont want them too.
      • There are some features like quarantine & an outlook plugin, but it works well even without those - the user's dont need to know it's there if you dont want them too.

        Yeah. We use a pair of Barracudas at work and they're awesome. The web interface is intuitive enough that non-engineers can do the spam training and look for emails that got blocked unnecessarily. It auto-updates itself, and is totally transparent to the end users.

        I couldn't imagine a better anti-spam system, unless maybe someone came out w
        • We use a barracuda and quite frankly arent very impressed. It used to work great but the spammers have gotten better while the technology powering the barracuda hasnt. I get tons of spam in my personal inbox and i have trained the byasian(sp?) filter for my account and for the box as a whole extensively.

          now dont get me wrong, we love their outgoing filter product as for the load it handles and the email it handles, it works great.

          the incomming product has to be babysat far too much, and the company itself
  • I use and recommend XWall for Exchange by DataEnter. Go to www.dataenter.at and check it out. There is a 30-day eval that you can download, and it is extremely cheap (something like $250 per server). It is basically a gateway product, so you only install it on your SMTP gateways. My company with 3 Exchange servers only has it installed on the single SMTP gateway server, so we only needed one license.

    XWall does pretty much everything that you could want. It supports greylisting, blacklisting, whitelis
  • Trouble [google.com] with a Symantec product? Symantec Error [google.com] gets 3,000,000 hits.
    • That proves nothing. It just means that there is a lot of penetration in symantec products. I am not a fan of a lot of their products, but Brightmail is not on the list of crap they have put out. They BOUGHT brightmail and made it their own.

      Just an FYI, looking up "Linux Error" in google gets me 72,800,000 hits. Looking up "Sexual Error" gets me 15,600,000 hits and "google error" gets me 65,800,000 hits.

  • What we found works best is having a Barracuda Spam Firewall in the DMZ, and allow only the Barracuda to talk to the Exchange server. LDAP lookup, drops the processor load on the Exchange, and once tweaked you don't get much spam though. Though, you do have to spend maybe an hour a week tweaking it. The Barracuda works really well overall though.

    It also makes the exchange server more secure.

  • We love brightmail (Score:3, Interesting)

    by Anarke_Incarnate ( 733529 ) on Friday April 28, 2006 @09:14PM (#15225230)
    at work. However, have you considered instead of using brightmail on the exchange server, only use the foldering agent and set up brightmail filters as your MX record (top level) and have them relay the mail to your exchange? We have about >95% catch rate. You can set them up running on Windows with IIS SMTP, Linux with sendmail or Solaris with sendmail. As cheap as brightmail is and as good as it has worked for my company, I would keep it. My suggestion would be to use the "Suspected Spam" option and set the threshold to 62. The one thing I would suggest is if it is a windows based gateway filter, as described above, reboot it weekly (works really well if you can afford 2 boxes, since BM doesn't charge by server, CPUs or anything, but rather how many clients you have it filter for) or at least schedule scripts to restart tomcat (net stop tomcat... net start tomcat...) If on a *Nix box, just cron tomcat restarts.
  • Works great, even syncs with multiple mail gateways, and you have no client because it uses public folders. http://www.gfi.com/ [gfi.com]
    • I was going to mention GFI as well. I've used it at a small office with Exchange 2000. The paid version does baynesian and what not, once the trial expires, you get to "keep" the DNS blacklist feature. Whitelist support was pretty good too.
    • I'm no fan of GFI and actively recommend that people don't go anywhere near their Mail Security product (the AV scanner), which with every release seems to be fighting a losing battle against critical bugs that delete your CEO's e-mail. I just wish GFI could keep the releases in QA a bit longer, or hey, maybe start a QA department....

      However, Mail Essentials is the best spam filter I've seen. Users almost hug you with delight once the bayesian filter gets switched on. It integrates in exchange neatly, users
    • I have to agree with GFI Products. We use GFI MailEssentials for anti-spam and MailSecurity for anti-virus. I am not sure on the initial costs, but our yearly maintenance fee for a 50 user license of each is a total of $400 for both products plus 2 virus subscriptions (BitDefender and Norman). Their support is great also.

      We have never had a virus slip through. Last November when whatever virus was going around we were receiving 3000+ a day of these and no problems. Because of this, our server anti-virus (e

  • This is easy to use. It's outsourced to MS so they do all the maintenance work. It's called "Microsoft Exchange Hosted Filtering" aka Spamshark.
    http://www.microsoft.com/exchange/services/buy.ms p x [microsoft.com]

    You get a 30 day free trial too:
    http://www.microsoft.com/exchange/services/trial.m spx [microsoft.com]

    It sends a daily e-mail (if you have any spam) to the client. And the client identifies if any are false positives. Very easy to use. $1.75/month/address if you can't broker a deal on volume pricing. So about $21/per

  • iHateSpam (Score:2, Informative)

    by carnellm ( 256788 )
    Sunbelt Software's [sunbelt-software.com] program called iHateSpam works very well on Exchange servers. It has an fairly easy administrative interface, and is very easy for users to understand. Also generates good look reports which are great for showing to execs and users how much spam is getting caught and who the worst offenders are. Demo version too. They have some other products for anti-virus and spyware and such, but I have only used the spam one.
  • Brightmail works fine. Exchange not so much. You have two good options:

    A) An Ironport appliance.
    B) Outsource to an antispam service.

    Both of these solutions also protect your exchange server from hackers, mail floods and other things that tend to make your pager go off in the night.

    Outsourcing is cheap if you're a smaller company. The Ironport lets you keep control it house if you're large enough to afford it.
    • I'll second the Ironport appliance. We were able to free up a couple Win2k3 servers when we switched from Trend Micro to a single IronPort appliance. I'm a fan of Trend, too, so it took a lot for IronPort to impress me. I don't admin the box myself, but I'm told it is very easy to administer.
  • This works well with Exchange and is simple to maintain: CanIt Appliance [roaringpenguin.com]
    • I will second canit!

      We have been using Canit for about a year (and MIMEDefang for four years before that) and it is freaking awesome. If pointy-clicky through a web interface is enough of a GUI, that is.

      It is _highly_ configurable and super flexible. You can have one stream for the whole company's inbound mail, one stream per user, or use a user's attribute in AD (accessable through LDAP) to "dynamically" map their email to a stream. Cripe, you can plumb it any which way you want.

      In our case, I have our Can
  • Get yourself a Barracuda [barracudanetworks.com]. It is an appliance, is easy to configure and use, is updated regularly over the internet by the vendor, works with active directory, has plug-in for outlook users, and best of all will continue to work after you throw exchange away and get a real mail system. We buy them for our customers and have one ourselves, exchange or unix-based email.
  • We're using an Astaro Firewall & Spam filter [astaro.com] for 100 users. We get updates very frequently, up to 6 times daily, and the results are excellent. On occasion we will find a new spam variant getting through and normally in less than a day that hole will be closed with an automatic update. This is in an environment where some mail users received 300 spams a day. I walked into this situation before I knew how bad it was - Groupwise 6.0 on a Netware 6.0. With the firewall/SMTP proxy solution, we get grea

  • We use Sophos PureMessage (Score:3, Informative)

    by ayden ( 126539 ) on Friday April 28, 2006 @11:13PM (#15225626) Homepage Journal
    We installed Sophos PureMessage for UNIX about a month ago on our postfix SMTP gateways. The performance has been outstanding and provides web management user interfaces. Note that we specifically chose an AntiSpam/AntiVirus solution for our SMTP gateway servers different from our enterprise AntiVirus solution (we run McAfee GroupShield on Exchange and McAfee Enterprise 8i on our desktops and servers).

    Since a UNIX server is not an option (though the web management interface may change that), you might want to take a look at PureMessage for Exchange:
    http://www.sophos.com/products/es/gateway/pm-windo ws-exchange.html [sophos.com]

    Sophos offers a 30 day evaluation:
    http://www.sophos.com/products/eval/ [sophos.com]

    BTW, prior to Sophos PMX, we were using SpamAssassin.
  • SpamBayes is a python script that proxies pop3 connections. Works great, runs on Linux or Windows.
  • But I know where you can find an Exchange-compatible spam generator [microsoft.com]
  • Heluna [heluna.com] - rather than installing any software or hardware, it's a service that accepts all of your incoming e-mail and forwards on the good messages. Unlimited mailboxes, quarantines, approved/blocked senders, and it only costs based upon the number of good messages that you get.
  • If you're talent pool is so limited, use MXLogic or PostIni.

    We've been using MXLogic for a year, and it works much better than SpamAssassin ever did.
    • On my side.. for a company, I setup a filter based on SpamAssassin to catch all of the stuff that Postini missed -- Postini was really worthless, in my opinion.
  • We had IHateSpam for a few months and wow what a piece of crap that product was. We got BrightMail after that and although it worked very well for us, it (as others have mentioned) gobbled up ridiculous amounts of server resources which made it undesirable for the long term. We've been using Cloudmark Server Edition (http://www.cloudmark.com) for the past 1.5 years and although it allows a few more messages through than BM did, overall it's a better value and much easier on CPU resources. And, there is a cl
  • I just went through this process a few months ago, and ended up with GFI Anti-spam/anti-virus for our underworked Exchange 2003 server (about a dozen users). I'm pretty happy with it. It's one of the few that uses a Baysian mail filter (trained by dropping emails into public folders). It also has auto-whitelisting (from outgoing emails), and a lot of other practical features, and just keeps working in the background. And reasonably priced. It's an extra bonus having a mail anti-virus scanner that's dif
    • I'll second your suggestion for GFI. Not only is the product server based, meaning I had to go through no training with my users for a client install and maintenance, but with the auto-update of the Bayesian filters, it really keeps on top of things. My small office tends to get a lot of spam due to the age of the domain name, so when I installed this application, my users were suddenly able to actually get work done again.
  • You already have more than one computer on your network, so ignore exchange entirely and have another machine accepting mail for it and forwarding it on to exchange after filtering. Exchange will accept conventional email as well as it's own odd methods.

    Spamassassin is very good and can be found as part of very good cross platform packages like MailScanner. A low end machine can do a lot of filtering - and if it does get hammered the users won't notice because exchange on the other machine will still be a

  • I've used Spambayes at a few sites and most users love it. It gives the users control to filter what they want.
    http://spambayes.sourceforge.net/ [sourceforge.net]
    • I second this. Spambayes works very well with Outlook & Exchange. The only problem is that since it's a client-side program, it's not working when the Outlook client isn't running. I have several clients who have an Exchange server hosted by someone else, and they are in the habit of opening their Outlook and letting it sit for 10 minutes so Spambayes can catch up on all the spam if they haven't checked their email for a few days. Also, of course, they now hate checking webmail since Spambayes only
  • Via "Spamsink" [spamsink.org]? it's basically an iis smtp front-ender to spamd.
    • Mail here comes in to UN*X servers, however our group uses Exchange so our stuff gets received there and then kicked over here. All incoming mail on the UN*X boxen is run through SpamAssassin, so the end result is the same as this (though the implementation sounds interesting).

      In any event, SpamAssassin deinfitely works well with Outlook, you just add a rule based on

      X-Spam-Level: ******

      and each user can set their threshold as they see fit, by changing the number of stars.

  • My employer uses (and resells) SpamSoap. [spamsoap.com] It kicks ass. They filter all the mail before sending it on to your mailserver. When they catch spam addressed to a user, that user gets a notification message (one per day) directing them to a web-based console. There they're presented with a list of the messages that have been filtered and can choose to delete them or release them for delivery to the mailserver.

    If your mailserver takes a shit, they can cache your inbound mail for a while as well (at least 24 hours,
  • We've used (www.)MailFrontier(.com)'s EG for a long time now, and seen it evolve from v2.0 to where it is today. The product offers a number of features that are appealing:

    - filters spam accurately; we've had very few missed messages, and fewer still false positives.
    - monitors Exchange logs; automatically configures whitelists accordingly
    - allows remote agents to be installed on user machines, though log monitoring makes this fairly unnecessary
    - DOES NOT HAVE TO LIVE on the Exchange box (it can, but I wou
  • You still need to run internal software to be safe, but have you considered contracting with a mail scanning service like Message Labs [messagelabs.com]? A significant percentage of the mail that comes to my employer's accounts contains spam or viruses, and this service has been great at filtering it out. Not only that, but whatever bandwidth it would have taken (granted, it's not that much) never comes to our network. Again, and I can't stress this enough, you still need to run something internally to be as safe as possibl
  • A managed service is flat out the way to go. That way you don't have to mess with installing and managing software or hardware that's just going to get old and useless.

    My recommendations are:
    MXLogic [mxlogic.com]
    MessageLabs [messagelabs.com]
    Spam Spy [spamspy.com]


    There are many others too. Postini is the most popular but I hear it kind of sucks.

    Best of luck!
  • Just point it to an RBF such as Spamhaus. We use their SBL/XBL combo list, and spam dropped by easily 95%.

    You don't need any additional software, it just plain works. And it stays up-to-date automagically (well, thanks to the hard work of the guys at Spamhaus that maintain it). You'll never need to touch it again unless your RBL's maintainer shuts down.

    Sadly, as the biggest problem you'll have - Many manegerial types receive spam and consider it some sort of insider secret prize they've won (you know

  • Mailwasher server (Score:1, Informative)

    by Anonymous Coward
    Nice open source antispam which plugs in to Exchange. Simple to setup

    Great UI for admins and users with quarantine features users can manage themselves.

    We've had great results with it.

    http://oss.firetrust.com/ [firetrust.com]

  • My company has purchased http://www.spambully.com/ [spambully.com] and I have to say it is an absolutely excellent product. I tried and tested a few products before recommending SpamBully. SpamBully was by far the best. It works with Exchange accounts, that is very important for us. The very first time you start Spam Bully, its Bayesian spam filter will learn from your own personal email habits, identifying good and spam messages. Every time you download your email, Spam Bully will make sure good emails make it to your Inb

Slashdot Top Deals

One man's constant is another man's variable. -- A.J. Perlis

Close