MSG 328 AntiSpam in Exchange 2003 Max Ciccotosto
- Slides: 30
MSG 328 Anti-Spam in Exchange 2003 Max Ciccotosto Program Manager - Exchange Microsoft Corporation
Agenda The Spam Problem Exchange 2003 Anti-Spam Features Client Server Integration Deployment
Spam & Viruses Compared Viruses Spam Exploits Specific vulnerabilities (e. g. buffer overruns) General openness of mail system Effects Destructive Nuisance, offensive Sender motivation Kudos $ Identification Signatures, deterministic Various, often subjective Cost Data loss Productivity loss Helpdesk Administration System resources Bandwidth Exchange Solution Exchange infrastructure 3 rd Party Anti-Virus plug-ins Exchange infrastructure Exchange features 3 rd Party Anti-Spam plug-ins
Desirability Classifying Communication* Critical legitimate mail Business Personal Order confirmations Non-critical legitimate mail Subscriptions Listserv Legitimate commercial mail Amazon. com promotions Expedia fare tracker Mail from companies with a pre-existing business relationship Spam Unsolicited product promotions Health & “pharmaceutical” Real estate & financial Scams & chain letters Pornography Destructive Viruses Easily classified at Gateway Gray area, best classified by end user Easily classified at Gateway * External communication only. All internal communication is assumed to be legitimate
Enterprise Requirements for Anti-Spam False positives are the #1 enterprise concern Valid mail in the junk folder is as good as lost Block at the gateway whenever possible User never sees it Reduced impact on bandwidth & other system resources Administration End to end solutions Easy to manage Balance corporate & end user control Legal considerations
Exchange 2003 Anti-Spam Features
Connection Filtering (IP based) Global Allow and Deny lists Configure individual IP or ranges by subnet mask Allow overrides Deny by design Support for subscribing to 3 rd party “realtime block list (RBL)” services Support for multiple RBL providers Customizable NDR response per configured provider Override exception email address
demo Connection Filtering
Sender Filtering Filter messages sent from particular email addresses or domains Filter messages with blank senders Optionally drop connection Blocking own domain will break list services Enhanced spoof detection – message submission method is persisted Don’t resolve anonymous sender by default
Recipient filtering Filter messages sent to nonexistent recipients No NDR – message rejected at protocol Address book mining Filter messages sent to particular email recipients (valid or invalid) Restricted Distribution Lists Allow only authenticated users to send to a DL Reduces impact of unsolicited email sent to internal only DLs
demo Recipient Filtering Restricted DL
ISV Infrastructure Support Partner integration Expose new message properties for authenticated and trusted (IP Accept List) connections Don’t filter mail from authenticated or trusted connection Virus scanning still performed Avoids potential false positives on internal or trusted mail Per Message Spam Rating (SCL) Leverage client integration
Client Features
Trusted and Blocked Senders Safe Recipients Blocked Senders Can optionally include Contacts User Lists shared by Outlook 2003 and Exchange 2003 OWA User Lists are stored on the server Move to junk folder determined by store based on user lists and per message SCL
OWA 2003 Junk Email Senders/Trusted Senders
Outlook 2003 Anti-Spam
Client Server Integration
Exchange/Outlook Anti-Spam Integration Exchange Server 2003 Gateway Server Transport SMTP Message Allow/Deny Lists Real-Time Block Lists Recipient & Sender Filtering 3 rd Party Plug-Ins Message + SCL = Spam Confidence Level Mailbox Server Store User Trusted & Junk Senders Inbox Spam? Junk Mail Folder Spam? Junk Mail Folder Inbox Outlook 2003 User Trusted & Junk Senders Exchange 2003 OWA
demo OWA Trusted Senders
Deployment
What to Put Where Which features should be enabled Where features should be deployed Cross forest considerations Best practice recommendations
Putting It All Together
Deployment Summary (1) Deploy Recipient Lookups at the Gateway – assumes employees are not malicious submitting internally Enable Restricted DLs only when ALL members are internal Enable restricted DLs for applications that authenticate Don’t restrict DLs if application submits anonymously Direct through internal smarthost Restrict access by IP address Set Resolve Anonymous on smarthost – OLK rules work based on GAL entry Block access to these DLs at gateway via Recipient Filtering
Deployment Summary (2) Enable RBL/Accept IP features at the Gateway SMTP IP restrictions can be programmatically set (Q 810913) Updated to support Accept/Deny Lists Configure Cross Forest SMTP Connectors for authentication Preserves original submission method Accepts EXCH 50 (per message MAPI properties data) If connectors are anonymous, restrict by IP address Set Resolve Anonymous on connector VSI Set Reg Key override for accepting EXCH 50
Summary There is no “silver bullet” in the war against spam. Microsoft is committed to fighting spam through on-going investments in anti-spam features & technologies. Through integration of our own products and ISV partner products, we aim to reduce spam by providing complete end to end solutions.
Ask The Experts Get Your Questions Answered I will be at the ATE after this session
Community Resources http: //www. microsoft. com/communities/default. mspx Most Valuable Professional (MVP) http: //www. mvp. support. microsoft. com/ Newsgroups Converse online with Microsoft Newsgroups, including Worldwide http: //www. microsoft. com/communities/newsgroups/default. mspx User Groups Meet and learn with your peers http: //www. microsoft. com/communities/usergroups/default. mspx
Suggested Reading And Resources The tools you need to put technology to work! TITLE Available Microsoft® Exchange Server 2003 Administrator's Companion: 07356 -1979 -4 9/24/03 Active Directory® for Microsoft® Windows® Server 2003 Technical Reference: 0 -73561577 -2 Today Microsoft Press books are 20% off at the Tech. Ed Bookstore Also buy any TWO Microsoft Press books and get a FREE T-Shirt
evaluations
© 2003 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.
- Max ciccotosto
- Dobr�� pr��ce
- X-forefront-antispam-report
- Kerio antispam
- U bent van harte uitgenodigd
- Legge 328 del 2000 mappa concettuale
- At mega 328
- Legge 328 del 2000 slide
- Signos romanos
- Atmega 328u
- Arduino adc
- Absolute maxima and local maxima
- Voluntary exchange
- Gas exchange key events in gas exchange
- Determination of exchange rate
- Msg timeline
- 2 peter 3 msg
- Exodus 3 message
- Msg foundation case study
- Organic food additives
- Mhelpdesk msg
- Ad msg wnd
- Ephesians 2:19-22 msg
- John 2 the message
- Eva msg
- Jeremiah 12:5 message
- Matthew 11:28-30 message
- Colossians 3:1-2 msg
- Msg fire
- Msg wnd
- Salmo 91 english