Problem solve Get help with specific problems with your technologies, process and projects.

Fight back at spam

Three ways to combat unsolicited e-mail.

This tip was submitted to the searchWin2000 Tip Exchange by member Robert Shahon. Let other users know how useful it is by rating the tip below.

Spam and unsolicited e-mail is a chronic problem for companies of all sizes. I have been dealing with this problem in three different ways:

  1. Block specific e-mail senders or whole domains from sending you the SPAM.

    In Exchange 2000, open Exchange System Manager > Select Server > Select Global Settings > Select Message Delivery > Right Click and go to properties.

    Here you have four tabs, one of which is filtering. You can filter by e-mail address or by domain, for example: * You also have the option to Archive Filtered Messages, Filter messages with Blank Senders and to accept the messages without notifying sender of filter. There is another way to set this up by editing the registry, but who wants to fiddle around with that when you can achieve the same thing through the actual program GUI.

  2. If in Washington State, send the ISP the e-mail header info and a short blurb of the Washington RCW 19.190 including the $$ associated with the assisting of transmission as well as originating the transmission, which may mean that they can be liable for fines as well.

    To whom it may concern,

    This message is to put you on notice that your e-mail service have been sending users at my company unsolicited spam (junk e-mail).

    These e-mails are in direct violation of Washington state law RCW 19.190 and may result in my taking legal action against them. The fine is $500.00 for each unsolicited e-mail received. Please note that the cited law prohibits "Assisting the Transmission" as well as originating the transmission which may mean that you can be liable for fines as well.

    I would like to hear from you on steps that you plan to take to ensure that your service is no longer in violation of Washington state law. If you do not stop these e-mails, I am authorized by my company to pursue prosecution under Washington state law RCW 19.190 for each e-mail we receive from you!


  3. I also use Microsoft ISA Server to filter e-mail.

    ISA Ships with an SMTP application filter, which is located within the ISA Management Console. To find this filter open the ISA MMC > Select Servers and Arrays > Select Server > Select Extensions > Select Application Filters > Select SMTP Filter > Double click for properties. Here you have five tabs. The three tabs I use the most often are: Attachments, User/Domain and Keywords.

    On the first tab is attachments; this may come in very handy when there are virus alerts, you can add another line of defense by deleting attachments with a certain file name, extension or size. Your action options are: delete, hold or forward to. I specifically use this to delete attachments like .vbs, .scr, .exe and so on, this way if ISA does not catch it my virus protection will.

    On the second tab are options for filtering by senders name or domain name; this will just reject the e-mail. This is very similar to the options given to you in the exchange manager.

    On the third tab we have keyword filtering. On this page you can setup keyword filtering rules to apply action if keyword is found in: the message header or body, the message header or just the body. Your actions for these rules are Delete, Hold Message, of Forward to.

    Just a WARNING if you use this tab -- it is very easy to filter out important e-mail using keywords! For example: You want to filter all e-mails containing the word WIN in the message header or body, sounds simple enough, eh? Make sure you set the action to forward to System Attendant or an e-mail that will be checked daily. The reason for this is, and I found out first hand, is when ISA checks incoming mail it checks for that letter combination and doesn't care where it is. I filtered many e-mails that had words like drawings, showing, following, and so on. So as a rule of thumb, when you create a new keyword rule, make sure the action is set to "forward to" for at least a couple of weeks to make sure that the rule is working correctly. Always set new rules to forward the mail to an admin account for screening so you can make sure you do not filter important company information!

Happy filtering!

Dig Deeper on Exchange Server setup and troubleshooting

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.