Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


AntiSpam solution that reads routing infomation?

  • Please log in to reply
No replies to this topic

#1 CyyberSpaceCowboy


  • Members
  • 8 posts
  • Local time:05:08 PM

Posted 26 May 2009 - 03:19 PM

We are getting spammed by messages where the "Sender" field matches a legitimate user on our domain. I can tell when the sender is being spoofed by looking at the routing information in the message source, is there an anti spam program that can do the same? My only other option would be to create new user accounts.

All my users have Outlook 03 or 07. Every user has a custom mail folder named "Dead_Letter". My anti-spam rules are as follows

*If the From fields contains user's email address and subject does not include "test", send message to Dead_Letter
*If Sender field contains MyOrganizationDomain stop processing more rules (I could tighten this by maintaining a central list of all legitimate local addresses ,i.e., bob@MyOrganizationDomain will pass through even if we don't have a Bob, but it hasn't happened often enough to make it worth the effort)
*If Sender is in "Contacts", stop processing rules
*Everything left,sen to "Dead_Letter"

I always figured these rules would accomplish everything a third party spam filter could do. Is there anything that will analyze the message beyond the sender controlled fields? It looks like someone's Contact's folder got uploaded by a bot (could be a home computer where I have no control). The mail server is offsite and hosted my a provider that does not do filtering.


BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users