IBM AH0QXML User Guide

IBM AH0QXML - Lotus Domino Messaging Manual

Get IBM AH0QXML - Lotus Domino Messaging PDF manuals and user guides View all IBM AH0QXML manuals
Add to My Manuals
Save this manual to your list of manuals

IBM AH0QXML manual content summary:

  • IBM AH0QXML | User Guide - Page 1
    Front cover Lotus Domino 6 spam Survival Guide for IBM Avoid, block, and manage spam with server mail rules and mail file rules Anti-spam features of Domino 6 Third-party anti-spam products ibm.com/redbooks Tommi Tulisalo Ted Chappell Beth Anne Collopy Kris Hansen Greg Kelleher Mark Ramos Bruce
  • IBM AH0QXML | User Guide - Page 2
  • IBM AH0QXML | User Guide - Page 3
    International Technical Support Organization Lotus Domino 6 spam Survival Guide for IBM ^ January 2003 SG24-6930-00
  • IBM AH0QXML | User Guide - Page 4
    Note: Before using this information and the product it supports, read the information in "Notices" on page v. First Edition (January 2003) This edition applies to IBM Lotus Notes 6.0 and IBM Lotus Domino 6.0. © Copyright International Business Machines Corporation 2003. All rights reserved. Note to
  • IBM AH0QXML | User Guide - Page 5
    23 3.3.1 Server configuration features 24 3.3.2 User configuration features 25 3.4 Common problems and solutions 25 Chapter 4. Domino 6 Server anti-spam features 29 4.1 How connections from spammers 32 4.2.1 DNS Blacklist filters 32 © Copyright IBM Corp. 2003. All rights reserved. iii
  • IBM AH0QXML | User Guide - Page 6
    Notes and Domino 94 6.2 Anti-spam server and gateway products and services 94 6.2.1 BrightMail Anti-Spam 4.0 from BrightMail, Inc 94 6.2.2 products and services 98 Related publications 99 IBM Redbooks 99 Referenced Web sites 99 How to get IBM Redbooks 100 IBM Redbooks collections
  • IBM AH0QXML | User Guide - Page 7
    right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not
  • IBM AH0QXML | User Guide - Page 8
    and other countries. SET, SET Secure Electronic Transaction, and the SET Logo are trademarks owned by SET Secure Electronic Transaction LLC. Other company, product, and service names may be trademarks or service marks of others. vi Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 9
    to further address the spam problem. These products fall into two Support Organization at Cambridge, Massachusetts. He manages projects whose objective is to produce redbooks on all areas of Lotus Software products. Before joining the ITSO in 2001, he was an IT Architect for IBM Global Services
  • IBM AH0QXML | User Guide - Page 10
    it in the support organization. He started in 1993 as a software support specialist in Canada before transferring to Lotus France in 1998 to become first a Lotus Support Account Manager, and then the Critical Situation Manager for EMEA West and viii Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 11
    from McGill University in Montreal, Canada. A number of people have provided support and guidance. In particular we would like to thank Jon Johnston, Creative on experience with leading-edge technologies. You'll team with IBM technical professionals, Business Partners and/or customers. Your efforts
  • IBM AH0QXML | User Guide - Page 12
    , browse the residency index, and apply online at: ibm.com/redbooks/residencies.html Comments welcome Your comments are important at: ibm.com/redbooks Send your comments in an Internet note to: [email protected] Mail your comments to: IBM Corporation, International Technical Support Organization
  • IBM AH0QXML | User Guide - Page 13
    . In this chapter we provide an overview of spam, including a general definition, as well as a discussion of some of the categories of spam and the problems they can pose in an organization. © Copyright IBM Corp. 2003. All rights reserved. 1
  • IBM AH0QXML | User Guide - Page 14
    everyone. Therefore, it can be a very expensive nuisance. Consider the fact that service providers charge for time spent accessing the Internet. If you receive five spam messages of 6 categories: Advertisers trying to sell a product or service to as large an audience as possible. Mailings designed to
  • IBM AH0QXML | User Guide - Page 15
    one of the categories more closely: Advertisers trying to sell a product or service to as large an audience as possible. - This is the most common so obvious. For instance, a reputable-sounding investment firm believes a certain stock is hideously undervalued and urges you to buy it while it is low
  • IBM AH0QXML | User Guide - Page 16
    me, here is that site I was talking about......". Do not be misled; if the mail was not solicited, don't answer it. 4 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 17
    is the type of spam the average person will be least likely to come across. It consists of malformed messages designed to disrupt mail services, often by attempting to crash SMTP routers. There are an infinite number of possible combinations of mail messages that a spammer can create. They can
  • IBM AH0QXML | User Guide - Page 18
    6 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 19
    mail and spam Many users and administrators will agree that unwanted e-mail and spam is a problem for them. Where they don't always agree is on what approach to take to circumvent this in your environment. One highly effective way for your © Copyright IBM Corp. 2003. All rights reserved. 7
  • IBM AH0QXML | User Guide - Page 20
    news-bots look for [email protected] patterns in posted message content and headers. When an e-mail address pattern is found 8 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 21
    registration contacts; instead, create accounts specifically to manage registration contact. Have users avoid using "e-invite" or "postcard" services with their organizational e-mail address: these services often sell or solicit to the e-mail addresses that they gather. Make sure that users know to
  • IBM AH0QXML | User Guide - Page 22
    of their addresses being picked up by spammers, the greater the chance that they can avoid getting on the list. 10 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 23
    purchase anything from an unsolicited e-mail. A key reason that spam is a problem is that people continue to respond to it; if there were no buyers there would be no sellers. Make sure that your users are not adding to the problem by responding to the e-mail at all. This includes the "opt out" links
  • IBM AH0QXML | User Guide - Page 24
    the "right" approach depends entirely on your organization and your users. You will want to engage some server-based spam 12 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 25
    the transition. If you plan to use a third party or gateway device or service, be sure that you are aware of the technology that is used and the spam. New in Notes Domino 6 are server mail rules and DNS blacklist support. Using server mail rules you can reject messages based on content (including
  • IBM AH0QXML | User Guide - Page 26
    a high priority, we recommend a server-based approach. If your users do not see spam as a major problem, are quite adept with Notes Mail rules, and are highly sensitive to false positives you may want to consider selected is still appropriate. 14 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 27
    on new information. Determine how much time to allocate Based on how much of a priority spam prevention is in your organization, and how much of a problem it is to users, you can decide how much time to assign to your anti-spam efforts. If blocking spam is your top priority (this
  • IBM AH0QXML | User Guide - Page 28
    that it is still consistent with what is required. Overall, much can be done to avoid and reduce spam delivery. 16 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 29
    measures are divided between Domino server tasks. How the control over anti-spam measures is divided between the Domino administrator and the end-users. Common problems and recommended solutions. © Copyright IBM Corp. 2003. All rights reserved. 17
  • IBM AH0QXML | User Guide - Page 30
    redbook. The implemented strategy to fight spam in the example Domino environment is to stop spam at the Domino server. 18 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 31
    Domino 6. Lotus Domino 6 for Linux Providing SMTP Mail Services Notes Client Notes Client Notes Client IBM eServer zSeries Domino Messaging Server Firewall IBM eServer xSeries Firewall Internet Notes Client Notes Client IBM eServer iSeries Additional spam control can be implemented by the
  • IBM AH0QXML | User Guide - Page 32
    .BOX to individual mail files Figure 3-2 is a graphical depiction of Domino 6 anti-spam messaging components. Figure 3-2 The Domino 6 messaging components 20 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 33
    3.2.1 SMTP Listener/Server Incoming SMTP messages are processed by the SMTP Listener task. This task is responsible for accepting incoming requests to communicate with the Domino SMTP server. The SMTP Listener task and the configuration settings that it uses are your first line of defense against
  • IBM AH0QXML | User Guide - Page 34
    recipient is not a local user, it checks Inbound Relay Enforcement and Inbound Relay Controls, comparing contents to the RCPT TO. 22 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 35
    7. Originating SMTP server sends the DATA command to initiate the transfer of the message contents. 8. Domino SMTP Listener acknowledges start of DATA. 9. Originating SMTP server sends END OF DATA to indicate data transfer is complete. Domino SMTP Listener checks any inbound file size restrictions.
  • IBM AH0QXML | User Guide - Page 36
    all external hosts, all hosts (internal or external), or not apply checking at all. You can exclude certain hostnames from 24 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 37
    rid of the unwanted messages. Building anti-spam mail file rules should be seen as an additional measure in the overall solution to the spam problem. Although configured by the end users with their Notes client, mail file rules are enforced on the Domino server. Therefore, they do use some server
  • IBM AH0QXML | User Guide - Page 38
    Inbound sender controls Server Mail Rules Inbound Relay Controls Inbound Relay enforcements User Mail File Rules Problems Message received from a known spam domain. X X X A specific host is sending a and don't accept mail from this domain. 26 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 39
    DNS blacklist filters: Check inbound connection and look-up host in DNS blacklist; log and reject message if determined to be from a known spamming site. A specific host is sending a large amount of spam to your server. Inbound connection controls: Deny connection from this host. A specific e-mail
  • IBM AH0QXML | User Guide - Page 40
    =1 on your inbound SMTP server. You can also use reader lists to control who can send mail to individual groups. 28 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 41
    spam with: Server Mail Rules Finally, we discuss how to control use of your server as a relay, employing: Inbound Relay Controls Inbound Relay Enforcement © Copyright IBM Corp. 2003. All rights reserved. 29
  • IBM AH0QXML | User Guide - Page 42
    get the document properties of a message: 1. View the documents in mail.box (or mail1.box, mail2.box, and so forth). 30 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 43
    2. Select the document, right-click, and choose Document Properties. The individual fields are on the left and the value held in each field is on the right. If you find that Dead mail or Held mail is accumulating in mail.box, determine whether the messages are for valid users by checking the
  • IBM AH0QXML | User Guide - Page 44
    may have performance impacts. If spam is a major problem for your organization, the benefits of implementing controls here sending IP address. 4.2.1 DNS Blacklist filters DNS Blacklist (DNSBL) filters support allows you to configure the Domino 6 server to query an external DNS Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 45
    a Web search on DNS Blacklist sites to obtain listings of other providers since they may provide additional services you require. Table 4-1 Examples of DNSBL service providers Service provider Web site URL Spamcop http://www.spamcop.com Mail Abuse Prevention Systems, LLC http://www.mail
  • IBM AH0QXML | User Guide - Page 46
    might want to make a business decision to implement tighter server mail rules, based on the sites found in the DNSBL. 34 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 47
    The field "Desired action when a connecting host is found in a DNS Blacklist" has 3 possible options: Log only When Domino finds that a connecting host is on the blacklist, it accepts messages from the host and records the hostname and IP address of the connecting server and the name of the site
  • IBM AH0QXML | User Guide - Page 48
    Messaging section. 2. Click Configurations. 3. Select the configuration settings document for the server you want to administer and click Edit Configuration. 36 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 49
    4. Click the tabs in the following order: Router/SMTP → Restrictions and Controls → SMTP Inbound Controls and navigate down to Inbound Intended Recipient Controls. 5. Double-click the document or click the Edit Server Configuration button to put the document in edit mode. Figure 4-2 Inbound Intended
  • IBM AH0QXML | User Guide - Page 50
    Internet mail. Domino denies mail for only the addresses in this field. Tip: If the server supports Local Part name lookups, users whose addresses are listed in the Deny field may still receive mail you will allow to receive Internet mail. 38 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 51
    Be aware that entries found in both the Allow and Deny fields will result in the user's messages being Denied. The Deny field take precedence over the Allow field. The use of Group names in the allow and deny fields is acceptable; however, the group name must be the actual group name and not that of
  • IBM AH0QXML | User Guide - Page 52
    message will only be informed that the message was rejected for policy reasons. Figure 4-4 Delivery failure report that is generated 40 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 53
    4.2.4 Inbound connection controls Inbound connection controls were introduced in Domino Release 5 and have remained unchanged in Domino 6. The inbound connection controls allow you to specify how the Domino SMTP server will handle inbound connection requests and which hosts it will allow/deny a
  • IBM AH0QXML | User Guide - Page 54
    sender controls were introduced in Domino Release 5 and have remained unchanged in Domino 6. The inbound sender controls allow you to 42 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 55
    specify how the Domino SMTP server will process connections based on the sender address. "Verify sender's domain in DNS," when enabled, instructs the Domino SMTP server to verify the sender address (using the contents of the MAIL FROM field in the message header) to confirm that the
  • IBM AH0QXML | User Guide - Page 56
    the reason for failure only indicates "Message rejected for policy reasons," but does not make note of the sender's address. 44 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 57
    Figure 4-8 Delivery Failure Report for messages denied using a Server rule As you can see from the two delivery failure reports, messages failed using the inbound sender controls provided more detail to the sender regarding why the message was failed. Either method of denial will work with a sender
  • IBM AH0QXML | User Guide - Page 58
    mail rules can have a performance impact on your server, but if spam is a major problem in your organization, benefits will outweigh the costs. Configuration of server mail rules 1. In the order: Router/SMTP → Restrictions and Controls → Rules. 46 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 59
    Figure 4-9 Where to set up server mail rules 5. Double-click the document or click the Edit Server Configuration button to put the document into edit mode. 6. Click New Rule to create a new rule document. Chapter 4. Domino 6 Server anti-spam features 47
  • IBM AH0QXML | User Guide - Page 60
    • Body • Importance • Delivery priority • To • CC • BCC • To or CC • Body or subject • Internet domain • Size (in bytes) • All documents 48 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 61
    • Any attachment name • Number of attachments • Form • Recipient count • Any recipient Figure 4-11 Choose the field to be examined by the rule b. Each field can be tested for the following conditions: • contains / does not contain • is / is not Figure 4-12 Specify the criteria for the field c.
  • IBM AH0QXML | User Guide - Page 62
    . Figure 4-15 Specify action - journal this message This is used in conjunction with mail journaling. For more details on mail 50 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 63
    journaling, see the redbook Upgrading to Notes and Domino 6, SG24-6889, and the Domino 6 Administrator Help. - move to database You can create a graveyard or quarantine database for suspicious messages. Be sure to specify the server on which you are creating the rules prior to selecting the database
  • IBM AH0QXML | User Guide - Page 64
    an inordinate number of recipients or attachments can be moved to a database or held in mail.box pending further analysis. 52 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 65
    Table 4-2 outlines various types of rules and provides suggestions on the action to take on these messages. Initially, you may want to use the "Move to Database" or "Change Routing State" actions more frequently than the "Don't accept message" or the "Don't deliver message". There is no way to
  • IBM AH0QXML | User Guide - Page 66
    is for what functionality. There are four fields on the server configuration document dealing specifically with the inbound relay controls. 54 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 67
    from the valid relay sources, conflicts between the two sets of restrictions can occur. When such conflicts occur, Lotus Domino requires instructions for resolving the conflict. In Lotus Domino 5, Deny entries took precedence over Allow entries; in Lotus Domino 6, Allow entries take precedence
  • IBM AH0QXML | User Guide - Page 68
    from a specified host and allows them to a specified domain: Deny from hosts: myhost.iris.com Allow to domains: hotmail.com 56 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 69
    On a Domino 5 server, the Deny entry takes precedence, so that the named host, myhost.iris.com, is not a valid relay source. The named host cannot relay to any domain, even to allowed domains. On a Domino 6 server, the Allow entry takes precedence. In the preceding example, myhost.iris.com is
  • IBM AH0QXML | User Guide - Page 70
    mail xyz.com * All hosts will be allowed to relay messages to xyz.com, but not to any other domain. 58 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 71
    exempts it from inbound relay controls. This is especially helpful when a POP or IMAP user accesses the Domino server by way of an Internet Service Provider. Domino would normally treat this inbound connection as a remote connection, perform anti-relay checks, and fail the relay attempt due to the
  • IBM AH0QXML | User Guide - Page 72
    to external Internet domains. - None - The server ignores the settings in the inbound relay controls. All hosts can always relay. 60 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 73
    By default the inbound relay controls are enabled for external hosts. If the connecting host's IP address resolves to a name in one of the local Internet domains, the host is considered internal. IP addresses that resolve to host names outside the local Internet domains or that do not have DNS
  • IBM AH0QXML | User Guide - Page 74
    use to obtain email addresses, and we give recommendations and instructions on how you can protect your Domino 6 server from attack is known as spam mail bombing. It represents a Denial of Service (DoS) attack because it keeps your Domino SMTP server busy handling spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 75
    spammer marks the e-mail address as a valid target for spam. This type of attack simulates the transmission of an e-mail with a large list of recipients. This harvesting technique is especially effective for spammers when you configure Domino 6 to validate recipient addresses during transport by
  • IBM AH0QXML | User Guide - Page 76
    against such attacks. Look carefully at the Received fields in the problem messages. If the messages appear to come from the same IP address not show a pattern. Also, even though you may use a DSN Blacklist service, the lists can lag behind as new open relays open up all the Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 77
    prevent spam This chapter describes actions that can be taken by the end user to further address the spam problem. As an administrator, you can enable many anti-spam features at the Domino 6 server, and that's the rules once they are in place. © Copyright IBM Corp. 2003. All rights reserved. 65
  • IBM AH0QXML | User Guide - Page 78
    : Normal Message-Id: Date: Wed, 06 Nov 2002 13:32:33 -0500 X-MSMail-Priority: Normal 66 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 79
    the same name or similar alpha spelling. For example, [email protected], [email protected], [email protected] Different source domain/IP than the sender. This is not always spam, but it is suspicious. Opt-out or remove instructions in the body with IP-numbered URLs. For example: http://123
  • IBM AH0QXML | User Guide - Page 80
    file rules Server-based anti-spam measures address broad spam indicators; they can't address every individual problem. The mail file rules allow the individual end user to isolate messages by sender address, domain, 69 shows the New Rule dialog. 68 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 81
    Figure 5-1 Notes 6 new rule dialog If you need help creating rules, beyond what is provided in this book, review the Lotus Notes 6 Help section, "Filtering new mail using rules." Specifying rule conditions Under "Specify Conditions," select a part of each message to check (such as sender or subject
  • IBM AH0QXML | User Guide - Page 82
    most offensive emails can be deleted using the more restrictive rules, yet other e-mails can be recovered without extensive restore 70 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 83
    procedures. In this way spam can be dealt with quickly without losing control of your e-mail. 5.2.2 Developing anti-spam mail file rules In order to develop rules for your e-mail, you should first determine what type of rules you want to create and how restrictive you want to be. By creating rules
  • IBM AH0QXML | User Guide - Page 84
    be spam. At other times, the user must assess whether more stringent criteria are required to filter out more spam. 72 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 85
    If a user established a rule that was too broad, for example, that user would undoubtedly receive e-mail that was incorrectly categorized as suspicious. On discovery of false positives, the user must make adjustments to the mail file rules to avoid such invalid categorizations in the future.
  • IBM AH0QXML | User Guide - Page 86
    certain domains Since most spammers use public e-mail service domain names, you may want to add rules that exclude e-mail from one or more public e-mail service domains. For example, if you have determined these e-mails. Figure 5-5 Self-mail Rule 74 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 87
    scan for certain words and phrases that are characteristic of spam mail. For example, many spam mail messages are solicitations for purchase of products or services at a discount. Given the nature of this type of message, you can create a mail rule that scans for text % off. Then, if the % off text
  • IBM AH0QXML | User Guide - Page 88
    lot of rules that scan the body of e-mails can cause server performance problems. It is recommended that you create only a few rules of this type do not specifically file mail from the domains of public e-mail services. Instead we recommend that you only file e-mail from full Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 89
    sources. With these ideas in mind, try to build your initial rules such that the accepted e-mail addresses and domains indicate genuine e-mail from known sources. 5.2.3 Viewing mail rules and the evaluation sequence Once you have created the rules for your mail file, you need to look at the whole
  • IBM AH0QXML | User Guide - Page 90
    e-mail since that time. The log entry itself is show in Figure 5-11. Figure 5-11 Mail Routing Events log entry 78 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 91
    Since we didn't receive this e-mail, whose attempted delivery to us is shown in the log, we know our mail file rule worked and deleted the e-mail. If you are using mail file rules that file e-mails into folders, such as Incoming\Suspicious, you can examine what is in the folders to see if the rules
  • IBM AH0QXML | User Guide - Page 92
    80 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 93
    6 Chapter6. Third party anti-spam products This chapter introduces some of the third party products available to help you in addressing the spam problem. We have divided the products into two categories: Anti-spam products that run on a Domino server Separate anti-spam server and gateway products
  • IBM AH0QXML | User Guide - Page 94
    apply spam controls that are more or less lenient, depending upon their specific spam problems. This also reduces the possibility of incorrectly categorizing desired e-mail as spam (false update their corresponding user configurations. 82 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 95
    Figure 6-1 Spam destination and logging configuration Figure 6-1 shows a few of the configuration options available to administrators and users. In particular, it shows the Disposition tab from within a spamJam Master Configuration. The Disposition settings allow administrators to configure how
  • IBM AH0QXML | User Guide - Page 96
    and are presented with options (see Figure 6-4 on page 85) to subsequently accept mail from the sending domain or address. 84 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 97
    Notes client to configure spamJam or to review or recover intercepted spam messages. spamJam runs in Domino R5 and Domino 6 environments and is supported on all Domino server platforms. For more detailed information or for an evaluation copy of spamJam for Lotus Notes and Domino, visit the Granite
  • IBM AH0QXML | User Guide - Page 98
    they are from someone on the list or from a domain that is in the SpamDomains list. Figure 6-5 Incoming mail queue 86 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 99
    With the Individual or Group configurations, the mail enters the organization but never reaches the recipient if it is from a known spammer. Each user blocks spam mail by clicking a "This is Spam" button or by dragging the message to the Spam folder in their mail files. The "This is Spam" button and
  • IBM AH0QXML | User Guide - Page 100
    - Encryption/decryption securiQ.Watchdog - Anti-virus protection and attachment control securiQ.Trailer - Legal disclaimers securiQ.Safe - E-mail recording and archiving 88 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 101
    attachments. Blocking of e-mail to undesirable recipients (competitors, freemail services, and so forth). Specific e-mail communication channels can be blocked to real-time scanning, scheduled protection mechanisms are available to support this. Server-based protection of encrypted e-mail. When used
  • IBM AH0QXML | User Guide - Page 102
    Flexible configuration and management Trend Micro eManager support - content filtering Trend Micro enterprise protection strategy support E-mail and file type blocking to enforce create filter rules. Figure 6-8 Filter Rules configuration 90 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 103
    The configuration screen for a spam rule is shown in Figure 6-9. It illustrates how simple the creation and prioritization of rules is with this tool. The administrator can optionally choose to quarantine the blocked e-mail, and notifications can also be enabled for testing purposes. Figure 6-9 Mail
  • IBM AH0QXML | User Guide - Page 104
    bulk mail or spam folder. Management is unwilling to spend the necessary funds. Spam is a low profile problem in many companies-unless a senior manager is receiving it. Licensing of SpamStop is based on a flat message signatures (known spam) 92 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 105
    Figure 6-11 through Figure 6-13 show some sample screens from the SpamStop product. Figure 6-11 User customizable Figure 6-12 Uses over 300 checks with point system Figure 6-13 Workflow allows for spam management Chapter 6. Third party anti-spam products 93
  • IBM AH0QXML | User Guide - Page 106
    .asp 6.2 Anti-spam server and gateway products and services This section covers anti-spam products that are separate server gateway. By using these products you can further address the spam problem. Anti-spam server and gateway products aim to prevent spam messages spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 107
    caused by circulation of offensive materials, increases network efficiency, and increases server security by protecting against denial of service and directory harvest attacks. Flexible configuration options allow organizations to uniquely define their spam identification and handling policies
  • IBM AH0QXML | User Guide - Page 108
    no MX record for sender's domain Realtime Blacklist checks, 10 RBL systems supported RBL tests don't uniquely identify a message as spam. They act as checks Razor network check supported. Provides peer-based identification of spam messages. 96 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 109
    and identifies spam with a 90% to 95% accuracy rate, according to Trend Micro Inc. The Spam Prevention Service software is scalable, works with all common Message Transfer Agents, and supports Windows 2000, .Net, Solaris, Red Hat Linux, and SuSE Linux. In conjunction with Trend Micro ScanMail Lotus
  • IBM AH0QXML | User Guide - Page 110
    http://www.postini.com/services/corporations.html EasyLink MailWatch from EasyLink Services Corporation http://www.easylink.com/services_north_america/1_5_boundary.cfm SkyScan AS from MessageLabs http://www.messagelabs.com/page.asp?id=568 98 Lotus Domino 6 spam Survival Guide for IBM eServer
  • IBM AH0QXML | User Guide - Page 111
    this section are considered particularly suitable for a more detailed discussion of the topics covered in this redbook. IBM Redbooks For information on ordering these publications, see "How to get IBM Redbooks" on page 100. Upgrading to Notes & Domino 6, SG24-6889 Lotus Domino 6 for Linux, SG24-6835
  • IBM AH0QXML | User Guide - Page 112
    DNS Blacklist service provider: http://www.ordb.org OsiruSoft Research & Engineering - DNS Blacklist service provider: http://www.osirusoft.org How to get IBM Redbooks You code samples or diskette/CD-ROM images) from that site. IBM Redbooks collections Redbooks are also available on CD-ROMs. Click
  • IBM AH0QXML | User Guide - Page 113
    32 finding solutions to different problems 25 location to implement 18 server & gateway products & services 94 Anti-spam strategy labor estimates against active attacks 63 Denial of Service attack 62 Denying connection from a host service providers 33 Domino 6 anti-spam configuration 23 on the server
  • IBM AH0QXML | User Guide - Page 114
    monitoring 78 multiple actions 70 new rule 69 performance considerations 68 running in the Notes Client 68 running on the Server 68 setting up 68 troubleshooting 79 types 71-72 unacceptable subject content 75 viewing 77 102 Lotus Domino 6 spam Survival
  • IBM AH0QXML | User Guide - Page 115
    variable 35 SMTPRelayAllowHostsandDomains setting 57 Solutions to common problems 26 spam 1 advertising 3 blocking 12 categories 14 infrom users 10 spam avoidance techniques 8 Spam mail bombing 62 Spam Prevention Service software 97 SpamEraser for Lotus Notes and Domino 6 85 spamJam for Lotus
  • IBM AH0QXML | User Guide - Page 116
    Troubleshooting 25, 31, 79 U User configurable anti-spam features 65 V Verify that local domain recipients exist in the Domino Directory 24, 36, 63 Viewing the page source of e-mail messages 66 Viewing the source of a SMTP mail 31 X XM SpamStop 92 104 Lotus Domino 6 spam Survival Guide for IBM
  • IBM AH0QXML | User Guide - Page 117
    Lotus Domino 6 spam Survival Guide for IBM eServer (0.2"spine) 0.17"0.473" 90249 pages
  • IBM AH0QXML | User Guide - Page 118
  • IBM AH0QXML | User Guide - Page 119
  • IBM AH0QXML | User Guide - Page 120
    partner products available to further address the spam problem. These products fall into two categories: those that SUPPORT ORGANIZATION BUILDING TECHNICAL INFORMATION BASED ON PRACTICAL EXPERIENCE IBM Redbooks are developed by the IBM International Technical Support Organization. Experts from IBM
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
ibm.com
/redbooks
Lotus Domino 6
spam Survival Guide
for IBM
Tommi Tulisalo
Ted Chappell
Beth Anne Collopy
Kris Hansen
Greg Kelleher
Mark Ramos
Bruce Walenius
Avoid, block, and manage spam with
server mail rules and mail file rules
Anti-spam features of Domino 6
Third-party anti-spam
products