By Daniel Koffler
Do you know how much spam is costing your company? [If you've been fighting SoBig, like we have here at ZATZ, you know it's a LOT! -- DG] A recent study by Nucleus Research (see http://www.nucleusresearch.com/research/d59.pdf) found that spam will cost the average U.S. company $874 per employee, this year alone. That's amazing, but somewhat justifiable if you consider the time spent each day clearing out the inbox, adding in bandwidth and data storage costs, and the potential legal issues.
Given that cost, let's talk about how you can configure your Domino environment to combat the growing onslaught of spam. As a start, be sure you've read my previous article, "Using dynamically generated HTML to thwart spam email address harvesting at http://www.dominopower.com/issues/issue200308/00001077001.html. That article shows you ways to thwart email harvesting programs so you and your users don't end up on spam mailing lists in the first place.
Sadly, email addresses are bound to wind up on such a list. Let's look at what you can do about it.
Once an email address is known to a spammer, it can be very difficult to stem the flood of unwanted mail. To hide their tracks when blasting email, spammers often take advantage of the inherent open nature of the SMTP (Simple Message Transport Protocol) system used to shuttle messages across the Internet. This makes it difficult to determine the true source of the spam -- which in turn makes it hard to block future messages from that source.
Most spam originates from one of five types of sources:
- dedicated spam servers,
- open SMTP relays,
- open proxy servers,
- abusable CGIs, or
- throwaway email accounts (like Hotmail accounts)
Domino 6 can be configured to automatically block mail from the first four sources on the list above and has new server-based mail rules you can use to block spam from throwaway email accounts. The trick to blocking spam is to be careful and plan ahead. All the features we are about to discuss were designed to create an intentional loss of connectivity with certain mail servers; this can be a double edged sword.
The goal in blocking spam is to reject it as early as possible. This means you're in the best shape if you can block it before it even enters your mail system. With that in mind, the following tips will only help if your Domino server is receiving messages directly from external SMTP sources.
DNS Blacklists
New in Domino 6 is the ability to integrate DNSBLs (DNS blacklists) into your anti-spam arsenal. DNS blacklists are databases of IP addresses known to be a source of spam. There are many free and commercial DNS blacklists to choose from, some specialize in listing known dedicated spam servers (such as Spamhaus), others dedicate themselves to listing open relays (i.e.: ORDB).