Gustav Brock
Gustav at cactus.dk
Thu Feb 14 03:29:18 CST 2008
Hi Erwin We used blacklist blocking for a while and later also a scanning spamfilter but at some point about a year ago we felt we were under attach as thousands and thousands of spam mails simply brought the filter to its knees. Our present solution is Spambunker which we installed at that time and have worked with close to zero maintenance since. When it was installed, it was like closing a door as it works from minute one; no learning, no import of blacklists. Further, zero false positives and only modest hardware is required for even a high-traffic mail server. It is not free but offered at a fair price: http://www.spambunker.ch As for the infected workstation, we have CounterSpy from Sunbelt Software as first choice. Also Spybot Search & Destroy (free) and TrojanHunter and the Trend on-line scanner. These days we've found that traditional virus scanners are of limited value if any at all. The trojan removers and blockers do the hard work. Indeed, CounterSpy is very effective and with a good UI which most normal users can grasp. /gustav >>> Erwin.Craps at ithelps.eu 14-02-2008 09:56 >>> One of my clients got recently on a ip blacklist due to spam send from a infected computer within the network, probably from end December till last week. Although I personally manage the network all computers had fully updated virus scanners (McAfee) but I Installed Trend Micro halfway Januari so posibly something went wrong migrating from one to another. The Trojan was new and vicious and passed both virus scanners. Cause I don't scan existing files (only write/modify) neither do a weekly scan on desktops the Trojan managed to stay alive on this system... I do not scan cause of user complaint of slow computers... This brings up the discussion of using Blacklists like spamcop to me. I looked into this matter 1 or 2 years ago and read several things about it that Blacklists are not that good against spam and are a in forehand lost fight against spam. Several blacklists where stopping at that moment, so I decided not to use the principle of a blacklist. But, now I got forced in to the matter and noticed ISP are still using blacklists. So I installed a blacklist on this customer server and on my own server for evaluation purposes. I already notices a major decrease in spam in my spam folder (I'm using trend micro to detect spam), but the spam that is not detected by Trend Micro is still getting in my inbox, I don't have the impression that this is lowering, but I only installed it yesterday evening, I have to be patient to see some real result. My question is, what is the opinion and practical experience of the people on this list that manage mailservers? What about false positives? I want to know if I would need to configure blacklist by default on my clients mail servers or not? thx Erwin Craps Zaakvoerder Internetwinkel op http://shop.ithelps.eu http://www.linkedin.com/in/erwincraps <http://www.linkedin.com/in/erwincraps> www.ithelps.be/onsgezin <http://www.ithelps.be/onsgezin> bezoek ook eens de website van mijn zus www.friedacraps.be <http://www.friedacraps.be/> This E-mail is confidential, may be legally privileged, and is for the intended recipient only. Access, disclosure, copying, distribution, or reliance on any of it by anyone else is prohibited and may be a criminal offence. Please delete if obtained in error and E-mail confirmation to the sender. IT Helps - I.T. Help Center * Box Office Belgium & Luxembourg www.ithelps.eu <http://www.ithelps.be/> * www.boxoffice.be <http://www.boxoffice.be/> IT Helps bvba * Mercatorpad 3 * 3000 Leuven IT Helps * Phone: +32 16 296 404 * Fax: +32 16 296 405 E-mail: Info at ithelps.eu <mailto:Info at ithelps.be> Box Office * Fax: +32 16 296 406 * Box Office E-mail: Staff at boxoffice.be <mailto:figures at boxoffice.be> _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com