Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.

Mail Security for Exchange : Spam Problem

Created: 01 Nov 2012 | 2 comments

Hi,

I'm having some trouble with spam;

Exchange 2003/Mail Security for Exchange 6.5.8.285.

Recently a user went on holiday and set his out of office, which in turn has obviously aletered some chinese spammers. He is now getting >1000 spam mails/day. I could just change his email address, but that's the easy way out.

I have the Premium AntiSpam settings enabled within the software; All boxes are checked.

My first question is; Does the Spam Scoring box link to how Suspected Spam/SCL is categorised? On the main page, I have 0 mails that are suspected spam and SCL even though I've tried setting the option to >0 under the Premium AntiSpam actions section.

My second question is; As I've access to the Administrator mailbox, there's lots of what appear to be bounce backs. (see below for example)

Your message did not reach some or all of the intended recipients.

Subject:

??????,????????????????????????

Sent: 01/11/2012 09:56

The following recipient(s) could not be reached:

81985198@qq.com on 01/11/2012 09:59

There was a SMTP communication problem with the recipient's email server. Please contact your system administratorDoes this mean that the spammers are attempting to use this mailserver as an open relay?

Any advice would very much be appreciated.

Thanks.

 

Discussion Filed Under:

Comments 2 CommentsJump to latest comment

Geforce's picture

Ok I've figured out that it's not actually spam, which is the reason I'm struggling to get it stopped.

It appears that somebody has hijacked his email address and thus we are getting the bounce backs due to the way mail is routed, hence the postmaster delivery failures.

Although I would still like to know about the suspected spam/SCL option within Mail Security for Exchange.

TSE-JDavis's picture

Suspect Spam and SCL means there was an SCL (Spam Confidence LeveL) tag on the email when we scanned it. This is a proprietary Microsoft flag. If you don't have something in front of us or on the same server with Exchange's antispam tools enabled, that will never get triggered.