Presentation is loading. Please wait.

Presentation is loading. Please wait.

MSG328 Anti-Spam in Exchange2003 Max Ciccotosto Program Manager - Exchange Microsoft Corporation.

Published byPrimrose Jefferson Modified over 8 years ago

Similar presentations

Presentation on theme: "MSG328 Anti-Spam in Exchange2003 Max Ciccotosto Program Manager - Exchange Microsoft Corporation."— Presentation transcript:

1 MSG328 Anti-Spam in Exchange2003 Max Ciccotosto Program Manager - Exchange Microsoft Corporation

2 Agenda The Spam Problem Exchange2003 Anti-Spam Features Client Features Client Server Integration Deployment

3 Spam & Viruses Compared Effects Destructive Spam Exploits Specific vulnerabilities (e.g. buffer overruns) General openness of mail system Viruses Nuisance, offensive Sender motivation Kudos$ Identification Signatures, deterministicVarious, often subjective Cost Data loss Productivity loss Helpdesk Administration System resources Bandwidth Productivity loss Helpdesk Administration System resources Bandwidth Exchange Solution Exchange infrastructure 3 rd Party Anti-Virus plug-ins Exchange infrastructure Exchange features 3 rd Party Anti-Spam plug-ins

4 VirusesDestructive Unsolicited product promotions Health & “pharmaceutical” Real estate & financial Scams & chain letters Pornography Spam Amazon.com promotions Expedia fare tracker Mail from companies with a pre-existing business relationship Legitimate commercial mail Subscriptions Listserv Non-critical legitimate mail Business Personal Order confirmations Critical legitimate mail Classifying Communication* Desirability * External communication only. All internal communication is assumed to be legitimate Easily classified at Gateway Gray area, best classified by end user Easily classified at Gateway

5 Enterprise Requirements for Anti-Spam False positives are the #1 enterprise concern Valid mail in the junk folder is as good as lost Block at the gateway whenever possible User never sees it Reduced impact on bandwidth & other system resources Administration End to end solutions Easy to manage Balance corporate & end user control Legal considerations

6 Exchange 2003 Anti-Spam Features

7 Connection Filtering (IP based) Global Allow and Deny lists Configure individual IP or ranges by subnet mask Allow overrides Deny by design Support for subscribing to 3rd party “real- time block list (RBL)” services Support for multiple RBL providers Customizable NDR response per configured provider Override exception email address Integrated IP features

8 Connection Filtering demo demo

9 Sender Filtering Filter messages sent from particular email addresses or domains Filter messages with blank senders Optionally drop connection Blocking own domain will break list services Enhanced spoof detection – message submission method is persisted Don’t resolve anonymous sender by default

10 Recipient filtering Filter messages sent to nonexistent recipients No NDR – message rejected at protocol Address book mining Filter messages sent to particular email recipients (valid or invalid) Restricted Distribution Lists Allow only authenticated users to send to a DL Reduces impact of unsolicited email sent to internal only DLs

11 Recipient Filtering Restricted DL demo demo

12 ISV Infrastructure Support Partner integration Expose new message properties for authenticated and trusted (IP Accept List) connections Don’t filter mail from authenticated or trusted connection Virus scanning still performed Avoids potential false positives on internal or trusted mail Per Message Spam Rating (SCL) Leverage client integration

13 Client Features

14 Trusted and Blocked Senders Safe Senders Safe Recipients Blocked Senders Can optionally include Contacts User Lists shared by Outlook 2003 and Exchange 2003 OWA User Lists are stored on the server Move to junk folder determined by store based on user lists and per message SCL

15 OWA 2003 Junk Email Senders/Trusted Senders

16 Outlook 2003 Anti-Spam

17 Client Server Integration

18 Gateway Server Transport Exchange Server 2003 Mailbox Server Store Junk Mail Folder Junk Mail Folder Inbox Exchange 2003 OWA Outlook 2003 SCL = Spam Confidence Level Exchange/Outlook Anti-Spam Integration Spam ? User Trusted & Junk Senders 3 rd Party Plug-Ins Allow/Deny Lists Real-Time Block Lists Recipient & Sender Filtering Message + SCL Spam ? User Trusted & Junk Senders Inbox User Trusted & Junk Senders SMTP Message

19 OWA Trusted Senders demo demo

20 Deployment

21 What to Put Where Which features should be enabled Where features should be deployed Cross forest considerations Best practice recommendations

22 Putting It All Together

23 Deployment Summary (1) Deploy Recipient Lookups at the Gateway – assumes employees are not malicious submitting internally Enable Restricted DLs only when ALL members are internal Enable restricted DLs for applications that authenticate Don’t restrict DLs if application submits anonymously Direct through internal smarthost Restrict access by IP address Set Resolve Anonymous on smarthost – OLK rules work based on GAL entry Block access to these DLs at gateway via Recipient Filtering

24 Deployment Summary (2) Enable RBL/Accept IP features at the Gateway SMTP IP restrictions can be programmatically set (Q810913) Updated to support Accept/Deny Lists Configure Cross Forest SMTP Connectors for authentication Preserves original submission method Accepts EXCH50 (per message MAPI properties data) If connectors are anonymous, restrict by IP address Set Resolve Anonymous on connector VSI Set Reg Key override for accepting EXCH50

25 Summary There is no “silver bullet” in the war against spam. Microsoft is committed to fighting spam through on-going investments in anti-spam features & technologies. Through integration of our own products and ISV partner products, we aim to reduce spam by providing complete end to end solutions.

26 Ask The Experts Get Your Questions Answered I will be at the ATE after this session

27 Community Resources http://www.microsoft.com/communities/default.mspx Most Valuable Professional (MVP) http://www.mvp.support.microsoft.com/ Newsgroups Converse online with Microsoft Newsgroups, including Worldwide http://www.microsoft.com/communities/newsgroups/default.mspx User Groups Meet and learn with your peers http://www.microsoft.com/communities/usergroups/default.mspx

28 Suggested Reading And Resources The tools you need to put technology to work! TITLE Available Microsoft® Exchange Server 2003 Administrator's Companion: 0- 7356-1979-4 9/24/03 Active Directory® for Microsoft® Windows® Server 2003 Technical Reference: 0- 7356-1577-2 Today Microsoft Press books are 20% off at the TechEd Bookstore Also buy any TWO Microsoft Press books and get a FREE T-Shirt

29 evaluations evaluations

30 © 2003 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.

31 Outlook 2003 HTML content blocking

32 The Spam Problem Spam volume & variety growing >2B spam / day worldwide (Radicati) 36% of all Internet email vs. 8% last year (Brightmail) Spammers constantly changing their attacks ISPs have been hit hard Up to 90% MSN/Hotmail messages are spam AOL estimates over 30% spam A growing problem for enterprises Over 20% spam inbound to microsoft.com ( based on Brightmail filtering ) Customers implementing a variety of solutions Affects mobile devices as well as desktop computers 10% spam on DoCoMo Threat: Spam overruns users’ mailboxes & devices destroying email’s value as a communication medium.

Download ppt "MSG328 Anti-Spam in Exchange2003 Max Ciccotosto Program Manager - Exchange Microsoft Corporation."

Similar presentations

Basic Communication on the Internet:

Basic Communication on the Internet:
Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.

Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.
Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.

Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.
Curtis Parker | December 2010 | Microsoft Corporation.

Curtis Parker | December 2010 | Microsoft Corporation.
Unified. Simplified. Unified Communications Launch 2007.

Unified. Simplified. Unified Communications Launch 2007.
COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.

COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.
IMF Mihály Andó IT-IS 6 November 2006. Mihály Andó 2 / 11 6 November 2006 What is IMF? ­ Intelligent Message Filter ­ provides server-side message filtering,

IMF Mihály Andó IT-IS 6 November Mihály Andó 2 / 11 6 November 2006 What is IMF? ­ Intelligent Message Filter ­ provides server-side message filtering,
MSG302 Deploying Exchange Server Overview Sasa Juratovic Consultant Microsoft Ltd.

MSG302 Deploying Exchange Server Overview Sasa Juratovic Consultant Microsoft Ltd.
Windows XP Service Pack 2 Steve Wheeler Windows Technology Evangelist Microsoft Presentation Team.

Windows XP Service Pack 2 Steve Wheeler Windows Technology Evangelist Microsoft Presentation Team.
Guide to Operating System Security Chapter 10 E-mail Security.

Guide to Operating System Security Chapter 10 Security.
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.
Implementing Exchange Server Security Ward Solutions.

Implementing Exchange Server Security Ward Solutions.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs This would be presented.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs This would be presented.
23 October 2002Emmanuel Ormancey1 Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002.

23 October 2002Emmanuel Ormancey1 Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002.
Managing and Avoiding Junkmail. Junk E-mail  Where does Junk Mail come from? People with whom you do business  Pepsi Friends of people with whom you.

Managing and Avoiding Junkmail. Junk  Where does Junk Mail come from? People with whom you do business  Pepsi Friends of people with whom you.
Approaches to Fighting Spam in an Exchange Environment Greg Taylor Senior Consultant - MCS.

Approaches to Fighting Spam in an Exchange Environment Greg Taylor Senior Consultant - MCS.
SIM334. Internet Comprehensive Protection Multi-Engine Antivirus and Multi layered continuously evolving Anti-spam In the Leader’s quadrant in the.

SIM334. Internet Comprehensive Protection Multi-Engine Antivirus and Multi layered continuously evolving Anti-spam In the Leader’s quadrant in the.
Understanding Active Directory

Understanding Active Directory
Belnet Antispam Pro A practical example Belnet – Aris Adamantiadis BNC – 24 November 2011.

Belnet Antispam Pro A practical example Belnet – Aris Adamantiadis BNC – 24 November 2011.
Henrik Damslund Senior Product Technology Specialist Microsoft Strategy Briefing, 12. maj 2005 Spor 1: Information Worker Session 112 – Messaging & Mobility.

Henrik Damslund Senior Product Technology Specialist Microsoft Strategy Briefing, 12. maj 2005 Spor 1: Information Worker Session 112 – Messaging & Mobility.

Similar presentations

Ads by Google