Step-by step guide on how to protect your network from spam

Intro

Spam, or more accurately Unsolicited Commercial Email, is still on the rise, with some estimates measuring it at 90% of all email traffic. It’s a nuisance for users, a storage nightmare for admins, and often a vector for phishing attacks and malware. Using a defense in depth approach, this article provides steps an email administrator can take to protect their network from spam.

Step one-user training

Users should be educated on how their actions can lead to or reduce the amount of spam destined for their inbox. Using corporate email for personal use, subscribing to mailing lists, registering their email address for promotions and giveaways, and forwarding chain mails are all vectors that can lead to spam. Consider disabling html support to prevent downloads that can confirm an address is valid, as well as to reduce the risk of email based malware.

Step two-web content

Spammers frequently scan websites looking for embedded email addresses in contact information. Raise awareness with your web developers and establish a policy that all email addresses in web pages should be masked using JavaScript or other encoding that allows a person to click or read the address, but makes it more difficult for a spider to harvest it. Use contact forms when possible instead of displaying email addresses.

Step three-tighten up your SMTP gateway

Disabling the verify command (VRFY) on your SMTP gateway makes it that much harder for spammers to check for valid email addresses. If supported, implement a delay before your server responds to a request with its banner. Legitimate email servers will wait for the 220 response before trying to send email, while many programs/scripts used by spammers will not. Your server can then drop email from this misbehaving sender. If your SMTP gateway supports Quit detection, configure it to drop email that it receives from a host that don’t close the session properly. Legitimate email servers end a session with the QUIT command, but many programs/scripts used by spammers don’t.

 

Read more

A world without System Admins

I ran across this great video on YouTube. It is about a world without system administrators. Just think about that for a moment! LOL Well here it is: This video was made by Aprigoinc visit their YouTube channel if you want to see more IT videos.

5 Threats of Endpoint devices

Decades ago, discussions about securing the enterprise were limited to the almost benign topics of virus tainted email attachments and the benefits of power-on passwords. Today, the landscape has morphed into a virtual minefield of potential vulnerabilities, thanks in part to the endpoint devices that connect organizations to the Internet.

Endpoint devices include everything from computers and servers to routers and switches – each an attractive gateway for possible intruders.

Let’s examine the top endpoint threats:

Read more

SharePoint Event

Check out this free SharePoint event in Minnesota. Twin Cities SharePoint Saturday IV on March 20, 2010 The 4th Biannual Twin Cities SharePoint Saturday! (Formerly known as the Twin Cities SharePoint Camp.)  Spend a day with other SharePoint Administrators, Developers and End Users and come away with tips, tricks and a richer understanding of how … Read more

Can’t find Scanpst.exe file!

I have run into the issue of not being able to find the Scanpst.exe file where it should be. I even had show hidden files olders and show system files turned on. I did a search and still could not find it. This file typically would be in one of two locations:

  • First: C:\Program Files\Microsoft Office\Office12\
  • Second: C:\Program Files\Common Files\System\MSMAPI\1033\

Read more

Install Google Chrome in Program Files

 

We recently had a client that required Google Chrome for a web based app. Google Chrome is easy to download and install. Pretty straight forward and easy enough right? Wrong. Google Chrome installs in

  • Win Vista/7 – C:\Users\%username%\AppData\Local\Google\Chrome\
  • Win Xp – C:\Documents and Settings\%username%\Local Settings\Application Data\Google\Chrome\

by default. You would think Google would install it to Program Files by default like other applications but it does not.

Read more