1 / 44

Control Mail File Size and Fight Spam with Notes/Domino 6

Control Mail File Size and Fight Spam with Notes/Domino 6. Andy Pedisich Technotics, Inc. Webcast schedule. Today’s event will run one hour long. Here are the expected times for each segment of the webcast:

avel
Download Presentation

Control Mail File Size and Fight Spam with Notes/Domino 6

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Control Mail File Size and Fight Spam with Notes/Domino 6 Andy Pedisich Technotics, Inc.

  2. Webcast schedule Today’s event will run one hour long. Here are the expected times for each segment of the webcast: :00 - :05 -- Moderator introduces the speaker and discusses the details of the webcast. :05 - :25 -- Speaker delivers a PowerPoint presentation on the webcast topic. :25 - :35 -- Moderator and speaker engage in a brief Q&A on the topic. :35 - :60 -- The speaker responds to questions submitted by the audience. You can submit questions to the speaker at any time during the event. Just click on the “Ask a Question” button in the lower left corner of your screen.

  3. Technical FAQs Q: Why can’t I hear the audio part of the webcast? A: Try increasing the volume on your computer. Q: I just entered the webcast and do not see the slide that the speaker is referring to. What should I do? A: The slides are constantly be pushed to your screen. You’ll should refresh (hit F5) to view the latest slide. If your question is still not answered, please click the “Ask a Question” button in the lower left corner of your screen and submit your problem. A technical support person will respond immediately. You can also visit the Broadcast Help page (http://help.yahoo.com/help/bcst/) for more information or to test your browser compatibility.

  4. Control Mail File Size and Fight Spam with Notes/Domino 6 Andy Pedisich Technotics, Inc.

  5. What we’ll cover… • Making the case for smaller mail files • Configuring for size management • Configuring to close open relays • Using real-time blacklists • Anti-spam tools • 10 things you and your users can do to fight spam Click the “Ask a question” button in the lower left section of your screen to submit a question.

  6. What we’ll cover… • Making the case for smaller mail files • Configuring for size management • Configuring to close open relays • Using real-time blacklists • Anti-spam tools • 10 things you and your users can do to fight spam Click the “Ask a question” button in the lower left section of your screen to submit a question.

  7. The legacy of the monster mail file • Buying disk was cheaper than managing the files • Even with backup factored -- it still seemed like a bargain • Mail files became places to store everything • Spreadsheets, presentations, documents, data sets • So why is that changing now? • Disk and backups now seen as too expensive • Growth of incredible large mail files is exponential • Litigations mean expensive mail file searches • At $2 to $5 per message searched! • Large mail files forces fewer users per server • We are buying servers when we should be consolidating them!

  8. Three elements to control mail file size • Corporate policy must clearly state a size limit • Best if dictated by the Legal Department • Admin tools are needed to control mail file size • Need to be nearly user transparent • Users must learn best practice for using mail • Must have the automated tools to help them • Expect major pushback – everyone hates change • Change in work habits • Change in security • They think they need their old mail

  9. What we’ll cover… • Making the case for smaller mail files • Configuring for size management • Configuring to close open relays • Using real-time blacklists • Anti-spam tools • 10 things you and your users can do to fight spam Click the “Ask a question” button in the lower left section of your screen to submit a question.

  10. We have the backing – let’s go! • Two features can be utilized for size management • Quotas set max file size for users • Can interrupt user’s mail flow if file size exceeds max • Archiving will help administrators manage size • Quotas and thresholds can be set • During registration • Or for existing users mail files • Set per mail file, not per user • Use a warning threshold to give users advance notice so they can take action before you do Click the “Ask a question” button in the lower left section of your screen to submit a question.

  11. Setting quotas • Select the database using the Administrator client • Use Tools/Database/Quotas or right click and select Quotas • Configure the database with a quota • In this example • 30 MB hard quota • 29 MB warning threshold • Note that you could select more than one database in the Admin client

  12. Over threshold and quota actions • And once they are over threshold or quota • You can annoy the user • At minute, hourly or daily intervals • Every time they send a message • With the added enforcement steps for quota • You can deliver the mail – (You are such a nice admin!) • Hold their mail – (Getting tougher!) • Or send a non-deliver back to the originator – (You rat!)

  13. When they are over – the messages start • Server Configuration Document • Router/SMTP - Advanced - Controls tab • Failure Messages • You can add customized text, or text from a file • You must select one or the other for all error messages • If you use text, only the first line appears

  14. Archiving mail to reduce mail file size • You can set up to archive mail • To another file on user’s mail server • This makes no sense at all in the context of reducing disk space usage • To the user’s local drive or to file server • Make sure it’s backed up! • To another server • This works! • New in ND6 • You can provide an underpowered server to hold archive files

  15. Archiving should be automatic • You can set up server to server archiving • Set it to delete documents or just attachments • Or set it up to not archive at all, just to delete documents • Make sure users understand this if you take this route

  16. Criteria for archiving • Select a criterion for document selection and an age • As a bonus, you can choose • Not to delete documents with responses • To log all archiving activity

  17. Setting up archiving • Set the archiving to run once a day at whatever hour you wish • Select one day or every day • Use policies to set up archiving for your domain • Push out to certain OUs or your entire organization Click the “Ask a question” button in the lower left section of your screen to submit a question.

  18. Best practice for small mail files • Remind users that they drive to the store, but they don’t leave groceries in the car once they get home • “You can keep that data, but not on my mail server!” • Archive all inbox messages older than 90 days old • If you put it in a folder other than inbox, you get to keep it • Encourage users to work smarter • To reply without attachments and use shared DBs • Zip attachments to save space • 3rd party packages that will do this automatically • Helps a lot, but must attack the problem at its root • Habits must change

  19. What we’ll cover… • Making the case for smaller mail files • Configuring for size management • Configuring to close open relays • Using real-time blacklists • Anti-spam tools • 10 things you and your users can do to fight spam Click the “Ask a question” button in the lower left section of your screen to submit a question.

  20. How do spammers do what they do? • Spammers send millions of messages because of thousands of incorrectly configured mail servers • Some overworked administrators out there • Aren’t aware that their servers are open relays • Don’t know how to prevent it from happening • Spammers use these open relay boxes as a launch pad for their barrage of messages • If spammers used their own servers • We’d block their IP addresses • We’d block their domain names • They’d be out of business

  21. Don’t be an open relay – Part 1: Controls • It’s easy to keep your Domino 6 SMTP locked down • Create a Server Config Document • Under the tab SMTP inbound controls • Allow messages to the following external domains • Your own domain • Deny messages to the following external domains • An asterisk (*) prevents relaying anywhere Click the “Ask a question” button in the lower left section of your screen to submit a question.

  22. Don’t be an open relay – Part 2: Enforce • On the Inbound Relay Enforcement area • Perform Anti-Relay enforcement for connecting hosts • Select “External Hosts • Exceptions for authenticated users • Allow only authenticated users to relay That’s it! You’re protected, and you’ve done your part in the fight against UCE – Unsolicited Commercial E-mail

  23. Special configurations in some cases • There are certain configurations that might apply to your domain or domains • Inbound relay might be permitted for some domains and servers • This is still configurable in SMTP Inbound Controls tab • You can allow or restrict relaying using a variety of IP address and domain name masks • Would you like to test your SMTP server to see if it’s locked down? • Of course you would! Here’s how

  24. Here is the whole Telnet dialogue • Here’s the dialogue the way you want to see it telnet smtp.mycorp.com 25 220 smtp.mycorp.com ESMTP Service (Lotus Domino Release 6.5) ready at Feb 2004 07:15:36 -0700 helo bogus.com 250 ustech01.technotics.com Hello bogus.com ([10.200.200.86]), pleased to meet you mail from:me@mine.com 250 me@mine.com... Sender OK rcpt to:you@yours.com 554 Relay rejected for policy reasons. Click the “Ask a question” button in the lower left section of your screen to submit a question.

  25. What we’ll cover… • Making the case for smaller mail files • Configuring for size management • Configuring to close open relays • Using real-time blacklists • Anti-spam tools • 10 things you and your users can do to fight spam Click the “Ask a question” button in the lower left section of your screen to submit a question.

  26. The danger of being an open relay • If you’re an open relay, you will be reported to Internet blacklists • SMTP host servers in many, many organizations will not accept mail from blacklisted servers • If your SMTP server is blacklisted, your organization might be unable to send mail to other Internet domains • Your customers • Your clients • Vendors, banks and many others • Put these blacklists to work for you!

  27. Blacklists and you • If your server is on a blacklist • You might be notified as to which list you are on • And then again, you might not • Want your server off the list? • It’s like trying to clear your credit history • But there is no universal clearing house • Must search for backlist orgs -- look for your server • Want to use a blacklist? • Some are free, some charge a fee • You get what you pay for • Generally the fee-based ones are more flexible

  28. How an open relay server is blacklisted • In most cases, someone reports the alleged server to an organization like • Mail Abuse Prevention System – mail-abuse.org • Open Relay Database – ordb.org • The system is tested, much in the same way as the Telnet session earlier • But they use many more variations • They try to exploit known holes in SMTP servers • They attempt address variations that might fool a server • They don’t fool Domino 6, as long as it’s configured to reject relays

  29. Here’s an example • This is a portion of a log showing of a blacklist org’s open relay test against a Domino server • Over 100 attempts were made to storm the SMTP gates of the Domino server • None made it through! Attempt to relay mail to "obsl-add2@obsl.outblaze.com"@localhost rejected for policy reasons. Attempt to relay mail to "obsl-add2@obsl.outblaze.com" rejected for policy reasons. Attempt to relay mail to obsl-add2@obsl.outblaze.com rejected for policy reasons Attempt to relay mail to obsl-add2%obsl.outblaze.com rejected for policy reasons. Attempt to relay mail to obsl-add2%obsl.outblaze.com@[127.0.0.1] rejected for policy Attempt to relay mail to "obsl-add2%obsl.outblaze.com" rejected for policy reasons. Attempt to relay mail to "obsl-add2@obsl.outblaze.com"@[127.0.0.1] rejected for policy reasons. Attempt to relay mail to obsl.outblaze.com!obsl-add2@[127.0.0.1] rejected for policy reasons. Attempt to relay mail to obsl-add2%obsl.outblaze.com@[209.107.64.139] rejected for policy reasons. Attempt to relay mail to "obsl-add2@obsl.outblaze.com"@[209.107.64.139] rejected for policy reasons.

  30. Options for configuration • Options • Log – logs to Log.NSF • Log and tag message – logs, and adds $DNSBLSites field to message • Log and reject message - same as Log, but rejects connection, returns configurable error message to the host • It’s a good idea to log for a while in the beginning to be sure you’re not rejecting real e-mail

  31. Real-time blacklists • Open Relay Behaviour Modification System • ordb.org • Mail Abuse Protection System • www.mail-abuse.com • Spamhaus • www.spamhaus.org • Composite Blocking List • Cbl.abuseat.org • Spamcop • www.spamcop.net Click the “Ask a question” button in the lower left section of your screen to submit a question.

  32. What we’ll cover… • Making the case for smaller mail files • Configuring for size management • Configuring to close open relays • Using real-time blacklists • Anti-spam tools • 10 things you and your users can do to fight spam Click the “Ask a question” button in the lower left section of your screen to submit a question.

  33. What doesn’t work fighting spam • Here are a few techniques to forget about! • IP address filtering • Their IP addresses change by the minute • Domain name filtering • There is hardly a real domain name among them • Mail address filtering • They never use the same one twice • They forge headers, they spoof IP addresses • They are relentless, they have no rules, they’ll never stop

  34. How about content filtering? • You can use the content filtering Journaling feature in ND6 as a first line of defense • Filter for messages with words like viagra, xanax, prescriptions, and the other non-PC porn terms that can make real trouble in e-mail to your employees • But content filtering has its limitations in anti-spam • Problem is, spammers spell it v.i.a.g.r.a, v1AgR@, VI@gra, and V.a.l.ium, Va+l+ium • They surround their HTML sale text with meaningless phrases Click the “Ask a question” button in the lower left section of your screen to submit a question.

  35. So what can we do? • Use a real-time blacklist service • Use several if you wish • Mail delivery times might suffer, please test before acceptance • Consider getting professional help • You can assign people almost full time to fighting SPAM in your organization • Enlist some type of vendor to complete the job Click the “Ask a question” button in the lower left section of your screen to submit a question.

  36. Categories of anti-spam products • Desktop software • Start using filters • User determines what is and isn’t spam • Software can “learn” correct filtering • Server Software • Set of content rules on the server determines what is or isn’t spam with variations of…. • You determine spam rules • The vendor determines the rules with your help • The vendor provides all the rules -- it’s hands off for you Click the “Ask a question” button in the lower left section of your screen to submit a question.

  37. Categories of anti-spam products (cont’d) • Server Software (cont’d) • Uses statistical analysis of message to score messages for probability of being UCE • Gateways, appliances, and other hardware • Can either be hands off or you fiddle with it • Mail redirection services • Their servers are your MX hosts • They forward clean mail back to you • Real Time Black Hole List Services • Won’t let you receive mail from known open relays and senders of UCE

  38. What we’ll cover… • Making the case for smaller mail files • Configuring for size management • Filtering for content • Configuring to close open relays • Using real-time blacklists • Anti-spam tools • 10 things you and your users can do to fight spam Click the “Ask a question” button in the lower left section of your screen to submit a question.

  39. 10 ways to fight spam now! • Report spam to the real-time black hole vendors • Users must avoid placing e-mail addresses while • Posting to newsgroups, mailing lists, member profiles • Listing yourself as Webmaster on a Web site • If they must register on Web sites and newsgroups • Forbid them from using their corporate address • Give them a different one or use Hotmail or Yahoo • Tell users never to buy anything from someone who sends you e-mail • Use client mail filtering to keep out the easiest junk and known offenders

  40. 10 Ways to Fight Spam Now! (cont’d) • Delete spam without opening • Avoid Spammer trick of seeing you’re alive using HTML • Look at document properties to read Body field • Turn off inbox preview • Create cryptic email addresses • Spammers use dictionaries to attack likely account names • KLS0051 is better than Ken.L.Stevens • Actively educate users about e-mail risks and responsibilities • Establish spam policy if you don’t already have one

  41. 10 ways to fight spam now! (cont’d) • Don’t use “out of office” reply if sender is from the Internet • Never click a link in Spam mail • The jury is still out on “unsubscribe me” links • New law says they must remove you • But will they sell your name to someone else?

  42. Resources • Check out CAUCE • Coalition Against Unsolicited Commercial Email • www.cauce.org • Working for good anti-spam legislation • Spam Abuse Network • Promoting responsible net commerce • Spam.abuse.net • Spamhaus • Tracks the Internet’s worst spammers • www.spamhaus.org Click the “Ask a question” button in the lower left section of your screen to submit a question.

  43. Questions? Submit your questions now by clicking on the “Ask a Question” button in the lower area of your presentation screen. Thank you! You can send additional questions to Andy Pedisich via editor@searchdomino.com.

  44. Thank you Thank you for participating in this SearchDomino.com live webcast. Contact Andy Pedisich at AndyP@technotics.com. If you have additional questions about this webcast, send them to editor@searchdomino.com and we’ll post them at a future date. For more information on upcoming SearchDomino.com webcasts or to pre-register for an event, go to http://searchdomino.techtarget.com/webcasts/ To submit your comments or suggestions for future webcasts, send an e-mail to the SearchDomino.com editors at editor@searchdomino.com.

More Related