How To Deploy SPAM Filter With Exchange?

Questions and answers about email security.

Spam is an unwanted problem that no organization would want in their network.


Spam not only acts as a source of annoyance but also fills up precious mail box space as well as wastes the bandwidth of the company.


On top of everything spam is also a source of hazardous malware. There are several different spam filters out there that can be used to get rid or avoid this nuisance.


But today we will be concentrating on the deployment of spam filter with exchange. There are several factors that are involved with deciding the spam filter solution. Let us examine each one by one.


Spam Filter Location

Spam filter can be definitely placed on the perimeter of the network from preventing it to enter the network of the company but that involves the risk of the false positives and there are cases when important mails are classified as spam and are discarded at the perimeter never to be recovered.


The option of using exchange is not a bad one and with its optimum use, spam can be stored in separate spam folders for the users to view them and can be set for automatic deletion after a specific no. of days.


Creation & Maintaining Whitelists

Whitelists are another way of deciding which email addresses are safe. Through the use of whitelists, there can be reduction in false positives as well as reduction in the consumption of CPU for spam filtering. But care has to be taken to keep the antivirus solutions of the company up to date.


The reason being if one of the system’s inside the network is affected with some malware and the email address of internal users are used in whitelists, then the malware will spread like a wild fire through emails.


Creation & Maintaining Blacklists

Blackslists can be maintained by utilizing the information of known spammers across the globe which can be easily found from publicly available databases. The main concern of using this approach would be that the information need to be kept up to date all the time otherwise these blacklists would results in false negatives.


Checking Headers

Headers can provide vital information regarding the emails and their origins. There are many give aways that can be located in the header which would point out the fact that the email is a spam. If the domain of the email sender doesn’t match the domain of the email origin then it is a sign of spam.


If the return address is different than the source address, then it is a sign of spam, long digits in email addresses are not likely and hence it is a sign of spam. All this information can be located in the full header view of the email messages in outlook.


List of keywords

A list of keywords can be prepared and exchange could be asked to go through the list and check against each email for an occurrence of those keywords. This would allow for filtering out those emails that contain the unaccepted words without much processing.


Intelligent Message Filter

Microsoft’s Intelligent Message Filter allows for easy configuration of spam filter and it can be accessible via the Exchange System Manager. The message filter would just work fine with small to medium size business where the spam volumes are not high. If the spam volumes are pretty high, then it is best off to use some other filter that is available.