Categories: General How-To :

Automatic Removal of Most Obvious Junk Messages

Showing 1-6 of 6 messages
Automatic Removal of Most Obvious Junk Messages amolero 12/21/11 9:51 AM
I know this might be a silly question but here it goes anyway. One very important person of our customers is getting too much junk emails on his quarantine summary. His assistant obviously needs to go daily through that long list and see which emails are valid to get delivery of those. He asked us if there is a way to automatically discard those most obvious junk messages from the quarantine summary email (or from Postini's system). I already went through Postini settings, made some reading and enabled SPF check to help reduce spoofed email messages. I wanted to ask you all this question in case you might point me to some answers or ways to improve this situation or just confirm that cannot be done. I appreciate your help. 

Thanks!
Re: Automatic Removal of Most Obvious Junk Messages FrankM Forums-TC 12/21/11 11:09 AM
Quick answer is no. What is too much? Obviously it's better to be in quarantine than in their inbox. What are the category levels set at? I'll assume blatant spam blocking is on? Is the email address a common name, which would be used very easily in direct harvest and dictionary attacks? Do they use their address for personal use as well?
Re: Automatic Removal of Most Obvious Junk Messages amolero 12/21/11 4:06 PM
Thanks for your reply. Here the answers:

What is too much? 200 emails.
What are the category levels set at? All at highest.
I'll assume blatant spam blocking is on? Yes, you are right.
Is the email address a common name? It might be. Changing it would be my last suggestion for them.
Do they use th.eir address for personal use as well? No.


Re: Automatic Removal of Most Obvious Junk Messages FrankM Forums-TC 12/21/11 4:49 PM
200? That is bit high in my opinion, however there are other mitigating things that can effect this. One being seasonal, that junk mail is high at this time of year with the holidays. Two, spammers are getting better with their content, that Postini is passing BSB, but blocking by quarantine.
 
When you set up SPF, what settings did you use?
 
How many messages a day on average, does this user account get? Look at their reporting and see the percentages good mail, blocked and quarantine.
 
 
Re: Automatic Removal of Most Obvious Junk Messages smellyspice 1/17/12 8:31 AM

Obviously it's better to be in quarantine than in their inbox

I disagree! The whole purpose of a spam filter is to remove the burden of a human from having to deal with blatant spam. The quarantine is another inbox a user has to go and check and if its full of the spam they would have otherwise got in their own inbox, the burden has increased, not decreased.

We have been on a Postini trial for the last several days as we are moving from another service due to them closing down, and Postini's inability to discard blatant, repeated spam is a serious draw back. One that may have us looking elsewhere if we cannot solve this. Solutions like creating filter rules, etc. should be done by Postini - not the customer who is paying a pretty penny for the service and yes, we have the SPF checker set to block hard and soft fails.

Postini needs to address this problem. Be it by adding some adjustable setting for BSB or by making use of all the heuristic and user input data they receive from the presumably millions of users whos' email Postini processes and who is likely receiving the same spam from the same sources.

Thanks,

Rob

Re: Automatic Removal of Most Obvious Junk Messages FrankM Forums-TC 1/17/12 11:47 AM
Not all spam filter processes are the same. There are spam filters that route email into a spam folders, and Postini which uses anti-spam methods will reduce a significant amount of blatant spam before it hits the mails server. The folder based does not reduce SMTP bandwidth. Postini's quarantine reduces bandwidth and storage needs for mail servers, so there are performance and cost savings with Postini. 

In some tests of the recent rash of ClubVIP and USD77, etc, if you are using hard fail SPF, all of them would bounce since they are spoofed accounts. If they are not, then your settings are no correct. There is no reason any sending domain, to not publish a SPF record.