mail pre-filtering

X

XOR != OR

[H]F Junkie
Joined
Jun 17, 2003
Messages
11,547
Hey all, for a long time I've run my own mail services whereever I've worked, but lately other responsibilities have become a bit overwhelming. On top of that, a new wave of spam is managing to get past all the other filters I've put in place ( greylisting, blacklisting, whitelisting, spamassassin, av, pregreet,ect.. ). I don't really have time or energy to spend tracking this new wave down, so I'm starting to research having an external company pre-filter my organizations email before it gets to us.

Is anybody else doing this? Care to share your experiences?
 
how many users/ mailboxes are we talking about?

For my home e-mail server we're using postini, and I know a bunch of small/medium businesses using it too..
 
Stay away from Netriplex. I used them with 4 clients after having sucess with them on 1. Not too long after, LOTS of dropped email. NDR's for senders, unscheduled downtime, and 2 hours on hold began. Ran from them and like you have hosted my own anti-spam/virus services since.
 
d3c1us said:
how many users/ mailboxes are we talking about?

For my home e-mail server we're using postini, and I know a bunch of small/medium businesses using it too..
Click to expand...
Probably about 300ish.

Thanks for the name, I'll check it out.
 
yeolde recommended appriver in another thread somewhere...we've given them a try for one of our customers with around 40 mailboxes...we've been very impressed so far...

edit: there has also been talk that the built-in spam filtering within untangle is pretty hot...have you seen this utm distro? can either replace your edge router, or simply run it in-line... could be worth a look as well as smart-hosting?
 
Yeah I learned of Appriver when I took on a nursing home client a few years ago, they had already been setup with someone.

Postini (now under the Google umbrella) is a long time standard. I think pricing is similar, I can't attest to Postinis support, but I can state that Appriver support is great. I call up, I get a live body quickly, and I get my answer quickly. Good fast e-mail support too.

I never want any of my clients to have their mail servers doing direct DNS mail....never...period. I always set them up with a smart host, such as Appriver, or another local one that I partner with (whos data center is upstairs from my office). He does similar stuff on a smaller scale...the MX records point to him, he "washes" the mail, queues it up and delivers to my clients Exchange servers. I setup an SMTP connector between my clients Exchange servers to forward to his SMTP server (on a custom port...not port 25). I set Exchange to only receive e-mail from whoever is doing the smarthosting...so it does not answer to anything else. And if their router supports ACLs..I'll set port 25 to that too. This way...I flat out never ever ever have to worry about PTR/ReverseDNS, and my clients mail servers getting blacklisted on spam lists.

The "new wave" of spam...are you talking about image spam? I'll add that Untangle does a decent job..if not over agressive...in removing spam. (although you can turn down the settings). It utilizes several different open source methods for yanking spam.
 
I use Postini and their support is pretty good. The pricing is pretty good and it can integrate with Exchange very well.

As mentioned above, stay far far away from Netriplex.
 
The spam that's making it through is actually pretty simple; it looks like just about any other vendor's sales pitch. But our normal volume of email is ~200,000 messages a month, with ~6% being valid emails. August saw our volume skyrocket to 350k with "valid" emails being ~10% ( valid being defined as making it unmolested to the user's inbox ).

My purpose here is multi-pronged; I want that traffic off my t1, I don't want to have to deal with the filtering myself anymore, and I want to setup something sustainable for the organization. There are currently only two of us here that understand how our system works, and if both of us leave they're screwed.
 
I've had GREAT luck with my Barracuda appliance. They have great support and all mail is still kept in-house.
 
I use Securence
I have almost 0 false positives. I do not even check the quarantine anymore unless someone says they were expecting something.


So far for this month 8.33% of the email sent to our domain is clean :/
 
slowbiznatch said:
I've had GREAT luck with my Barracuda appliance. They have great support and all mail is still kept in-house.
Click to expand...

The Barracuda appliances are very nice. The biggest reason to go with an outside third party is to eliminate the bandwidth from the WAN connection.
 
MorfiusX said:
The biggest reason to go with an outside third party is to eliminate the bandwidth from the WAN connection.
Click to expand...

Not withstanding the fact that also when you go via a third party, if you experience any extended outages with either your internet connectivity or your server (or you simply want to take things offline out of hours for scheduled maintenance) then your mail simply queues at the third party rather than just going down a blackhole...the customer we've put through AppRiver were actually more interested in this than the SPAM filtering itself!
 
Quick question for those of you using appriver or postini; did you have to setup each user individually, or is there a quicker way to setup users?
 
Postini has a feature that will integrate with a LDAP database to allow automatic user generation. I haven't configured that feature though as I only have a few employees.

Also, a Barracuda has LDAP integration as well.
 
on appriver you only have to configure users if you actually want people to be able to view their own quarantines...we've found with this customer of ours that it's actually better for us and the person responsable on-site for i.t. to have control over this rather than the individual users themselves.
 
What's the pricing like on Appriver for say about 100 users per year?
 
We just moved over to the Symantec Hosted Mail Security offering. Looks very similar to Mxlogic (i would venture to say its basically rebadged).

performance has been great and easy to use. We got ours dirt cheap due to how much business we do with Symantec (as a whole).

We were running brightmail previously (and happy with the performance), but wanted to move our email services out in the cloud for DR purposes.

daily email volume is about 250K with about 90% as spam, 5% as viruses, for about 500 users.
 
We use http://www.tcnoc.com This company uses the Barracuda servers. We've used them for over four years now with absolutely no downtime thus far. They have a free trial that you can use to see how you like their service.

Also google has a service now that uses Postini which I think they purchased.
 
Private Citizen said:
Also google has a service now that uses Postini which I think they purchased.
Click to expand...

Postini equals Google now. If you where to navigate to Postini's site and try to make a purchase, it will redirect you to Google's page. The Postini service will be rolling into Google Apps. I received a week or so ago notifying me that my account will be officially held be Google now, nothing will change, yada yada yada.
 
postini is the way to go.

you can go the google router, 12 bucks a year per email account, but no phone support, maybe with 300 users you can get support not sure (listed on website).

we pay 3 buck a month per user but thats from a reseller and we get phone support, support is great through them.

way to go
 
we use postini at the office and we also have about a dozen clients that use postini as well. Never had a problem with them yet and the one time we actually had to call support we got a live person right away and our issue fixed within an hour.

We also use their flexbox service so we can check our mail when our internets go down.
 
I usually try my best to use a free solution. These days, clients are very cheap. ;)
Have you tried, Spamassassin?
 
OP states tried spam assassin. Also states desire to move to a 3rd party hosted solution to eliminate the SPAM eating up the internets bandwidth.
 
You must log in or register to reply here.
Back
Top