|
|
|
|
|
|
|
|
|
|
|
|
|
|
Using server mail rules to secure your mail system (continued)
To block a prohibited file type from being delivered to your users, create a new mail rule, choose the attribute "any attachment name", the test "contains" and then put the extension name (including the period) in the text field and select the "Add" button. To check for multiple file types, chain together multiple conditions with the OR operator as illustrated in Figure B.
FIGURE B
 
This rule at checks for attachments containing the extensions .pif, .scr,, .exe, .bat, and .com. Roll over picture for a larger image.
For a great list of file extensions you should consider blocking, take a look at http://antivirus.about.com/library/blext.htm.
Mail bombs and other DoS (Denial of Service) attacks against your mail server can be mitigated by creating a rule that limits the total number of bytes and the total number of attachments a message may contain. For instance, to limit a message's size to 1 MB and only accept messages with less then 10 attachments, your condition section should have the following entries:
When size is more than 1048576 bytes (1 MB)
OR number of attachments is more then 9
|
While it is more efficient to limit message size by entering a value in the Message size field of the configuration document under the Router/SMTP, Restrictions and Controls, Restrictions tabs, the only action this setting supports is rejecting the message and sending a non-delivery report.
If you would like to temporarily quarantine or silently delete messages over a certain size, use the server mail rule outlined above.
Fighting spam
In the fight against spam, server mail rules can help block spam that delivery-based anti-spam methods don't catch. You should use Domino's robust inbound sender controls as your first line of defense against spam as they block spam before it is actually delivered to your server. For more on this, see "Using Domino 6 messaging settings to block spam" at http://www.dominopower.com/issues/issue200308/00001080001.html, in August's anti-spam issue.
If spam is still getting through to your users, analyze the messages and determine if you could block them by matching against keywords in the subject, body, domain name, or sender name. If the same spam message is often sent to large numbers of recipients in your organization, consider blocking messages based on the number of recipients.
If all else fails, a great proactive technique is to use server mail rules in conjunction with a spam trap mailbox. A spam trap is a user/mailbox setup solely to receive spam. If a particular spammer is pestering your organization, try to get your spam trap address on the culprit's mailing list and add a server mail rule that doesn't accept messages with your spam trap mailbox in either the "To" or "CC" fields.
Hint: Make sure that legitimate mail is never sent to your spam trap address because it won't be delivered to any intended recipients. Make sure the address is not in any groups or on any internal mailing lists.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
-- Advertisement --
Find unused Lotus Notes groups and clean up your address book
Have you ever wanted to get rid of old Lotus Notes groups that were cluttering up your address book, but you weren't sure if they were used? Find Unused Groups can help.
Find Unused Groups will check your ACL, mail, multi purpose and server groups to help you determine if they are used, and who uses them.
Learn how to easily clean up your address book. |
-- Advertisement --
Mark your calendar for in-depth Lotus training, May 12-14, Boston
Join experts and peers May 12-14 in Boston for educational and networking events that deliver real-world Lotus training so you can increase productivity and efficiency in your company, advance your skills, and squeeze the most from your current environment. One registration gets you into THE VIEW's Admin2010 and Lotus Developer2010.
Register by April 10 to save $200. |
|
|
|
|
|
|
|
|
|
|
