The amount of mainsleaze spam is indeed WAY out of control. Make sure your execs are forwarding these messages to you as attachments so you can, in turn, forward them individually to the ironport spam reporting addresses. Alternatively, install the outlook toolbar from ironport and train the execs on how to click the spam/not spam buttons.
Most mainsleaze comes from the less responsible ESPs who seem to allow their customers to use purchased lists of email addresses or do little to no oversight on new customers who may have scraped corporate websites for email addys (we regularly get spam from large companies sent to role addresses that could only have been scraped from our website or purchased). You can definitely improve things by blacklisting the IP addresses of these irresponsible ESPs; they typically make it easy by providing SPF records that tell you what all their IP addresses are. You can see where they came from by inspecting the Received: headers in the spam (top-most one not in your org). Although this is somewhat labor intensive, with a few month's work you will have made significant progress. Keep in mind this has to be done carefully and be sure to explain to the execs that some email newsletters may be blocked too. They can decide if they want spam or newsletters they actually signed up for; show them examples and force them to make the policy decision. +1 for Spamhaus. Use the zen.spamhaus.org list ~JasonG > -----Original Message----- > From: Fergal O'Connell [mailto:[email protected]] > Sent: Wednesday, May 18, 2011 11:03 > To: MS-Exchange Admin Issues > Subject: Unsolicited emails from mailing groups > > Hi All, > > > > Just wondering what you folks do to combat unsolicited emails from > Mailing lists. > > We have Exchange Server 2007 Sp1 with 2 x Clustered C150 Ironport. > > > > Our CEO and executives are getting about 30 unsolicited email's a day. > At the moment they collect this mail and then hand over to me after > about 5-6 weeks for me to deal with. > > > > This is what I have don't to try and limit these unsolicited and > marketing emails. > > * On the Ironport device I have tried to block the senders via > IP and domain name. > > * Created a mail flow policy to mark marketing mails and deliver > these mails to a separate mailbox via a transport rule. > > * Exchange transport rule to deliver emails containing certain > wording's to a separate mailbox. > > * Continue to unsubscribe the user from various mail lists. > > > > But it appears that I am just going around in circles. The problem is > how do I put a stop to this? > > > > Any thoughts? > > > > > > The information in this email is confidential and may be legally > privileged. > It is intended solely for the addressee. Access to this email by anyone > else > is unauthorized. If you are not the intended recipient, any disclosure, > copying, distribution or any action taken or omitted to be taken in > reliance > on it, is prohibited and may be unlawful. If you are not the intended > addressee please contact the sender and dispose of this e-mail. Thank > you. > > --- > To manage subscriptions click here: http://lyris.sunbelt- > software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe exchangelist
