Postini was seeing almost 9 out of every 10 messages as SPAM or bad addresses. This is a huge amount of traffic hitting the circuit(s) and not to mention the email servers and user mailboxes. Postini has saved lots of money on both communication costs and servers. I urge you to take a look at their services or other similar “cloud” services.
We recently made a change that was done at NO COST and are seeing savings in network traffic and server load. We got rid of the multiple domain names and went to a single email domain for the entir organization. Before making this change, the total number of inbound messages was about 60,000 per day. After making this change, the number was reduced to 13,000. This is a >4X reduction in inbound messages! This was done at no cost. However, it is not without risk so a lot of up-front planning and communication is needed. All employees needed to ensure that their contacts knew their new addresses. An autoreply was also implemented on the edge email gateway to reply to all messages addressed to the old domains.
Savings can come but there are risks. All interested parties need to be kept informed during the changes. Think about what changes can be done in your environment to save costs. It may not be easy, but sometimes can be very effective.
Thanks for reading & let’s continue to be good network citizens.]]>
I just sent this email reminder to all users in my organization. I would recommend you do something similar if you are not already ensuring users are aware of these issues. Feel free to use my content and add your own.
It is that time of year again when folks send electronic holiday greeting cards to one another. Some of the greetings may also be games that bear holiday messages. It is also a time when malicious software spreads using these same types of messages and software. You should also be cautious when doing any holiday shopping online or at stores. It is important that you and those you communicate with understand these risks. Your finances and identity are always at risk in today’s technology environment, but you may be less attentive during the holiday season. The following 10 tips are meant to remind you of some important security precautions.
1. Do NOT use your company email address for personal holiday greetings or shopping activities. Merchants may sell your email address to other non-reputable sources and this puts your company identity at risk.
2. If you receive personal holiday greetings or “cute” games at your company email address, ask the sender to not send those to you at work. Use a personal email account for those communications.
3. If you do receive holiday greetings or games at your personal email address, check with the sender before opening to be sure they sent the message. Spammers and malicious software writers can easily deceive you through social engineering. They will do everything possible to get you to open their message and potentially damage your computer and/or harvest your email address as a valid address.
4. Don’t trust everything you see online. Finding something on the internet does not guarantee that it is true. Anyone can publish information online, so before accepting a statement as fact or taking action, verify that the source is reliable.
5. If it looks too good to be true, it probably is. You have probably seen many emails promising fantastic rewards or monetary gifts. However, regardless of what the email claims, there are not any wealthy strangers desperate to send you money. Beware of grand promises—they are most likely spam, hoaxes, or phishing schemes. Also be wary of pop-up windows and advertisements for free downloadable software—they may be disguising spyware. Close the pop-up windows by clicking the X in the top right corner. Do not click the YES, NO, or CANCEL buttons in the window. It may cause unwanted computer issues if you do. Do not trust what you see in these pop-up windows. Contact IT support if you have any questions or issues.
6. Avoid phishing schemes. Banks and other institutions will not actively solicit personal information by email. When you click a link in an email asking for this type of information, your choice may risk your finances and personal identity. The link may take you to a website hosted by someone with malicious intentions. If you enter your personal information on the website, you have just had your identity taken by a social engineering attack and may have incurred a financial loss.
7. If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a web site connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group (http://www.antiphishing.org/phishing_archive.html).
8. If you believe your financial accounts may be compromised, contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account. Consider reporting the attack to the police, and file a report with the Federal Trade Commission (http://www.ftc.gov/).
9. Do not participate in forwarding chain letters or perpetuating hoaxes or urban legends. Hoaxes attempt to trick or defraud users. A hoax could be malicious, instructing users to delete a file necessary to the operating system by claiming it is a virus. It could also be a scam that convinces users to send money or personal information. Phishing attacks could fall into this category. Urban legends are designed to be redistributed and usually warn users of a threat or claim to be notifying them of important or urgent information. Another common form are the emails that promise users monetary rewards for forwarding the message or suggest that they are signing something that will be submitted to a particular group. Urban legends usually have no negative effect aside from wasted network bandwidth, server resources and time. If you want to check the validity of an email, there are some web sites that provide information about hoaxes and urban legends: Urban Legends and Folklore – http://urbanlegends.about.com/; Urban Legends Reference Pages – http://www.snopes.com/; Hoaxbusters – http://hoaxbusters.ciac.org/; TruthOrFiction.com – http://www.truthorfiction.com/; Symantec Security Response Hoaxes – http://www.symantec.com/avcenter/hoax.html; McAfee Security Virus Hoaxes – http://vil.mcafee.com/hoax.asp
10. Protect yourself while shopping online. Use and maintain anti-virus software, a firewall, and anti-spyware software. Keep software, particularly your web browser, up to date. Do business with reputable vendors. Take advantage of security features like secure passwords and encrypting information between your computer and the vendor’s website (look for the “lock” symbol in the browser or the website address beginning with “https” rather than “http”. Use a credit card rather than a debit card. Check your statements for any unusual or unauthorized activity.
Hopefully these tips will help you and those around you to have a happy holiday and reduce the risk of an unwelcome holiday event due to being uninformed. Please feel free to share these tips with your friends and family to help increase awareness and reduce risky behavior.
See the CERT Cyber Security Tips website for more information like this.]]>
This may be a great tutorial for you and/or your users.
CERTStation Media – Spam-Prevent.mp3
I just ran my monthly e-mail statistics and these are the results:
97,000 msgs/day inbound
8,800 msgs/day delivered to end users – 9%
22,200 msgs/day quarantined as spam – 23%
66,000 msgs/day blocked as spam – 67%
This month had higher than normal quarantine activity. Quarantine has been running about 15% and blocking around 75%. How does your mail stack up?
Thanks for your time. Let’s be good network citizens together & practice safe networking!]]>
I found a great blog posting with links to some excellent Exchange resources. Keep this in your toolkit for those times you just can’t find the answer elsewhere to those nagging Exchange problems. I see lots of other IT people struggling with this system and looking for support here at IT KnowledgeExchange.
Some other Exchange resources I recommend are:
Microsoft Exchange Server Resource Site
Seven ways to organize your e-mail
MessagingTalk.org – Portal for Microsoft Exchange Messaging & Collaboration
Thanks for your time. Let’s be good network citizens together & practice safe networking!]]>
McAfee’s Great Spam Experiment, Unplugged
|Many spam messages sent to participants in the study were phishing emails or contained malware or links to malware-ridden sites|
Did anyone doubt that these would be the results? Thanks for your time. Let’s be good network citizens together & practice safe networking!]]>
Fifty Volunteers around the World Say ‘Yes’ to a Diet of Spam for 30 Days – Started April 1, 2008
McAfee, Inc. announced the launch of its global S.P.A.M. (Spammed Persistently All Month) Experiment. For the month of April, 50 participants from around the world – ranging from homemakers, government executives, and students to retirees – will surf the Web, make online purchases and register for promotions. Participants have been provided with a clean laptop without spam protection and a new email address. Beginning today, they will blog about their experiences daily at this website.
S.P.A.M. Experiment participants are from ten countries spanning the globe, including Australia, Brazil, France, Germany, Italy, Mexico, the Netherlands, Spain, the United Kingdom and the United States.
Let’s be good network citizens together & practice safe networking!]]>