We talked about controlling spam on the servers, and one of the ways was to block all spam at the SMTP server itself, so that it never goes out. A whole range of software available for the job. The one we got for review is anti-virus cum anti-spam software from Symantec. The software is designed to work as an SMTP server on your network. It filters and scans all email before they go out from your server. This is particularly useful when there is a self-replicating virus received by one of the systems on your network that spreads by mailing itself to multiple recipients from the original receiver’s address book. The software can also examine attached files and repair or quarantine them. To handle spam, there are options like blocking messages containing certain words or symbols and flagging them as “SPAM” before delivering them.
It can work on a Windows NT or 2000 server and requires you to define ports where HTTP (since the interface for this tool is Web-based), SMTP and HTTPS requests can be served. If you’re installing it on the same machine as the mail server, then you will need to change its default SMTP port so that it doesn’t conflict with that of the SMTP server. All its services are accessible and configurable from its Web-based interface. There are two major groups of policies, the Antivirus Policy and the Blocking Policy. To guard against viruses, the first thing is all messages are scanned for a virus and the message with a virus, blocked, deleted or quarantined. You can setup who should be notified when this situation arrives. You can also delete mail attachments that contain a file extension you don’t want, and replace it with a text file that gives a reason for removing it.
Other options include blocking emails of a size larger than or equal to certain megabytes. You can also set these options for encrypted or compressed messages.
You can block messages coming from certain domains, or containing some words in the subject line. You can block messages based on their validity tested on anti-spam blacklists called DNSBL (DNS Black Lists). And you can also block relaying of messages from your domain for all other domains, except the ones you define. This is so that your mail server does not end up being an open relay server for all sorts of spam-tricks.
For reporting, you can choose to see summary or detailed reports with various options covering system actions (like log in and log off), SMTP actions (like connection from/to), message actions (like accepted and dropped) and blocking actions (like virus logged, and spam list block).