5 ..no.. 6 Steps for Avoiding SPAM break outs in your environment

Off
Strongback Consulting

In light of a recent issue I had at a client site, I want to share some simple tips that will greatly help you reduce both the amount of SPAM your receive as well as the amount of SPAM you send through your Lotus Domino systems. Yes, I said SEND. One of the largest culprits today is the use of botnets to deliver unwanted, unsolicited email. A botnet is a virus that infects multiple computers and acts using a grid or cloud technology. There are many ‘zombies’ and several command and control server. The most common one at the moment (October, 2010) is the RUSTOCK botnet (as shown in the picture below). 

This botnet is pretty sophisticated. I won’t go into the details of how you remove it from your clients. However, having an infection will cause you to get listed on a DNS blacklist site such as CBL, or spamhaus. You will need to have the problem addressed before you delist your site, otherwise, you’ll end up just getting relisted. Getting relisted multiple times may end up getting you permanently listed. This means your users will not be able to send email to some recipients. In some cases this can result in loss of revenue, loss of reputation, and loss of potential customers.

All this said, here is my key advice:

Lock down your firewall – prohibit outbound SMTP traffic to port 25 or 465 from the general population.

This will prevent your potentially infected users from sending spam directly to the Internet. Port 25 is basic SMTP, whilst 465 is secure SMTP. Both should be secured to only allow your key relay host (or smart host), or your dedicated SMTP, or antispam gateway to relay mail directly to Internet hosts.

Implement DNS blacklist filters

Lotus Domino has MANY features to help you combat SPAM. Using common DNS blacklist filtering sites is a great way to prohibit common spam ISP server from delivering to your domain. That said, in light of the increase in SPAM bots, this setting is having a decreasing effect. This will primarily affect inbound SMTP hosts from delivering mail.

Move mobile users to Lotus Traveler

If you have iPhone, iPad, iPod touch, Android, Windows Mobile, or Symbian users, they are probably using IMAP, POP3 and SMTP to send through your system. This is the least effective method, if you are using the latest version of Lotus Domino. ALL Lotus Notes clients are entitled to the new Lotus Traveler server. It is very easy to implement and is included in your licensing (i.e. you should already own it). All it takes to implement it is to install it. You can install it on Linux (Novel Suse being my preference), and save yourself a Windows server license as well. This is a product that acts like a Blackberry Enterprise Server would but for other mobile devices as listed above. You get enterprise level synchronization with email, calendar, and contacts, plus remote wipe capabilities. Try that with POP3!

Prohibit POP3, IMAP, and SMTP based clients

Now that you have eliminated mobile users from needing POP3 or IMAP, now you can draw your aim to those Outlook, Eudora, Windows Mail, and Entourage usersh who just want to use a different client. If they barf on you when you try to install Lotus Notes, just fire up their web browser and give them iNotes. It has become a fabulous client, and has similar usability patterns as Outlook, without all the virus vulnerabilities. Oh, and if you have Linux/Mac users, Lotus has supported and off the shelf clients for those platforms as well. Yes, the Mac client works great, and so does the Linux (Ubuntu and Suse) clients. Eliminating Outlook will especially ensure you don’t run across viruses that exploit the various Microsoft MAPI and Visual Basic vulnerabilities also.

Institute a dedicated anti-spam appliance

And use it as the principal routing inbound and outbound. In other words, make it the SMTP smart host, where your Domino server routes all outbound SMTP traffic to. Set the appliance IP address as the MX record for the domain (this means all inbound SMTP traffic flows through it. This ensures that content is filtered before it reaches your users, and it ensures that any SPAM from spam bots inside your network are filtered out before it reaches the Internet. Some good appliances out there are Lotus Protector and Barracuda. Lotus Protector has the best integration with Lotus Notes (gee… imagine that).

Lastly, DON’T LET YOUR MARKETING DEPARTMENT SPAM YOUR CUSTOMERS!

Sigh. Yes this is the temptation of all marketing departments. Truth be told less than 1% of unsolicited email sent ever reaches its destination. It will especially be low because it is sure to get your domain added to DNS blacklists and SPAM filters. You need to get your marketing departments to use opt-in email marketing tools. There are several on the market. We use iContact, but there are others such as Constant Contact. You cannot use these for purchased lists. Rather you can use your own lists, and allow users to sign up to your lists using sign up forms. In other words, you have to earn their email addresses. For more information about setting up an opt-in email system visit:
http://www.icontact.com/

Comments are closed.