RE: Flood of "System Administrator" Undeliverable SPAM, please help

RE: Flood of "System Administrator" Undeliverable SPAM, please help (Full Version)

All Forums >> [Content Security] >> GFI MailEssentials for Exchange/SMTP

Message

bancza -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (2.Apr.2008 12:08:37 AM)
I'm not sure what your other settings are but I'm catching most of these with SPF set to HIGH. Of course you will have some legit email end up in Junkmail but that's much less of a problem than having hundreds of junk showing up in the inbox. Users are advised to check the junkmail regulalry for any legit emails.

trcc -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (2.Apr.2008 2:56:54 AM)
There was a misunderstanding by me, sorry. Jan did not told to train the Filter by moving NDR-spam to thisisspam-folder. quote: ORIGINAL: LukeQuake We raised this with GFI support this morning and from my understanding all spam providers are being affected by this at the moment (not just GFI). The GFI developers are working on a fix but we don't have an expected release date yet... (...) So, we have to hope that the developers soon can fix the NDR-spam problems quote: ORIGINAL: JanZoet Hello,(...) LukeQuake, We are indeed looking into the possibilities regarding how to deal with backscatter. Please keep in mind that a NDR does not have to be spam. A user might actually have mistyped the address of the recipient. The challenge is making sure legitimate NDRs get through but backscatter get's filtered as spam. I'm sure you can image something like this is easier said then done. Kind regards, I have soemthing "easy to say" [;)] ME should only let pass NDRs suitable to mails who have left ME in the past.

LukeQuake -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (2.Apr.2008 4:01:15 AM)
quote: ORIGINAL: bancza I'm not sure what your other settings are but I'm catching most of these with SPF set to HIGH. Of course you will have some legit email end up in Junkmail but that's much less of a problem than having hundreds of junk showing up in the inbox. Users are advised to check the junkmail regulalry for any legit emails. We've done the following:- 1) Ensured that we are using the most recent version of ME. 2) Ensured that the registry key has been set to 'catch' these NDR mails. 3) Spoken to GFI and are awaiting a fix from the developers (which will be soon I hope!). We can't change our SPF settings as everytime we've done this in the past ME has fallen over and spam has flooded in, so we have to leave it at low for the moment. I would suggest that everyone with a valid support contract emails GFI about this problem to try and rush through a fix.

pmcneill -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (2.Apr.2008 9:01:39 AM)
We seem to have a user a day reporting they got slammed with 300-400 of these overnight. Really counting on GFI for a solution to this.

pcecom -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (2.Apr.2008 9:54:12 AM)
I experienced the same problem last week as this thread shows. http://forums.gfi.com/getting_spammed_by_underliverables/m_900760780/tm.htm Basically the same responses as this current thread. I stopped receiving NDR's until today I get up and check my phone and there are hundreds of NDR's. Please, please, please, create a fix for this soon.

cepolly -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (2.Apr.2008 4:05:42 PM)
Still getting flooded, albeit in the new senders, keyword, header and junk email folders. why new sender is in the mix, i'm not sure. also an added surprise is that now my delivery status/confirmation messages are being sent to my new senders folder too.

tleavit -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (2.Apr.2008 5:11:37 PM)
Wanted to share that we are having the exact smae problem. 8ish users in the past week hammered with 500+ messages sometimes in an hour.

LukeQuake -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (3.Apr.2008 3:47:47 AM)
GFI - Is there any update on this yet? We need this fix asap!

jmjacquet -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (3.Apr.2008 5:25:15 AM)
Same problem for us. +/- 5000 NDRs last night... It is really a nightmare. We had to create special Transport Rules on Exchange to stop all the inbound NDRs.

LukeQuake -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (3.Apr.2008 6:56:20 AM)
quote: ORIGINAL: jmjacquet Same problem for us. +/- 5000 NDRs last night... It is really a nightmare. We had to create special Transport Rules on Exchange to stop all the inbound NDRs. I was going to do this but we will then be shutting out legitimate NDRs... However, I suppose this would be better than being hit by these...

alexc -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (3.Apr.2008 9:41:42 AM)
Hi all, Just wanted to let you know that we _are_ actively looking into this. It is not an easy matter since cranking up filtering on DSNs and NDRs involves some different approaches to filtering normal emails, apart from increasing false positive risks on legitimate notification traffic. I also wanted to clarify some things regarding the ase_scandsn registry option: - It enables filtering of DSN/NDR traffic, but - The emails which are embedded/attached within the DSN/NDR are still not scanned. This is probably one thing we will need to change -- we're looking at the options. Regarding what wrabbit said about the 2 subjects in the email -- actually the second subject is the one of the embedded email, which, as I said, does not get scanned currently. We're actively looking at the options -- will keep you posted. _____________________________ Alex Cachia Project Manager - GFI Software - www.gfi.com Messaging, Content Security & Network Security Software

andih98uk -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (3.Apr.2008 9:55:53 AM)
Thanks Alex, i've vastly reduced the number were getting from the help on this forum but there's still a few getting through. Good to know you're working on it.

M4Gg0T5 -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (3.Apr.2008 10:06:30 AM)
I have this problem since yesterday and it's totally out of control. Users are freaking out hehehe. I just want to know something, IF I enable BAYESIAN filter which I guess is a must, will the Keyword checking be used too ? In the engine order, Bayesian is before Keywords because it's more powerfull and before yesteray it was doing a very good job but I wonder if I should put Keyword checking first for this problem. I've hears somehwere that when Bayesian is activated, the Keyword checkling wasnt considered in the message filtering. I will had the few words like (failure, delivered, undelived) in the list and that may help since the next patch or fix about this. Can someone clarify this ? Thanks

LukeQuake -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (3.Apr.2008 10:23:52 AM)
Alexc, Thanks for your message. Please try to keep us updated.

chaznsc -> RE: Flood of "System Administrator" Undeliverable SPAM, please help (3.Apr.2008 11:16:44 AM)
Just anf FYI, we applied the registry hack, however, the messages are still flowing into the inboxes. Its not as bad as some have reported but its several dozen messages a day for most users, more than I need to see. Hope this helps. chaz

Page: << < prev 1 2 [3] 4 5 next > >>