Logo
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
EPL Standings
 
 
Windows Server

Securing an Exchange Server 2010 Environment : Protecting Against Spam

3/25/2011 11:19:22 AM
Unsolicited email messages are often referred to as spam. These usually unwanted and often offensive messages are utilized as cheap advertising for unscrupulous organizations. In the past several years, the increase in spam traffic has surpassed even the most liberal estimates, and many studies have found that spam traffic accounts for up to 85%–90% of the messaging traffic on the Internet today.

Spam does not just affect your patience and productivity; it affects companies, Internet service providers, and anyone else who is hosting messaging services. The battle against spam is just beginning, and legal battles are well under way against both known spammers and companies that host the messaging services. In some cases, employees are suing employers on grounds that the employer has not taken adequate steps to protect them from offensive materials.

Exchange Server 2010 Antispam Features

Spammers are becoming increasingly more creative and cunning, frequently changing their email addresses, domain names, content, and more to get past a company’s protective measures.

Microsoft has provided at least some basic form of antispam technologies in Exchange Server since version 5.5 and Outlook 98. For example, junk mail filters were provided to help identify messages that had either offensive material or other keywords indicating the message was spam. This form of spam prevention placed most, if not all, of the responsibility on the end user to block unwanted email messages.

Exchange Server 2010, when combined with Outlook 2007 or Outlook 2010, provides several methods of reducing unwanted spam messages:

  • Increased protection through integrated security technologies

  • Improved email legitimacy assurance

  • Distribution lists restricted to authenticated users

  • Connection filtering

  • Reputation service

  • Outlook junk email filter lists aggregation

Protecting Against Web Beaconing

A common and very popular format for email messages is Hypertext Markup Language, or HTML. This format is so popular because of the rich content that can be presented, including graphics, images, font formatting, and more. However, HTML-based messages can also present security problems and annoyances because of the ability to hide various codes and images within the message.

One such security problem is called web beaconing. Web beaconing is a term used to describe the method of retrieving valid email addresses and information on whether a recipient has opened a message. Advertisers, spammers, and the like utilize web beaconing to help them become more profitable and improve audience targeting. For instance, when an unsuspecting user opens an email message that contains a web beacon, the user’s email address and possibly other information is sent to the solicitor, notifying them that they a) have reached a valid recipient and b) have reached a recipient who is willing to open their message before deleting it. The user is oblivious that their personal information has been given.

Outlook 2003 and 2007 can be used to block web beacons and, consequently, prevent the user’s email address from ending up in the wrong hands. By default, if Outlook suspects that the content of a message could be used as a web beacon, it presents a pop-up window warning users that links to images, multimedia, or other external content have been blocked to help protect their privacy. The text content of the email message is viewable by the user, and the user is then presented with an option to unblock the content. This enables the user to make a conscious decision of whether to display all the contents of the message.

This default setting is recommended because it is an excellent way to protect end users from unsolicited emails; however, it is possible to disable this option. To change the default settings in Outlook 2003, do the following:

1.
Select Tools, Options.

2.
Click the Security tab and then click Change Automatic Download Settings.

3.
In the Automatic Picture Download Settings window, choose whether to download pictures or other content automatically. Outlook 2003 can also be customized to automatically download content from safe lists or from websites listed in the trusted Microsoft Internet Explorer security zones.

To change the default settings for automatic downloading of content in Outlook 2007, do the following:

1.
Select Tools, Trust Center.

2.
Click the Automatic Download tab. Select the desired settings from the available options. By default, all options are selected.

Note

If Automatic Picture Download is turned off, messages from or to email addresses or domain names on the Safe Senders and Safe Recipients lists are treated as exceptions and the blocked content is downloaded.


Filtering Junk Mail

As mentioned earlier, junk mail filtering has been available in earlier versions of Exchange Server and Outlook. This feature has been improved with each new revision and is useful in minimizing the need for end users to configure junk mail filtering options. In fact, junk mail filtering is primarily controlled by Exchange Server administrators. However, some options can be configured by the users. With junk mail filtering, many unwanted messages can be segregated and set aside before they reach the user’s Inbox.

Both Outlook 2003 and Outlook 2007 give you the ability to change the level of protection provided by your junk email filter. To do so, perform the following procedure:

1.
Select Tools, Options.

2.
On the Preferences tab, in the E-Mail section, click Junk E-Mail.

In addition, both Outlook 2003 and Outlook 2007 provide the following options:

  • No Protection (2003) or No Automatic Filtering (2007)— Although the junk email filter does not perform any filtering on incoming mail, messages sent from the blocked senders list are still moved to the junk email folder.

  • Low (the default setting)— Safe and block lists are consulted with this level of protection, but Outlook also searches for keywords and phrases in the message’s subject and body.

  • High— On this setting, the most aggressive filtering is performed. Although you can increase the amount of junk email captured by using this setting, there is the possibility of “false positives,” which can result in valid messages being mistakenly filtered out.

  • Safe Lists Only— This setting is the most restrictive because it allows only messages from preapproved senders to be delivered to the Inbox.

Both Outlook 2003 and Outlook 2007 offer you the additional option to Permanently Delete Suspected Junk E-Mail Instead of Moving It to the Junk E-Mail Folder. You should hesitate before using this option because you lose the ability to review the junk email folder to look for missing messages.

Outlook 2007 gives you the following options to battle email phishing attacks:

  • Disable Links and Other Functionality in Phishing Messages (Recommended)— Using this option disables links, the “reply to” feature, and the “reply to all” feature on suspected phishing email messages.

  • Warn Me About Suspicious Domain Names in E-Mail Addresses (Recommended)— Using this option warns you when a message comes from a domain name (for example, @mlcrosoft.com) that uses certain characters to make it appear to be a well-known domain.

Filtering with Safe and Blocked Senders

Both Outlook 2003 and Outlook 2007 allow users to create and manage their own Safe Senders and Blocked Senders. As the name implies, the Safe Senders list is made up of user-defined addresses or domains, and messages from these addresses or domains will never be treated as junk email. Conversely, the Blocked Senders list is made up of user-defined email addresses or domain names, and all messages from them will automatically be treated as junk email.

In addition, both Outlook 2003 and 2007 provide the option to configure a Safe Recipients list. This option is useful when you are a member of an emailing list or group. By adding the list or group to your Safe Recipients list, any messages sent to the email addresses or domain names on that list will not be treated as junk email messages, regardless of the sender.

Both Outlook 2003 and Outlook 2007 allow you the option to automatically treat anyone in your Outlook Contacts list as a Safe Sender. This option is enabled on the Safe Senders tab by selecting the Also Trust E-Mail from My Contacts check box. By default, this feature is enabled.

With Outlook 2003 SP1 and later, there is an additional option. If there are people who are not in your Contacts list, but with whom you regularly correspond, you can select to Automatically Add People I E-Mail to the Safe Senders List. This option is also found on the Safe Senders tab.

To quickly add a sender, domain name, or mailing list to one of these lists, you can right-click the message, select Junk E-Mail, and choose the desired option.

Outlook Email Postmark

In Outlook 2007, the concept of the Outlook Email Postmark is introduced. This feature helps ensure that email placed in the client’s Inbox is valid, and that email sent by Outlook 2007 will be trusted by the recipient’s email client.

Microsoft has developed this new technology as part of their ongoing effort to minimize junk email. When using the Email Postmark, the sending computer performs a computation, and assigns the resulting work as a token that the email is valid. By making the computation and sending of the message time consuming and resource intensive, mass emailers will find the process detrimental to their productivity; however, the process does not change the user experience for normal email senders.

Exchange Server 2010, upon receiving a message with an Email Postmark, uses it as one method of verification of the reliability of the incoming message.

Blocking Read Receipts

Both Outlook 2003 and Outlook 2007 enable users to request read receipts for the messages that they send. Read receipts tell the sender that the intended recipient has at least opened the email. Automatically sending these read receipts can offer spammers (or others) more insight into your mail reading habits than you might want to share.

By default, both Outlook 2003 and Outlook 2007 block the automatic sending of read receipts. Instead, the recipient is prompted with a message that asks them if they want to send a response.

If you want, you can change this setting to Always Send a Response, or Never Send a Response. To change this behavior, do the following:

1.
In Outlook, select Tools, Options.

2.
On the Preferences tab, in the E-Mail section, click E-Mail Options.

3.
Click the Tracking Options button.

4.
Select your desired setting, and then click OK three times to exit the configuration.

Information Rights Management

Introduced in Microsoft Office 2003 products, Information Rights Management (IRM) helps organizations protect digital information from unauthorized use. By integrating with a Windows Server 2008 technology called Active Directory Rights Management Services (AD RMS), IRM enables workers to define how a recipient can use the information contained in a Microsoft Office document.

Users can define exactly who can open, modify, print, forward, or take other actions with protected documents. In addition, users can specify an expiration date, after which the document cannot be viewed or acted upon.

Note

To create IRM-protected documents and email messages, the sending user must be using the Professional or Enterprise version of Office 2007/2010. Users of Office Standard can still read and use IRM-protected documents, but cannot create them or apply policies to email messages.


IRM granularizes security for supported Microsoft Office applications such as Word, Excel, PowerPoint, and Outlook, as well as any other IRM-aware application. IRM is intended to complement other security technologies, such as Secure/Multipurpose Internet Mail Extensions (S/MIME) and Pretty Good Privacy (PGP) by securing the contents of information (contained in a document, for example), but it does not provide authentication to the information.

Other -----------------
- Securing an Exchange Server 2010 Environment : Securing Outlook 2007
- Securing an Exchange Server 2010 Environment : Securing Your Windows Environment
- Windows Server 2008 R2 Administration Tools for Desktops : Creating Custom Installations Using Capture Images
- Windows Server 2008 R2 : Creating Discover Images (part 3) - Pre-creating Active Directory Computer Accounts for WDS
- Windows Server 2008 R2 : Creating Discover Images (part 2) - Adding Drivers to Boot and Discover Images
- Windows Server 2008 R2 : Creating Discover Images (part 1) - Creating Bootable Media with Discover Boot Images and the Windows Automated Installation Kit
- BizTalk Server 2010 : Correcting Errors in Functoids
- BizTalk Server 2010 : Navigating the Mapping Surface
- BizTalk Server 2010 : Using the Relevance Tree View
- New SOA Capabilities in BizTalk Server 2009: WCF SQL Server Adapter - What is the WCF SQL Adapter?
- Using Windows PowerShell in an Exchange Server 2010 Environment : Using EMS to Do Reporting
- Exchange Server 2010 : Using EMS to Do Administrative Mailbox Tasks (part 2)
- Exchange Server 2010 : Using EMS to Do Administrative Mailbox Tasks (part 1)
- SharePoint 2010 PerformancePoint Services : Excel Services Data Source
- SharePoint 2010 PerformancePoint Services : PowerPivot Data Sources
- Windows Server 2003 : Monitoring Network Protocol Security (part 7)
- Windows Server 2003 : Monitoring Network Protocol Security (part 6) - Use Netsh to Manage IPSec
- Windows Server 2003 : Monitoring Network Protocol Security (part 5) - Create a Negotiation Policy
- Windows Server 2003 : Monitoring Network Protocol Security (part 4) - Use the IP Security Management Snap-In to Create a Blocking Policy
- Windows Server 2003 : Monitoring Network Protocol Security (part 3) - Understanding Kerberos
 
 
Most view of day
- Microsoft Visio 2010 : Working with Data - Creating Reports (part 1) - Introducing the Report Definition Wizard
- Microsoft Dynamic AX 2009 : Report Customization (part 1) - Creating Promotional Materials
- System Center Configuration Manager 2007 : Configuring Desired Configuration Management
- Microsoft Systems Management Server 2003 : Configuring the Client (part 2) - Running Advertised Programs on Clients - Advertised Programs Wizard
- Maintaining Windows 7 : Delete Unnecessary Files
- BizTalk 2006 : Getting Started with Pipeline Development (part 2) - Understanding Pipeline Execution, Understanding Interchanges
- Windows Server 2003 : Protecting Hosts with Windows Host Firewalls - Routing and Remote Access Basic Firewall
Top 10
- Microsoft OneNote 2010 : Using the Research and Translate Tools (part 3) - Translating Text with the Mini Translator
- Microsoft OneNote 2010 : Using the Research and Translate Tools (part 2) - Translating a Word or Phrase with the Research Pane
- Microsoft OneNote 2010 : Using the Research and Translate Tools (part 1) - Setting Options for the Research Task Pane, Searching with the Research Task Pane
- Microsoft OneNote 2010 : Doing Research with Linked Notes (part 2) - Ending a Linked Notes Session, Viewing Linked Notes
- Microsoft OneNote 2010 : Doing Research with Linked Notes (part 1) - Beginning a Linked Notes Session
- Microsoft OneNote 2010 : Doing Research with Side Notes (part 3) - Moving Side Notes to Your Existing Notes
- Microsoft OneNote 2010 : Doing Research with Side Notes (part 2) - Reviewing Side Notes
- Microsoft OneNote 2010 : Doing Research with Side Notes (part 1) - Creating Side Notes
- Games and Windows 7 : Installing and Playing Third-Party Games
- Games and Windows 7 : Using the Games Explorer (part 4) - Managing Your Game Controllers and Other Game-Related Hardware
 
 
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
2015 Camaro