Domain: mxlogic.com
Stories and comments across the archive that link to mxlogic.com.
Comments · 8
-
Re:bad summaryActually, the Govtrip website was completely down for most of the week. Here's a mxlogic report that says just that:
http://www.mxlogic.com/securitynews/web-security/govtrip-hacked-offline-for-more-than-a-week979.cfm
Second, "user information was not compromised" was how they first responded to the initial reports of a break-in at the (monster.com outsourced) government's job site (http://www.usajobs.opm.gov/)
-
Re:Thanks Intel/Microsoft
How is it irrational? They busted a "suspected child pr0n user" in my home town awhile back. I often walk right past the booking area on the way to the store. Do you know what that guy looked like? Like he had been dropped down a flight of stairs a couple of dozen times. Have YOU ever had your door kicked in? I have. They didn't even bother to look at the street number before kicking in MY door looking for the wife beater down the street. I had my arm nearly yanked out of my socket. Cops around here are so corrupt and scary I couldn't even get a lawyer to file a suit. The SECOND you say "suspected pedo" you have given bubba the cop a license to stomp your ass.
And you might want to read this which brings up EXACTLY what I had just posted. And have you already forgotten that the FBI doesn't even bother with getting referrers with their fake child pr0n web traps, just an IP address, which of course would trace back to YOUR router? So how exactly am I being irrational?
-
Have you considered outsourcing?
I run a shop with around 50 users and growing. I looked at various options and did TCO estimates for them and looked at feature sets and easy of management. In the end I chose to outsource our SPAM filtering to a 3rd party, namely MX Logic.
The reasons for choosing outsourced filtering/MX Logic over an inhouse solution:
1) Cost: Less expensive than choosing a commercial inhouse solution that requires annual maintenance for our size of userbase (cost would have favored inhouse solution after around 150 users).
2) Security: I don't have any mail servers open to the internet at large anymore (not even in my dmz). All incoming mail flows from MX Logic so I'm able to filter out all other incoming SMTP traffic at my firewall with an ACL that only allows MX Logic's IP block to access the mail server in my DMZ. I no longer have the whole of the asian pacific rim IP range trying to flood my mail server every day.
3) Ease of management: if a user gets a suspect message that goes to quarantine that individual user gets an email digest alerting them to each quarantined message. The user is able to decide whether to delete or allow the messages. They are also able to set an allow_always for specific senders that got quarantined. I don't have to do anything.
4) Other Features: MX Logic also scans for viruses, blocked attachment types, etc all before anything gets to my internal mail server.
Now implementation cost would be less of an issue using an open-source solution for sure, but I don't think the ease of management or firewall-level security would be as good. The TCO may actually be higher when you consider time spent managing the solution. With MX Logic I haven't had to do jack since implementation. If you do choose to use an outsourced filtering solution like MX Logic or Postini, or whatever I'd recommend using that service to relay your outgoing SMTP and create an SPF record for it also or you may have issues with servers that use greylisting.
-
Managed Service
A managed service is flat out the way to go. That way you don't have to mess with installing and managing software or hardware that's just going to get old and useless.
My recommendations are:
MXLogic
MessageLabs
Spam Spy
There are many others too. Postini is the most popular but I hear it kind of sucks.
Best of luck! -
Zombies will steal your sender IDRight now, most zombie machines send using some arbitrary identity. Most of them are just proxies or forwarders, not mail generators. The way the spam industry works is that you rent some zombies at SpecialHam, get a "bulletproof mail server" from Black Box Hosting in China, install Dark Mailer, and go. Dark Mailer runs on the "bulletproof mail server" and generates the messages, which are sent via your rented proxy farm.
If sender ID goes in, the software that takes over a target machine will just have to use the normal sending identity for that machine, or, more simply, transmit it back to the bulk mailer so the mailer can construct the outgoing messages accordingly.
MX Logic reports that, as of March, 9% of spam already has valid SPF markings, and 0.83% have valid Sender ID markings. So the technology to bypass SPF and Sender ID is already deployed.
-
Re:At least it works
-
Re:Big Surprise
What it does is force the sender of the email to be accurate.
Actually, no it doesn't. All it checks is the *DOMAIN* of the email, not the sender. So address forging can still happen.
And it's not like the spammers can't spend $8 a month for a new domain which will bypass all of this crap.
Remember, the biggest adopters of SPF are spammers -
Re:Nearly impossible?
Um... so use dynamic MX record based filtering.