![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
emt-hawk.livejournal.com posting in ![[community profile]](https://www.dreamwidth.org/img/silk/identity/community.png){kind=small}
techrecoveryI work for a big company. A really big company. We have a pretty good IT department, and they're good at keeping my users from getting junk mail. Good, but not perfect.
I have about 100 users. In the past two days 3/4 of them have been in my office bitching about getting TWO emails that weren't caught by the filters.
You'd think they were being torn apart by bulls.
--Hawk
I have about 100 users. In the past two days 3/4 of them have been in my office bitching about getting TWO emails that weren't caught by the filters.
You'd think they were being torn apart by bulls.
--Hawk
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
no subject
Date: 2009-06-18 03:14 pm (UTC)I'd pay money to see that.
We have exactly the opposite problem. Our users are constantly complaining that our spam filters are too agressive and they don't get half of thier important emails. I monitor the logs ... they aren't important, unless you think "recipe of the week" from the food network, or golf news feeds are mission critical. If you want that kind of crap in your inbox, let me know so i can whitelist it, after running the request by your supervisor.
no subject
Date: 2009-06-18 03:25 pm (UTC)no subject
Date: 2009-06-18 03:41 pm (UTC)yah, the internet's working still.
no subject
Date: 2009-06-18 10:31 pm (UTC)haven't had anyone taking me up on it yet. :)
no subject
Date: 2009-06-19 12:27 pm (UTC)backscattering"bouncing" the rejected messages, but actually rejecting them before they get to the DATA stage.no subject
Date: 2009-06-18 03:30 pm (UTC)no subject
Date: 2009-06-18 03:50 pm (UTC)Sadly, my request to hold a User Re-Education Camp was denied. Might have something to do with my shaved head and large boots in conjunction with the name.
no subject
Date: 2009-06-18 04:30 pm (UTC)no subject
Date: 2009-06-19 12:25 pm (UTC)Also, I have a nasty habit of sending FULL Postfix logs of the messages that attempted delivery within a minute of the spam message coming through, and highlighting the ONE message out of a couple of hundred that wasn't rejected outright and saying "I'm SO SORRY". (Luckily the email sarcasm detector is generally broken.) And then pointing them at the pretty graphs that show we reject 70% of all email traffic even before it hits the content checker. They generally go away.
no subject
Date: 2009-06-18 11:42 pm (UTC)I once escalated a users spam request to the spam team...
Date: 2009-06-25 02:23 pm (UTC)User,
I understand your frustration and empathize with the impact spam has upon you. Unfortunately, there is no way to completely stop spam, only methods to reduce it. Fighting spam is a never ending battle since fighting spam is reactionary and spammers are very clever at constantly devising new approaches to get around the various antispam filters. FWIW, I did a quick check to see how many spam emails were being actually being sent to you. A random check of the antispam logs for several days in November indicates there is another 50-60 messages per day (average) that are blocked as outright spam that never reaches your mailbox nor the quarantine (i.e. "suspect") email mechanism. This is a fairly high number for the average corporate user and is generally indicative that your email address is probably "well distributed" amongst the spamming community.
(Edited paragraph for length, but this contained the reasons why not to change the users email address. The spam engineer does use the term automagically in a sentence)
One of the more common way addresses "get out" to other Internet users is that a corporate user "provides it" to the Internet community, usually w/o realizing it. If user responds to a newsgroup article, joins a mailing list or discussion group, enters information on certain web pages, etc. their email address can/will be picked up by the various Internet email spam/address scanning engines. A simple web search found your "xxxxxx@xxx.com" address publicly posted at numerous places where it can be readily found by such scanning engines (e.g. at http://xxxx you included your email address in your signature). Also, forwarding/receiving email, pictures, or other "articles of interest" to/from business associates/friends/family is another common source of addresses to spammers, since many of these senders are "unaware" of how email works. They will send/forward the email as "To" or "Cc" instead of "Bcc" which exposes the senders/recipients addresses to others, especially when these people in turn forward to someone else. The best way to prevent users from getting on spam mailing lists and receiving unwanted email is "up front " education on how to keep stay off sources for the mailing list in the first place. There was a recent presentation to the enterprise Antis Spam Focus Group that proves an overview of some of the methods used to obtain and/or validate email addresses. Please see: http://helpfulinternalwebsite and review the presentation "But I never gave them my address, did I", as well as the presentation "How does some spam get past the filters"....(edited for length, talks about using caution with email)