Getting lots of Russian spam with Eset Mail Security 4

Discussion in 'ESET Smart Security' started by Sparkles, Jun 10, 2010.

Thread Status:
Not open for further replies.
  1. Sparkles

    Sparkles Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1
    We have Eset Smart Security 4 and Eset Mail Security 4 installed.
    Both work a treat and are good at blocking spam - EXCEPT if it is in Russian.
    We are being deluged with Russian spam and can find no way to filter it out.
    Even Outlook's Junk Mail filter, which is pretty good, lets it through.

    Any idea :doubt: what to do?

    Server is Windows Server 2003 x64 with Exchange 2007.
     
  2. Temp Member

    Temp Member Registered Member

    Joined:
    Mar 28, 2009
    Posts:
    263
    Location:
    Glasgow
    I used to get a lot of spam and now get nearly none.

    I set up this program > " FireTrust MailWasher Pro ", it does not interfere with my main mail program which on Vista was Windows Mail.

    You run it to start Windows mail after you check for Spam etc or if you choose for whatever reason to just run Windows mail without it if your waiting on an important mail one day.

    What it does is allow you to Blacklist or/and BOUNCE mails back to them.

    These lamer's who spam us get paid to do so and it cost them a lot of money for bandwidth to spam 10,000's of mail accounts per day.

    So you set it to Bounce (would avoid blacklisting for now) so you do get their Spam every day but it bounces back and when they periodically check they find that X amount of accounts are bouncing mail back to them so accounts must be expired so they really should remove you by common sense to save their bandwidth.

    Worked for me and that was probably 8-12month ago (honestly cannot remember when).

    Edit : It was back in March-April 2009.

    Also even though you may be using a real E-Mail program your ISP still may have some settings in their Webmail that will effect your mail as you get it from their server.

    My ISP has changed things now but it used to have a 1-5 for Spam detection settings I could change on their site if I logged into my account.
     
  3. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    Hello Welcome!

    In Outlook I use the junk mail filter as well, but it is only updated monthly.

    Attached are some advanced settings I use to block certain top domains and languages.

    Try those and I think you will find an improvement. :D
     

    Attached Files:

  4. stratoc

    stratoc Guest

    I may be wrong, but doesnt bouncing spam simply tell the spammer they have found a live one? so to speak!
     
  5. Temp Member

    Temp Member Registered Member

    Joined:
    Mar 28, 2009
    Posts:
    263
    Location:
    Glasgow

    Correct your wrong ! :p

    Choosing to use the UNSUBSCRIBE link IS what tells the Spammer that the mail account is active. ;)
     
  6. surfer1000

    surfer1000 Registered Member

    Joined:
    Jun 5, 2009
    Posts:
    66
    Location:
    UK
    Just thought id give my 2 pence worth...

    I have heard that Bouncing spam is a pointless excercise as most of the spam is coming from "harvested" domains so the spammers will never see your bounce back.

    In the old days when spammers weren't as technical as they are now they may of used there own domains to send spam and as such if you did bounce back mail then it did in fact tell them this address was "live".

    Obviously the worst thing you can do is click on "unsubscribe" to spam mail.

    For a really good spam detection you need to subscribe, like i do to a server based service that gets rid of the spam for you, so that when you start your mail program, you will only ever get 99% genuine mail!

    I use Vanquish at vqme.com and it is worth paying for believe me! I've been subscribed to this service for the last 5 yrs now.

    I never have to bother with junk filters or even the anti spam on ESS, in fact its turned off on my machines!
     
  7. Temp Member

    Temp Member Registered Member

    Joined:
    Mar 28, 2009
    Posts:
    263
    Location:
    Glasgow
    You have heard its pointless but have not tried for yourself going by your comment !

    I have tried it for myself and it worked for me.
     
  8. stratoc

    stratoc Guest

  9. Temp Member

    Temp Member Registered Member

    Joined:
    Mar 28, 2009
    Posts:
    263
    Location:
    Glasgow

    One minute you seem confused about bouncing next you read crap on web without being man enough to try it for yourself.

    I can tell you for a fact it helped me 100%, I do not talk for others or care what others claim to have read on some site.

    Until you have tried if and it fails you cannot comment on it not working.
     
    Last edited: Jun 10, 2010
  10. stratoc

    stratoc Guest

    i don't get spam :-*
     
  11. surfer1000

    surfer1000 Registered Member

    Joined:
    Jun 5, 2009
    Posts:
    66
    Location:
    UK
    So Temp Member your actually saying that your bouncing mails has stoppped your spam, well sorry I don't beleive that.

    I don't beleive for one second when you use your Mailwasher program to log onto the mail server, to see your mail before you select the genuine emails to release that there is hardley any spam shown there!

    For the record of course ive tried bouncing mails back, many years ago and found the practise to be useless.

    I've never actually bothered with programs like Mailwasher as i feel the exercise you have to go through, and i quote from Mailwasher site,totally defeats the object!...you may of well just get the spam and delete the thing!

    Open MailWasher
    * Click, Check Mail,
    * Mark your email for deletion or keeping,
    * Click Process Mail,
    * Then you open, (or Mailwasher Opens ) your email program,
    * Click Send/Receive in there to check for new mail like normal


    Stratoc's 2 links above really does say it all!

    Now who wants to buy some Viagra ?
     
  12. PaulB2005

    PaulB2005 Registered Member

    Joined:
    Apr 19, 2005
    Posts:
    525
    Most spam comes from zombie PCs and faked addresses so Bouncing spam (Viagra, watches, Phishing emails etc) achieves nothing. It's like telling your neighbour or a random stranger you don't want to receive leaflets from your local Double Glazing company shoved through your letter box. You just have to think about where the Bounced message is going. It's not going to the person it originated from in most cases, and even if it did i suspect they are not in a position to do anything about it. If the message is bounced back to joe.bloggs@someisp.com what is he going to do with the bounced message?

    As for cost, as mentioned before when spam originates from a zombie PC the spammer doesn't pay for the bandwidth. The owner of the infected PC does. The virus, once installed, connects back to a C&C (Command & Control) server - another infected PC or server - at the infected PC owners cost, and then the message of the day and a list of email addresses are retrieved at the PC owners cost. The spam emails are sent out by the zombie PC at the PC owners cost. The bandwidth cost to the spammer? Almost nothing. All they have to do is upload a small file to the C&C server a few times a day. The days of spammers spamming directly from their OWN PCs are long gone. It's costs very little to send 1,000,000 emails and the costs are more than covered by the first few people to buy anything from the spam. And people DO buy these pills and watches otherwise they wouldn't bother to keep spamming you about them.

    I used MailWasher several years ago and, no, it didn't work for me. After 18 months my spam levels where still the same.

    Also in the past my email address has been used twice as a "return address" meaning i was getting loads of bounce messages for 24-48 hours from delivery failures from spam runs. No i didn't have a virus and the emails didn't originate from my PC. Have a look at some of the spam you receive and you'll see what are probably innocent peoples email addresses being used as the return address. In most cases they and their PC probably have nothing to do with the spam in the first place (i.e. it did not come from their PC). The same has happened to a few of my customers over the years - including one man who was receiving over 300 bounced messages an hour. I suspect these were genuine bounce messages rather than those generated by programs like MailWasher but it shows that bouncing is mainly in-effectual.

    When this crap is already being sent around the internet eating up bandwidth it doesn't help to keep sending it on again.

    It's true if you use the unsubscribe option in these messages you are probably just confirming your email address is live.

    Personally i delete all spam manually using POPPeeper as i have yet to find an Anti Spam that doesn't suffer from False Positive and False Negatives. Much easier to manually delete a few emails a day before opening Outlook.
     
    Last edited: Jun 11, 2010
  13. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    If an unsolicited message slips through the spam filter or a legit message is evaluated incorrectly as spam, please export to an eml file and convey it to customer care for perusal.
     
  14. Temp Member

    Temp Member Registered Member

    Joined:
    Mar 28, 2009
    Posts:
    263
    Location:
    Glasgow

    I do not give two monkeys what you believe and BTW do not make me out a liar. :mad:

    I gave input for OP not to get total BS from others who ain't even tried it so know nothing on subject of my findings.

    Go and read how it works and IT worked for ME and I had used same email account for 9yrs and done all sorts of dumb things with it before I knew any better and got tons of Spam every day.


    Stratoc, Does not know what he is talking about (post #4), then he changes his sorry (post #:cool: and shows he can at least use Goggle and finds some old link to some BS info.

    As I said I gave info to help the OP and STATED it worked for ME, I do not care what any others with big mouths have to say on my input, you sure do seem to love Stratoc.

    I do not slate others input, I simply ignore it and add my own and I expect others inc you to do the same.

    You and Stratoc's have derailed this thread with your posts towards me.
     
    Last edited: Jun 11, 2010
  15. stratoc

    stratoc Guest

    relax dude! everyone of your posts seems like a crusade. If you enjoy bouncing spam bounce away, nobody will change you mind, they never do on any of your posts.
    have a beer or something....
    and ya i used google, for expert opinion. I have had the same e mail account for 6 years and get very little/ no spam. thats cos i dont do stupid things. figure.
     
  16. Temp Member

    Temp Member Registered Member

    Joined:
    Mar 28, 2009
    Posts:
    263
    Location:
    Glasgow
    No just sick of peeps on this forum who do not actually help the OP but rip through another post.

    1) Read OP's post.

    2) Add your input without giving grief to another person who gave their input.

    3) let the OP then read and decide what to do.

    You can see here as well as nay forum that when someone asks something that's half difficult nobody will answer but all jump on the simply threads.

    No crusade here, just sick of keyboard warriors who dis others and if you do not like that form of posting then do not respond to my posts.

    I ain't ever got any answer here that actually worked for anything, ESET always fix the "so called user issues" with updates. :rolleyes:
     
  17. surfer1000

    surfer1000 Registered Member

    Joined:
    Jun 5, 2009
    Posts:
    66
    Location:
    UK
    Temp Member your post was "jumped on" because you were giving advice that is now, not relevant to today's spammers! And will not help the OP

    Not bouncing back mails is not just a few peoples opinion but is now the Industry's main advice!.......go and ask your tech guys at your ISP and see what they say!


    I also love PaulB2005.....cause he talks sence!
     
  18. Temp Member

    Temp Member Registered Member

    Joined:
    Mar 28, 2009
    Posts:
    263
    Location:
    Glasgow
    Go and rent a room then !

    As I said you can add your input without trashing others.

    It worked for me END OF STORY.
     
  19. PaulB2005

    PaulB2005 Registered Member

    Joined:
    Apr 19, 2005
    Posts:
    525
    Sorry, but if you understood how modern spamming runs are performed you'd realise that bouncing CAN'T work. Have a look at the mechanism of the spamming run. Have a read of the info that has been posted above. Bouncing messages just CAN'T work.

    I suspect you've had a purely circumstantial reduction in spam. Perhaps your ISP catches more now. Perhaps because you don't open spam (and therefore confirm your address is active) you have dropped of the lists of live email addresses that get sold around the world.

    If you can explain how bouncing a message to "random stranger anywhere in the world B" when it originated from "random stranger anywhere in the world A" can reduce spam then I’d love to hear it. I'll use the same technique to get my friend in Australia to stop my local firms from shoving leaflets for pizza and kebabs through my door every 15 minutes.... However, as has been pointed out above, if the return address is not the originators address the sender isn't getting the bounced message. They don't want them and they don't care about them.

    In a real example from last week i had a phishing email from "HSBC Bank". The reply address was security @ hsbc.co.uk. Now if i bounce that message and the mailbox exists, how does that reduce spam?

    In another example the reply address to some Viagra spam was obviously some ones real address (someone @ someisp.com). If i bounce the message to them will they forward it to the spammers?
     
  20. Temp Member

    Temp Member Registered Member

    Joined:
    Mar 28, 2009
    Posts:
    263
    Location:
    Glasgow
    You still blabbering crap in this thread without actually directing to the OP ?

    I am happy with next to no Spam, what I used worked for ME, now move on and let thread die or actually post your idea for OP like I was 1st to do.

    I think I will just set 2 or 3 peeps in this thread to ignore and be done with it, no help ever needed from you anyhow.

    P.S Hats off to " Escalader ", he comes in with a 2nd post be it he read or did not read my post and posts his input and leaves.

    Unlike 3 other big mouths who have done nothing to actually help the op but talk crap to me and 1 of who actually made me out a liar.

    Totally derailed thread and all 3 are now blocked so don't waste your time or others time posting more crap towards me as I will not see it.
     
  21. surfer1000

    surfer1000 Registered Member

    Joined:
    Jun 5, 2009
    Posts:
    66
    Location:
    UK
    wat a tossor
     
  22. PaulB2005

    PaulB2005 Registered Member

    Joined:
    Apr 19, 2005
    Posts:
    525
    It's not a race.


    and you helped? How? Out of date and inaccurate advise??


    No-one did that.


    Wow! Your ego heavy? It's all about you isn't it?

    Besides the OP had been answered by Escalader and i addressed Temp Members totally out of date and ineffective crap advise, which i'm sure i can do. I also didn't see TM stop responding and attempt to stop the derail either...
     
    Last edited: Jun 14, 2010
Thread Status:
Not open for further replies.