Related
Recommended
RobertIanson

Original Author: Robert Mitchell - Posted September 9th 2014

Spam Increase Summary: 

Snowshoe spamming is a strategy in which spam is propagated over several domains and IP addresses to weaken reputation metrics and avoid filters. The increasing number of IP addresses makes recognizing and capturing spam difficult, which means that a certain amount of spam reaches their destination email inboxes before the filter can actually update.

Samples of recent Subjects found for this type of spam:

  •          Final Notice: Your-HomeWarranty has ended.
  •          Re: Clearance-Pricing has new Fords
  •          Re: Your background may have recently been searched by a third party.
  •          Select a 2014 (Ford)
  •          Funeral Cost are Rising. Can you afford to die?
  •          Re: Your-score may be updated
  •          Home DIY Network - (NEW) DIY woodworking plans
  •          Protect and Beautify Your Garage Floor

 

Actions being taken by Reflexion:

  •          New filters are constantly being created to stay on top of the attacks.
  •          Ongoing analysis into the origins of these attacks continues and there have been several adjustments made to our reputation data to effectively block these messages.

 

Additional steps you can take:

Enable Permitted Countries (Enterprise and User setting) – We’ve seen that most of the outbreaks are occurring from IP addresses outside of United States.  When enabled, the system examines the IP address of the sender's mail server to determine its country of origin. If the country of origin is not from a country that is among the permitted countries chosen by the enterprise and user, the system will block the message and place it into the quarantine or vaporized.

  •          Click on the customer name  or the username
  •          Mouse over Enterprise options or User options
  •          Click Permitted Countries

Deny Delivery for unlisted Reflexion users (Enterprise setting) - All messages to recipients not specifically listed on the system are rejected. This option provides the greatest level of protection from spam. Any user wishing to receive email from the Internet must be added to the system right away.

  •          Click on the customer name
  •          Click on enterprise options
  •          Click enterprise properties
  •          Perimeter Defense

Enable “Block incoming newsletters and bulk mailings” (Enterprise and User setting) – This settingis designed to identify messages sent in large quantities. This includes unsolicited as well as solicited high-volume mail. You may enable this feature as an added layer of protection against unwanted messages, but remember that you will need to whitelist any senders of bulk mail from which you wish to receive messages (such as reputable merchants like Amazon, eBay, etc).

  •          Click on the customer name  or username        
  •          Click on enterprise options  or user options
  •          Click on enterprise properties  or user properties
  •          Under Security Settings check : Block incoming newsletters and bulk mailings

 

Unfiltered HTML