Sunday, August 21, 2011

configuring VAMSoft ORF anti-spam on an Exchange server

If I was to rank spam software for Exchange servers, I'd rank them this way:
1) Postini and other off-site similar services

However, ORF costs way less. As of August 2011, ORF is $249 for the first year and then $99 each year thereafter. This is for unlimited users.

Also, ORF requires minimal configuration, which I'll go over here.

After installing ORF, the first change I make is to add an external DNS server. I add Google's public DNS, as seen here:

The next thing I do is enable the tests I like. Unfortunately, before I did the installation where I took these screen shots, I didn't track which tests I enabled. It's only three or four tests, but here is a screen shot with all the tests I enabled after I had enabled them:

In the test for DNS blacklists, I enable SpamHaus Zen and SpamCop:

The last change I make is to add URL blacklists. I have it check the combined SURBL list and blacklist.

After making those changes, click Configuration -> Save Configuration. Then go to Information -> Status Information and choose Start to start the ORF service.

Separately, I also disable any other spam filters. Almost always, I'm replacing the built in spam features in Exchange. I open Exchange Management Console and go to the various hub transport modules and disable any and all spam tests in the anti-spam tab.

1 comment:

Peter Karsai said...

Actually, I would recommend against using Google Public DNS in ORF, because quite many DNSBLs/SURBLs employ throttle control
and they will firewall out DNS servers that exceed a certain quota of queries. When using cloud DNS services, the queries of clients get added together. I have seen similar issues with OpenDNS. Also, you have little control over these servers - for instance, if Google implements domain wildcards or similar "marketing tools" like many ISP do with their DNS, you may run into issues and by the time you find out about the problem, you may have already lost emails.

My usual recommendations for ORF DNS server:

- it should be a local server
- configured to query the root servers directly (as opposed to using ISP forwarders)
- it should not be the server that supports your AD

I am glad you like ORF :)