Single User Spam RSS Back to forum
@Lee:
Unfortunately, ORF does not support per-recipient rules, the configuration is "global", but perhaps we could take a look at your current configuration to see whether it can be optimized any further (without false positives).
Please send us your system description (OS and Exchange versions, perimeter and back-end servers, which server relays to where, firewalls, proxies, secondary MXs, other software which may affect the email flow, etc.), your ORF configuration file called orfent.ini, and your recent log files from the past few days (orfee-<date>.log files) to (along with the email address of this particular user). The above mentioned files are located in the ORF directory (Program Files \ ORF Enterprise Edition or Program Files (x86) \ ORF Enterprise Edition by default).
We will look into this. Also, how many emails does this user receive a day, and how many of them is blacklisted by ORF currently?
I have a single user who is getting a lot of spam. I have tried many different things to cut down on the spam.
-Greylisting
-DNS Blacklists
-Blacklisting entire /24 subnets that are generating the spam
-Increasing the greylisting rejection time to 1800 seconds
The changes have helped a little bit, but the user is still getting 30 or 40 spam messages everyday.
Here is my question. Is there any way that I can make spam filtering changes that only affect this user. I don’t want to tighten up spam filtering for everyone because it will result in more false positives. However, I would like to reduce the spam for this one user.
For example, can I increase the greylisting time for just this user to 60 minutes? Are there any other ways that I can tighten spam filtering for just this one user?