Viewing the mail server’s error logs Sometimes you can garner additional information about the reason a mail message didn’t get through by examining your e-mail server’s error logs. For example, if your mail delivery fails because of a communication error, the mail server’s error logs may help you to pinpoint the cause of the communi- cation failure. If you’re using a Windows server with Exchange Server as your e-mail gate- way, you can find the e-mail by opening the Event Viewer. E-mail events are logged in the Application log. Other mail gateways have similar logs. How to view message headers To make e-mail more user-friendly, modern e-mail clients hide nasty details such as the e-mail message headers that accompany messages. Sometimes, however, these headers can help track down the cause of e-mail delivery problems. E-mail headers are especially useful if you suspect that a message you receive isn’t from whom it claims to be from. If you reply to a message and your reply comes back as undeliverable, you can look into the message headers to find out the actual e-mail address of the person who sent you the original message. To display e-mail headers in Microsoft Outlook, open the message, and then choose the View➪Options command. This displays the Message Options dialog box; the message headers are shown in a scrollable text box at the bottom of this dialog box. How to deal with spam Spam — not the lunchmeat, but junk e-mail — is another one of the big headaches network administrators have to contend with. Left unchecked, eventually most network users’ inboxes will become filled with spam. For every legitimate piece of e-mail, your users may get 10, 20, or even 50 spam e-mails. This makes it all too easy for the legitimate e-mail to get overlooked. There are three popular methods of limiting the amount of spam that reaches your users’ inboxes: ⻬ Filters: Filters analyze incoming mail and try to identify spam according to its contents. The filter looks for words and phrases that commonly appear in spam. Unfortunately, spammers know all about these filters 219

Chapter 16: Major Annoyances

and are constantly figuring out ways to get their spam past the filters. In addition, sometimes the filters will incorrectly decide that a legitimate e-mail message is spam. Filters are improving all the time, however, and the latest generation of spam filters use a technique called Bayesian analysis that’s very accurate. ⻬ Blacklists: A blacklist is a list of known spammers whose mail is blocked by your mail server. There are several Internet services that publish blacklists you can connect your mail server to. For more information, log on to the Internet and search for spam blacklist. ⻬ Whitelists: A whitelist is the opposite of a blacklist: it’s a list of addresses whose mail you always want to receive. One way to fight spam is to configure Outlook to filter spam. The most recent version, Outlook 2003, has substantially better anti-spam features than previ- ous versions. Alternatively, you can purchase separate spam filtering soft- ware and install it on each client computer. However, the best solution is to set up spam filtering on your mail server. That way, spam will never make it into your users’ inboxes and you won’t have to worry about maintaining anti- spam software on each user’s computer. If your network has more than a few users, you’re much better off running centralized anti-spam software on a server than running a separate anti-spam program on each user’s computer. Help I’ve been blacklisted Blacklists are a popular and useful way to fight spam. But what happens if your own mail server gets entered into a blacklist? In some cases, this happens because your mail server may have security holes that allow spammers to hijack your server and use it to send spam. The most common of these holes is called an open relay. An open relay is a mail server that can be hijacked by spammers so they can use it to send spam. If your mail server is an open relay, it can be taken over by spammers and used to deliver their mail anony- mously. Because open relays are a major source of spam, many blacklists automatically blacklist servers that are configured as open relays. There are many Web sites you can use to test if your mail server is an open relay. To find one, go to a search service such as Google and search for open relay test. Some blacklists are complaint-driven. You get listed in the blacklist if some- one complains that you’ve been sending spam to that person. Unfortunately, it’s possible to be falsely accused, so you may find yourself blacklisted even if you’ve done nothing wrong. And sometimes you get reported because of a misunderstanding. For example, a customer may forget that he or she gave you his or her e-mail address, and then complain to a blacklist when they receive your e-mail. 220 Part III: Network Management For Dummies If you discover that you are blacklisted, the first step is to find out which blacklists you’re on and why. Then correct the problems that caused you to be blacklisted — and ask the lists to retest your server so you can be removed from the lists. Unfortunately, it’s much easier to get on a blacklist than it is to get off of one. Once you’ve been blacklisted, it can easily take several weeks to get off the lists after you’ve corrected the problem. The most comprehensive Web site for solving blacklist problems is relays. osirusoft.com . From this page, you can enter your domain name to discover whether you have been listed on any of the major blacklists. If this site reports that you are on any blacklists, you have to correct the problem that caused you to be blacklisted, and then ask each of the blacklists to retest your site and remove you from their lists. Then, recheck your domain at relays. osirusoft.com to make sure that you’ve been removed. Don’t be surprised if it takes several weeks to get removed from all the blacklists. 221

Chapter 16: Major Annoyances