Upgrade Your New PDF Acrobat Reader Hoax – Part III

A new email is doing the rounds with the following Subject Line:

Action Required : Upgrade Your New PDF Acrobat Reader

The Body of the emails is as follows:

ADOBE PDF READER SOFTWARE UPGRADE NOTIFICATION
This is to remind that a new version of Adobe Acrobat Reader with enhanced features for viewing, creating, editing, printing and internet-sharing PDF documents has been released.

To upgrade your application:
+ Go to http://www.adobe-acrobat-software.com
+ Get your options, download and upgrade.
Thanks and best regards,
John William
Adobe Acrobat Reader Support
Copy rights Adobe 2010 © All rights reserved
1022 Marrinbird Rd | Merryton | CA | 91523 | USA

As usual, this is a hoax and the download link takes you to the same convincing website that has previously been linked where there are Testimonials saying how wonderful the product is etc.

DO NOT BE FOOLED – This is not a valid Adobe Product. Please read their response to this and the other very similar hoaxes:
http://blogs.adobe.com/psirt/2010/09/alert-adobe-reader-upgrade-email-spamphishing-scam.html

The website it takes you to looks like this:

The Adobe Acrobat Reader Hoax Website looks very convincing but do not be fooled.

How to prevent Spoofed Emails in Exchange 2003

Spammers use all type of techniques to get their rubbish through to you and one technique that they use is called spoofing, whereby they forge the sender address and use your own email address, or someone@yourdomainname.com as the sender address.

There are various ways to combat this and in Exchange 2003, you can do the following:

• Setup Sender Filtering to stop inbound emails that are supposedly from your own domain name.
• Setup Tarpitting to slow down spammers who try to determine the email addresses that are sitting on your Exchange server.
• Setup a Sender Policy Framework (SPF) record for your domain.
• Setup Sender ID filtering to check SPF records for inbound email and reject ones that fail.
• Setup Recipient Filtering (won’t solve the spoofing problem, but it is highly recommended to set this up too)

To set these various Anti-Spam techniques up, you should first check that you are using Exchange 2003 Service Pack 2 by opening up Exchange System Manager, expanding Servers, then click onto your server and then right-click on your server and choose properties.

The screen that follows should advise you what Service Pack your Exchange Server is on.  If it does not say Service Pack 2, please visit the following link to download and install it:

http://www.microsoft.com/downloads/details.aspx?FamilyID=535BEF85-3096-45F8-AA43-60F1F58B3C40&displaylang=en

If you are already on Exchange 2003 Service Pack 2, then please review the following articles to setup the various Anti-Spam techniques:

• Sender / Recipient Filtering – http://www.msexchange.org/tutorials/Sender-Recipient-Filtering.html
• Tarpitting – http://support.microsoft.com/kb/842851
• Sender Policy Framework – Visit http://old.openspf.org/wizard.html to create an SPF record for your domain then add the SPF record to your domains DNS records as a Text record with the Wizard results as the detail of the record.  An example SPF record looks similar to the following ; v=spf1 a mx ip4:123.123.123.123 mx:mail.yourdomain.com -all
• Sender ID Filtering – http://www.msexchange.org/tutorials/Configuring-enabling-Sender-ID-filtering-Exchange-2003-SP2.html

Once you have setup the above, you should be free from spoofed emails claiming to come from anyone@yourdomain.com or from your own email address to yourself!

As an alternative to the above, you could simply install some Anti-Spam software and one product that I have been using recently after being recommended it by a Microsoft Exchange MVP is Vamsoft ORF which is currently priced at $239 per server and has drastically reduced the amount of spam that I have been receiving and now my customers who also have Vamsoft, have also seen a dramatic reduction in their spam levels too.  Their website is www.vamsoft.com.