So much spam incoming to WorkMail

3

I'm getting spam messages on the order of 40, 50, or sometimes even more per day bypassing whatever spam filters are on WorkMail and going straight into my inbox. I've been researching this for months, trying everything I can think of, and it seems like nothing's working. Enabling the anti-spam feature in SES did absolutely nothing (I don't use SES for email sending). It's gotten to the point where I just want to migrate off WorkMail because this is so unbelievably bad. Has anyone had any success dealing with spam in WorkMail?

eakm
asked 2 years ago2099 views
2 Answers
1

Hi,

Thank you for the details. DMARC enforcement will help to drop emails if they are failing DKIM or SPF checks. Unfortunately we do not have an API to add or import the domains to Email flow rules. You can setup a SES receipt rule using lambda to check SPAM providers but it requires some development task to setup lambda (https://aws.amazon.com/premiumsupport/knowledge-center/block-email-domain-ses/ ).

We understand that it is not an ideal solution for block SPAMs. But WorkMail service team is working on improving the same.

DineshR
answered 2 years ago
0

Hi, WorkMail or SES will scan the emails and block viruses or Emails from known spammers. The scanning is not strict to avoid false positives. To prevent incoming SPAM emails, did you get a change to try below options?

  1. Enable 'Dmarc enforcement' for incoming emails from Organization settings. It will check for DMARC policy for incoming email domains and take action per the sender domain policy if the email did not pass DMARC alignment - https://docs.aws.amazon.com/workmail/latest/adminguide/inbound-dmarc.html
  2. Use Inbound Email flow rules to block Senders or Email domains of SPAM emails - https://docs.aws.amazon.com/workmail/latest/adminguide/email-flows.html#email-flows-rule-actions , this is a manual task and you need to add the domain or sender email to setup the rule. You can add multiple sender email in same rule (with in the workmail limit - 1000 domains per organization).
DineshR
answered 2 years ago
    1. DMARC enforcement is turned on.
    2. Do I really have to add each domain or email manually? Can I import a known spammer list, e.g. from Spamhaus?
    3. Is there a way to increase the strictness or detection threshold? It seems like it's set way too low.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions