Octavecomm

As of April of 2004, the Oxford English on-line dictionary still defines spam as “1. The proprietary name of a type of tinned meat consisting chiefly of pork; also (with lower-case initial) applied loosely to other types of tinned luncheon meat.” Webster’s on-line dictionary offers a second definition: “unsolicited usually commercial e-mail sent to a large number of addresses.” This article focuses on managing spam email, the methods, processes, policies, and tools used to control the flow of unsolicited email messages.

Companies still struggle to keep up with spam volume and attack tactics years after spam first became a serious problem, and many see a continued investment drain for spam management. To keep a step ahead of spammers, organizations should adopt a hybrid of filtering solutions, strengthen this connection to management technologies, and treat anti spam as part of a wider email content security strategy that includes content protection and compliance.

There are excellent spam filtering appliances like Barracuda that sit on your DMZ or just outside your firewall, but these systems have a few issues that make them a less than optimum solution.

Firstly, they let spam get into your network, wasting bandwidth that you pay for.

Secondly, someone in your IT department has to manage them. Make sure their filter rules are kept up to date and that the systems are kept up and running.

Lastly, they tend to be less secure. They usually have either no anti-virus protection or only one layer, and don’t offer strong protection against directory harvest attacks and denial of service attacks.

Given these factors, what is a better solution? I think that hosted web based spam filters like Postini are a better answer to the problem of spam.

Postini uses both McAfee and Authentium antivirus services. The McAfee AV engines are updated every 15 minutes and have a high rate of virus detection for known viruses. They recently added Authentium protection to combat “zero-hour” (unknown) viruses. The Postini anti-virus engines also stop “Phishing” attacks from entering into your enterprise.

The service also has excellent protection against denial of service, email bomb and directory harvest attacks.

Their systems will also monitor your SMTP servers, alert you when they are down and begin spooling mail as necessary. We also use monitoring and alerting from our ISP, The Diamond Lane, as well as from a web based service called Mailive giving us end to end and multi-layered monitoring of our email systems.

Each user has an account that gives them access to the Postini web site. They can go there to view quarantined emails, to add domains and addresses to their accepted and blocked email lists, as well as to change the tolerance of the filters.

Postini gives you control for 5 separate filters: Bulk email, Sexually explicit, Get rich quick, Special offers and Racially insensitive. Users can choose their level of protection against each on a sliding scale of 1 (lenient) to 5 (aggressive).

The mail administrator can also set up defaults for these filters, as well as for the allowed and blocked lists but the user’s settings override the “domain” configurations in these areas.

Cheers :p