Sure, everyone loves to hate e-mail. We're all inundated by it, and much of it is junk or, worse, malicious. And yes, it's been tough to stay ahead of the spammers--for years it seemed like all we could do was react, and pray. But why all the anxiety? E-mail is one of the most mature and stable systems in IT today. And we've learned that we can beat the spammers by deploying and updating the right combination of reactive tools.
Spambusters 'r' Us
I was shocked when I realized I wasn't worried about spam anymore, but my strategy seems to be working, at least so far. I use a combination of real-time blacklists, local blacklists and spam traps as my first line of defense. Mailshell's SpamCatcher, an antispam engine, analyzes each message that makes it past that boundary, applying heuristics--pattern matching based on content and header analysis, for instance--to determine the probability that the message is spam. Messages that make the cut get bounced to the intended recipient's quarantine folder.
It takes each user only a couple of minutes a day to scan through that folder and find the few false positives--messages that should have made it into the inbox--and another couple of minutes to scan the inbox for false negatives--messages that shouldn't have gotten in--and delete them before they can do any serious damage. It's not an ideal process, and
I still have to do some fine-tuning of my spam filter, but it's a far cry from the days when chronic spam was uncontrollable.
Even self-replicating e-mail viruses can be contained a lot faster than ever before. Most astute IT managers and administrators installed filters on their mail servers to block incoming messages that contained SoBig.F within a couple of hours of that nasty bug's discovery, minimizing the toll it took.
I blocked more than 8,000 infected messages on our relatively small editorial server during the first week that SoBig.F was on the loose; I've heard that some larger servers blocked up to 300 infected messages per minute. Of course, that approach wasn't perfect either. Many mail servers quickly became overloaded, and some ended up out of commission for a while.
Still, the imperfections in current e-mail filtering technology are a small price to pay for the benefits the technology provides. And you can usually find any number of solutions to get your organization over the rough spots. So while spammers always seem to have some new tricks up their sleeves, and they're constantly developing ways to get around our deterrents, legitimate developers are working just as hard, if not harder, to beat them at their dirty games.
Meanwhile, my users are breathing a collective sigh of relief because they were spared the effects of SoBig.F and other recent threats. And if they're happy, I'm happy. So what's to worry about?
Post a comment or question on this story.
--Ron Anderson, randerson@nwc.com
RSS
