Gaurav What about more intelligent rate-limiting options such as, the likelihood that a newly created account would get 500 e-mails in the first week is quite low?
Ron_Anderson > That's a guess, like key-word filtering. It may be accurate, but what if the new user is a prolific emailer
BarryIT Ron, how beneficial is quarantined email? I've seen the amount of mail generated by a antispam engine to outweigh the spam it's catching.
Ron_Anderson > So in that situation you'd need to tune the quarantine threshold. At two tier approach that deletes spam and quarantines suspected spam is best.
MrMike Which filtering type do you prefer/recommend? keyword, community, bayesian, etc?
Ron_Anderson > An intelligent combination is probably best although one vendor (Greenview Data) catches 95% of the spam they catch using a (URL/Phone Number filter).
Gaurav But for these more intelligent rate-limiting options, shouldn't an appliance offer some sort of alert for an administrator? It doesn't have to be a hard-and-fast rejection of the e-mails, just initiating a warning to the admin.
Ron_Anderson > That would be fine. Anything that reduces spam without limiting real mail is good.
MrMike I've never heard of that approach. Is that like a whitelist?
Ron_Anderson > No. They identify URLs and phone numbers associated with known spam. Since all spam asks you to click here or call this number it makes a lot of sense.
Gaurav Could you please specify any other open-source software that Barracuda used? Does Barracuda allow for the ability to directly modify the configuration files of these programs?
Ron_Anderson > I'll direct you to Barracuda for the first part. For the second, no.
radjr What is the best standalone appliance for a small business with a dedicated t-1 on which all the machines sit. Is the barbedwire appliance a good way to go, or should we sign up with a service like managedinet.com that supplies the box and remotely configures/upgrades?
Ron_Anderson > Any of the three types of solutions we tested would work. The best solution depends on your needs.
BarryIT Ron, for adaptive filters, do they lose effectiveness over time? Do the outsmart themselves?
Ron_Anderson > Adaptive filters can be poorly trained and would then lose their effectiveness. One guy was telling me that he installed an adaptive filter for his mother. She got the training reversed and was only able to receive spam. I don't know if that's true or not, but is an interesting story.
Gaurav How well did the products you saw respond to user/group specific configuration? Do you feel that this is a area that needs to be explored more?
Ron_Anderson > Some were really good about adapting to individually user's needs. The report card includes scores for each product on end-user controls.
MrMike what are the downsides to outsourcing with someone like managedinet?
Ron_Anderson > The biggest reservation I hear is privacy concerns since a third party has access to your mail.
BarryIT A beautiful urban legend there.
Ron_Anderson > It puts a smile on my face!
MrMike Where did the products suffer the most in your review? What do they need to improve on?
Ron_Anderson > The products that require up-front training and that didn't perform a deep header analysis suffered worse. Out-of-the-box accuracy is the most critical feature.
Gaurav Actually Ron, I believe that the adaptive filter scenario you are stating is quite possible. It has been found that if one is not careful with g..a..p..p..y words or keyword variants, Bayesian filtering can end up marking all mail as spam.
Gaurav Is multi-lingual spam support of much use in spam products? Do the products you saw have a powerful enough grasp over non-english spam, as they did with english spam?
Ron_Anderson > Sorry, we didn't test that aspect of these products.