The SPAM War Escalates

A recent spam hoax is a tough reminder of how vigilant we must be in the battle against unwanted mail.

May 7, 2004

1 Min Read
Network Computing logo

Can IT nip this in the bud by implementing antispam tools with an overly aggressive rule set? Theoretically, yes--but a policy of "better to bounce than be spammed" is too draconian. Users don't like finding their e-mails in quarantine (see page 42 for our analysis and reviews of spam filters).

There's nothing wrong with configuring your spam- and malicious content-prevention tools to drop blacklisted IP addresses, require PTR records, bounce executables, sanitize URLs and do some Bayesian scanning. But beware: Vulnerabilities are discovered every day, and miscreants are endlessly inventive.

A belt-and-suspenders approach to security will minimize damage from all attacks. "Least privilege" configurations for inbound and outbound traffic--"permit what is allowed, but deny all else"--can stop many Trojan attacks. Ultimately, this type of network hardening will make your system safer from all attacks, not just mal-spam.

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights