The Ravages of Spam
Non-profits send out newsletter blasts, post their email addresses on the website, and of course the out-of-office responder. There is also the sweet, good-natured staff person (which is nearly everyone since it's a non-profit) who will click away at everything. All this combined with the attitude to ignore something until it is too late results in an organization inundated with spam. This is what I have concluded is the main problem with the Exchange server. Over the last three days I've marveled at the speeds at which folders open (1.5 minutes) and how quickly our branch office staff get their POP3 emails (6 hours). Today the BadMail folder h ad over 3600 items four hours after I purged it. I was wondering where the T1's bandwidth was going.
I feel there are three possible solutions:
1: Network/Desktop software. This is usually the cheapest solution and works adequately but requires regular tweaking. A product like IHateSpam (link) allows each user to do some custom tweaking using a Blacklist, Whitelist, and Quarantine folders. This is nice but, as I discovered at my last job, users tire quick and stop doing it. Additionally, a software-based spam filter only makes the server work harder to filter spam while it is getting hit with all of it. All the while bandwidth continues to get used up.
2: Appliance. Stick an anti-spam network appliance between the Internet connection and your network and you could have a great solution. The server is no longer being hit by thousands of junk emails nor working to filter. Out-of-office responses don't confirm to spammers that the email address exists since it never gets to the mailbox. However, this won't work if the purchase is in response to overwhelming spam because even with the appliance, bandwidth will continue to be hogged by junk mail.
3: Spam hosting. Mail is filtered through an outside filter, sending only clean, relevant, kind-to-bandwidth emails. This seems to be the costlier of my three options but unfortunately this may be my only solution since the spam problem has become impossible. I haven't even begun to do research enough to know which services are worth the money.
Ideally I would think that an appliance should be put in place at the creation of a new domain, before the first shred of spam arrives. Sure, eventually spam will eat up your bandwidth and a spam hosting solution will probably be necessary, but this will occur nowhere near as quickly as when nothing is done to combat spam from the very beginning. Look, you don't install a firewall after you've been hacked, so why do we wait for spam to arrive first when we know it multiplies quickly. Additionally the appliance will save the organization money in the long run since reliance on spam hosting will be postponed for a good while longer. Do it!
I feel there are three possible solutions:
1: Network/Desktop software. This is usually the cheapest solution and works adequately but requires regular tweaking. A product like IHateSpam (link) allows each user to do some custom tweaking using a Blacklist, Whitelist, and Quarantine folders. This is nice but, as I discovered at my last job, users tire quick and stop doing it. Additionally, a software-based spam filter only makes the server work harder to filter spam while it is getting hit with all of it. All the while bandwidth continues to get used up.
2: Appliance. Stick an anti-spam network appliance between the Internet connection and your network and you could have a great solution. The server is no longer being hit by thousands of junk emails nor working to filter. Out-of-office responses don't confirm to spammers that the email address exists since it never gets to the mailbox. However, this won't work if the purchase is in response to overwhelming spam because even with the appliance, bandwidth will continue to be hogged by junk mail.
3: Spam hosting. Mail is filtered through an outside filter, sending only clean, relevant, kind-to-bandwidth emails. This seems to be the costlier of my three options but unfortunately this may be my only solution since the spam problem has become impossible. I haven't even begun to do research enough to know which services are worth the money.
Ideally I would think that an appliance should be put in place at the creation of a new domain, before the first shred of spam arrives. Sure, eventually spam will eat up your bandwidth and a spam hosting solution will probably be necessary, but this will occur nowhere near as quickly as when nothing is done to combat spam from the very beginning. Look, you don't install a firewall after you've been hacked, so why do we wait for spam to arrive first when we know it multiplies quickly. Additionally the appliance will save the organization money in the long run since reliance on spam hosting will be postponed for a good while longer. Do it!
FeedBurner
4 Comments:
IME outside spam filters are only part of the solution; the ones I've tested don't trap as much spam as I'd hoped.
Some mail servers can be configured with things like SMTP prompt delay, and reverse connection check, to help stem the tide. There's also greylisting, which works very very well. pros and cons to each. I'm not familiar w/ Exchange configuration options.
From one nonprofit IT manager to another, best of luck! Fight the good fight, my friend.
PS--if you could set up an RSS feed, that'd be great; the site's current atom.xml doesn't seem to work.
By Oscillations, at 22 June, 2006 12:44
Hey, I love your blog. Reminds me of me.
Spam is certainly a huge problem. Do you have Exchange Intelligent Spam Filter installed? If you're using Exchange Server 2003, then get that.
We used to have desktop spamcatcher installed, but the server and bandwidth labored. We ended up upgrading our server to SBS2003 just to get the spam filter with it.
By stressed out, at 28 June, 2006 15:26
Thanks for the info and support, guys. I've only got Exchange 2000 running on Windows 2000 but hopefully that changes soon.
By IT Manager, at 28 June, 2006 21:57
My Exchange Server was also getting flooded. Yesterday, in addition to client side filtering, I tried out a simple SMTP filtering tool (SMTPTRACKER). All it does is query various dns blacklist servers. So far the results are promising.
By Anonymous, at 02 August, 2006 17:40
Post a Comment
Links to this post:
Create a Link
<< Home