The fight against spam is getting dirtier. Effective detection is key, but these days even that’s not always enough.
Prevention - that is, keeping the spammers from knowing you exist - is an ideal start in the fight against spam. But it’s almost never a viable approach for businesses, where a visible web presence and publication of email addresses are commercial necessities.
Focus must then turn to the task of effectively detecting spam. Stopping it reaching end-users reduces the irritation of spam and cuts down the risk of users unwittingly bringing damaging viruses or malware into corporate networks. Detection is a fundamental priority - from both a user and security perspective.
Detecting spam is about as challenging as preventing it in the first place, but it is more achievable. Many businesses cut spam to nearly nothing by using intelligent spam filters. The process still requires manual intervention to prevent ‘false positives’ (legitimate messages marked as spam) from being lost in the void; but with the right spam filter organisations can master the tricky art.
So what makes a good spam filter? It’s largely about the quality of the underlying technology and the system’s ongoing strategy for outwitting spammers. Most good spam filters are first and foremost dynamic. They continually adapt their approach to keep pace with changes the spammers make to outwit them. Filtering is a constant cat and mouse game, so however complex and robust filtering technologies claim to be today, the key is to ensure it’s backed by continuous development to ensure it stays that way tomorrow.
There are other approaches to beating spam, such as requesting every sender manually validates themselves as a ‘real’ human being before their messages are delivered into your network. But broadly speaking, the selection and regular maintenance of a good spam filter is absolutely the best and most common approach for beating spam.
The new threat
The filter’s in place, it’s working, and you think the job’s done. Then new challenges emerge.
In recent years spammers have turned to using images and file attachments (such as excel or powerpoint files) as means to avoid traditional spam filters that analyse the text content of emails. Spam filters are getting better at stopping such threats, but that’s not where the danger lies.
The problem is: not only is the number of spam messages increasing year on year, their individual file size is increasing too. Spam messages with images and attachments can be over five times the size of traditional text-only spam messages. This trend means that even if spam filters can effectively detect and filter spam, ever increasing volumes - coupled with larger file sizes - are choking email servers and hogging internet bandwidth.
Spam email accounts for around 90 per cent of all emails sent in the world. If that average is mirrored in your organisation, the absolute volumes of spam - and its collective size - could add up to a considerable and ever increasing cost.
Hosted email security services
In response to this new threat, externally hosted email management and security services are emerging in the marketplace, which stop spam email messages from being delivered to a business’s network in the first place.
Such a service provides spam filtering alongside external hosting of quarantined emails. Each product is different, but typically they offer protection from all common types of threat, including traditional spam, phishing, viruses, and denial of service attacks. Many services also offer user-friendly reporting portals for IT departments and end-users to see reports on quarantined emails, and quickly pick out legitimate emails for subsequent delivery.
Because quarantined emails are hosted remotely, the headaches of storage and bandwidth concerns are removed. In addition, the spam filtering technology is updated dynamically and remotely, which means IT departments need no longer worry about maintaining in-house solutions.
Outsourced services won’t be to everyone’s taste, but in a world where spam volumes are increasing every day, it’s one option which places the burden elsewhere. For larger businesses, that primarily means reducing the costs associated with bandwidth and storage. For large and small businesses, it means the task of keeping spam filters up to date is no longer a costly burden on the IT department’s time.
Whatever your view on outsourced services, the fundamental principle of such services is: in the fight against spam, it’s better not to let it get into your network in the first place. That sounds like a sensible approach, possibly even one that might be worth considering.
More info - Top ten tips for avoiding spam at the NCC Principia website
0 Response to “Fighting spam”