|
The options available to mitigate the problems of e-mail spam in the enterprise are varied. Just as varied is the variety of definitions of spam today. These factors often lead to some confusion about what a particular anti-spam (or anti-fraud or anti-virus) solution may or may not do. This paper demystifies the anti-spam market and its various choices and buzzwords to help you cut through the hype and focus on the basics: determining what features you need, whether a solution you are considering includes them, and to what degree. It also defines the important key elements that an anti-spam solution should have to ensure that your investment will be a solid one for years to come.
Spam is Spam
Ads, fraud schemes, urgent requests for help, porn, virus attachments, phishing attempts ? these are all examples of e-mail "spam" (junk or threatening e-mail) that affect organizations and end-users today. The market for solutions to stop this spam can seem overwhelming, and common pricing strategies imply that there is a difference between types of spam, or that different solutions are necessary to combat different kinds of junk e-mail.
But these distinctions are misleading. The truth is, the techniques spammers use are common across all varieties of spam. For example, spammers frequently use virus and worm-infected machines to send spam, and virus writers increasingly use spamware to distribute their work. Likewise, spammers seeking to steal money or identities (phishers) use the same techniques as commercial spammers seeking to sell the latest wonder drug, as do scammers hoping to convince you to transfer $10,000 to a special bank account in Nigeria.
Spam-Fighter's Cocktail
Three primary types of spam fighting solutions are available today:
-Client-side solutions reside on individual users' machines. Distributed support requirements and license fees make them unsustainable in enterprise environments, it locks an enterprise into particular client vendor, and mobile and webmail users may not be able to access the solution.
-Outsourced (third-party) solutions require an enterprise's e-mail to be routed through third-party servers for filtering. Their primary drawback is the loss of control over an enterprise's e-mail and its filtering techniques.
Server-based solutions come in the form of software and/or server appliances, and act as a gateway between the Internet and the e-mail server. This paper deals with server-based anti-spam solutions.
Scalable, Server-Side Architecture
Server-based anti-spam solutions are preferable for enterprise environments because they can fully protect your network and users from spam and viruses with minimum administrative burden. But, with spam and e-mail borne virus attacks increasing mail volumes exponentially, server-based must be truly scalable. Look for solutions with streamlined architectures and technology and cost flexibility.
For example, ensure that you can configure the solution to filter out viruses before spending resources filtering for spam. Also ensure that the solution can be set to filter particular types and sizes of e-mail before performing content-based filtering. These techniques contribute to a streamlined e-mail filtering architecture. Finally, look for a solution that is priced per-user and not per-server. Per-server pricing puts you at a disadvantage because as mail volumes grow, you have to spend more to keep the solution effective by scaling it across more servers.
Integration with Existing Environment
You likely already have various systems in place related to e-mail and you need to add spam-filtering capabilities. That should not require you to change your existing systems. Look for a solution that will work within your existing mail environment (i.e. mail server, O/S, mail transfer agent, etc.). Also, be sure to ask whether the solution will integrate with your existing user authentication infrastructure (e.g. LDAP, custom databases, Sendmail database, etc.) and anti-virus software.
Equal-Opportunity Pricing
The anti-spam solution you select should not require that you pay more for filtering different kinds of spam. Spam is spam, and spammers should never be allowed to dictate what you spend on a spam-fighting solution. The best approach in evaluating and selecting a solution is to begin by establishing the capabilities and features that you really need, then find a comprehensive solution that provides these.
|
