4. Enlist your users to help maintain your whitelist
Your users are constantly developing relationships with new clients, vendors and other contacts, which means that if you rely on a whitelist of trusted senders, it needs to be continually updated. Lucio Gonzalez, a system specialist and e-mail administrator at South Texas College in McAllen, appreciates it when employees at the college tell him about their new contacts -- for example, when the college gains new suppliers.
He adds them to his whitelist, and messages from these senders get through more quickly and don't risk being flagged as spam. Periodic reminders to your users to keep the IT department informed of new contacts will save everybody time and hassle.
Better yet, suggests Andrew Lochart, vice president of product marketing at e-mail security vendor Proofpoint, let users set their own spam filter parameters. In his words, spam, like beauty, lies in the eye of the beholder.
Although few people want the male enhancement or online pharmacy ads, some business travelers, for instance, might want their weekly notices from Delta Air Lines or Hertz. Such flexibility ultimately benefits both an end user and an e-mail administrator by reducing efforts by both of them to recover false positives.
5. Choose blacklists and reputation lists wisely
If your organization relies on a blacklist or reputation list to stop spam, Jennings urges you to consider carefully which one to use. He points out that many spam filter products let the customer configure the product as to which blacklist, if any, to use.
When choosing a blacklist, Jennings recommends that you check the management policies of the lists. For example, some blacklists and reputation lists are driven purely by user complaints, says GWU's Briggs, and relying on them will invariably lead to false positives.
Not sure where to start? Ask your spam filter vendor for recommendations, suggests Jennings.
It's also important to keep up with the status of your blacklist or reputation list. Jennings cites the example of ORDB, a blacklist that was shut down in 2006, but which nonetheless still received queries from systems following the shutdown. These queries, according to Jennings, overwhelmed the servers that had housed ORDB, preventing the former ORDB administrators from doing other work. (In other words, the queries amounted to a denial-of-service attack, unintentional though it was.)
In early 2008, to stop these queries, the operators brought ORDB back online but set it up to flag every IP address reported to it as a spam source -- the only way, they believed, to gain the attention of e-mail administrators and get them to stop querying ORDB. Had these administrators been more alert to begin with, they would have investigated, discovered that ORDB was going away and redesigned their procedures accordingly, without requiring drastic measures from the ORDB operators.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Mimosa™ NearPoint™ for Microsoft® Exchange Server: Email Archiving 101
Strategies for Eliminating .PST Files
Email Archiving 101—Customer Case Study
Wireless LANs: Is my enterprise at risk?
Delivering the Power of Choice with Microsoft Dynamics CRM
Refresh your AUP: Top tips to ensure your acceptable use policy is fit for purpose
Achieving the impossible: Unlimited application scalability
Security Inside Out
Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Vignette Announces 2008 Excellence Awards 2008-11-21 10:50:00+11
PGP and Ponemon Institute Unveil Inaugural Australian Data Breach Study 2008 2008-11-20 17:34:00+11
Symantec Cloud Services Transform Data Centre Operations Through Proactive Management 2008-11-20 12:06:00+11
Verizon Business Offers Tips to Building a Successful Unified Communications and Collaboration Plan 2008-11-20 12:04:00+11
AARNet Brings 4K Digital Cinema to Australia: First 4K HD Video Signal delivered into Australia by AARNet 2008-11-20 12:02:00+11
Best Practice in Building an Integrated Information Management Strategy
Discover the business value that creating an integrated information platform can bring. Learn how to provide consistent, accurate information to all stakeholders within your business network. Integrate vital data from disparate sources and deliver a trusted information foundation. Read on to uncover the stepping-stones to your new information management strategy.
Buying Guides
