Kill unwanted spam with cost-effective measures

by L. Gary Boomer

Unwanted e-mail, commonly known as "spam," has grown in most firms at such exponential rates in the past six months that many firms are now willing to invest in solutions that reduce the influx of junk e-mail.

As a cost-conscious CPA, I did not want to invest significantly in a solution, but was forced to act by the growing amount of time being spent on managing unwanted e-mail. I am happy to report that we have reduced the amount of spam that arrives in our inboxes by approximately 75 percent and eliminated 99.9 percent of all e-mail-borne viruses.

The benefit from reducing the amount of spam that reaches your mailbox is more than just convenience. It takes a person an average of 10 seconds to identify and delete one piece of junk e-mail, and this average doubles if they open messages prior to deleting them.

While 10 seconds doesn’t sound like much, when you multiply that by 20 to 30 messages a day - which is a conservative estimate - the wasted time adds up quickly. And if you have staff that travel, the time savings during remote synchronizations alone will more than pay for the investment in a few months.

We decided that any solution had to:

  • Reduce the amount of unsolicited e-mail reaching users’ mailboxes;
  • Filter e-mail attachments both inbound and outbound;
  • Protect against viruses and malicious embedded scripts;
  • Require minimum administrative overhead;
  • Include logging and reporting features; and,
  • Be cost effective.

To meet all of our requirements we decided on an in-depth defense utilizing a combination of technologies and products, including an open relay filter from Vamsoft (www.vamsoft.com ) and anti-spam systems from GFI (www.gfi.com ).A large percentage of spam is sent using open relay mail servers or open proxies. An even larger percentage comes from known sources, such as Internet service providers that tolerate clients sending spam from their networks or known e-mail marketing companies.

Many organizations and individuals on the Internet have established databases - Domain Name System Black Lists - which list addresses of these known spam sources. Open relay filters monitor incoming Internet mail sessions and block all the traffic from those sources listed on the blacklist, enabling you to stop the spam even before it reaches your mail server.

After the mail server accepts the source of the message, the message will be scanned at three different places, any one of which can delete or quarantine the message. The message will first be examined by our firewall, where all mail messages are scanned for forbidden attachments, any type of script file or batch file that could possibly carry a virus.

If a forbidden attachment is found, it is stripped from the message and the intended recipient is notified that an illegal attachment was removed from the message. The message is next passed to Mail Essentials, an anti-spam product from GFI, which compares words and phases in the subject line and body against a user-defined list.

If the message is deemed to be spam, it may either be deleted or moved to a folder for review. I recommend that while developing your rules, you move the spam to a folder so that any messages that are deleted due to a false positive may be recovered.

The final step that a message will pass through before being delivered to the end user’s mailbox is a scan by Mail Security, also from GFI. This is where we ensure that the message and any attachments are free from viruses or any other destructive payloads. One of Mail Security’s unique features is its use of three different anti-virus engines to analyze each e-mail; this reduces the chances that a new virus will be missed.

Mail Security can also analyze the content of all inbound and outbound messages and attachments to ensure that all of your bandwidth is not being used to trade digital music or pictures of the family vacation.

While it sounds complicated, the system took just one day to implement and configure. The only administrative overhead that we incur in its upkeep is the refinement of the user-defined rule list and review of the deleted messages.

We review the messages deleted by Mail Essentials daily and have had no false positives since the first week. We have set up a public folder where end users can forward any spam that they do receive. We then review the messages from this folder weekly and use our findings as a basis to better define our existing rule sets.

The time invested in both of these activities amounts to less then 30 minutes a week. The configuration, which protects 25 mailboxes, cost less then $1,000, excluding implementation time. We estimate that we recovered the cost of software and implementation in less then a month through time saving, alone.

It has also identified and deleted numerous virus-carrying messages. Remember nothing will stop all of your spam, but you can reduce the majority of it. This is not the only solution, but it will reduce spam in firms of all sizes - and it’s affordable.

For reprint and licensing requests for this article, click here.
Technology
MORE FROM ACCOUNTING TODAY