The fact that Microsoft has said it may add more spam-fighting features to Exchange 2003 should come as no surprise,...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
given that many Windows administrators consider controlling junk e-mail to be a priority.
But rather than wait for the upgraded product to come out, many Exchange customers are busily adding third-party software -- with great success -- to slice spam down to more manageable levels. The problems caused by unwanted e-mail are twofold. Not only does spam put a crimp in productivity, but it tempts employees to click material that could be offensive at best, viral at worst.
For Marvin F. Poer & Co., a Dallas-based tax consulting firm, the battle against spam began when the pornography started to trickle in. The company purchased anti-spam software from Nemx Corp., an Ottawa software company, and was immediately able to trap and delete more than 650 spam e-mails per day using basic content filtering and spam filtering.
Joe Garrett, systems manager for Marvin F. Poer & Co., said that he recently added a new software module called a "concept manager," which uses fuzzy logic and a weighted scoring system to help identify spam. The module cuts down on the number of false positives, which are legitimate e-mails that get tagged as spam and therefore blocked from the Exchange server. "I haven't looked at the numbers yet since installing the new module, but I know the amount of spam I am receiving has dropped," Garrett said.
Spam is a sore spot with IT managers, particularly since it is creeping into enterprise e-mail accounts at faster rates. The cost of fighting spam is also rising, right alongside the cost of battling viruses and other unauthorized communication.
Meta Group, a Stamford, Conn., consulting firm, said in a 2002 report that expenditures on so-called hygiene tools, such as anti-spam and antivirus protection, will grow from $12 per user per year in 2002 to $30 per user per year in 2006. Separately, a study released earlier this month by Ferris Research of San Francisco said that spam cost business customers a hefty $8.9 billion last year.
Analysts said that Exchange is no more vulnerable than any other mail system, but it does tend to be the target of more viruses than IBM Corp.'s Domino or Novell Inc.'s GroupWise.
Until a few years ago, the spam problem was mostly limited to organizations like ISPs or to e-mail associated with Web portals. With more attacks on corporations, there is a desire and a need for heartier and more robust filtering capability, said Dana Gardner, an analyst at the Aberdeen Group, Boston.
One problem with general spam filtering is the potential for weeding out good e-mail -- the so-called false positives. Customers are now in the position of weighing the cost of getting some spam versus the cost of losing some essential messages, Gardner said.
There are lots of products on the market that fight spam, but the market is somewhat immature, according to Matt Cain, vice president at Meta Group. Some of the well-known vendors that sell spam products today are Ciphertrust, Tumbleweed, Postini, Network Associates' McAfee division, Symantec, Brightmail and Nemx.
Garrett had checked out a spam service that forwards all e-mail and scans it before funneling it back through the Exchange server, as well as a spam filter made by McAfee. Both were rejected for their high price tags, and the McAfee software proved too complicated.
Marvin F. Poer & Co. has 200 employees in 13 locations and only two Windows administrators. "Overall, the other two options were more work than I was willing to spend," Garrett said. "There is just myself and another administrator, so we try to be efficient."
Meta Group's Cain recommends that all companies deploy what he calls mail "hygiene servers" or use a hosted service to battle not just spam, but viruses and denial-of-service attacks. A denial-of-service attack can include a buffer overload attack, a mail flood and dictionary harvest attacks. The servers also filter content and prevent mail relays.
FOR MORE INFORMATION:
Article: Titanium now Exchange Server 2003
Featured Topic: Goodbye Exchange 5.5. Now what?
Article: Spam a costly nuisance
Interview: The changing role of Exchange
Best Web Links on Exchange
Ask our expert an Exchange question