If you work for a small company with a small IT staff, spam can be a big problem.
TechRepublic member Curtis Birnbach, president of electro-optics company Hudson Research, embarked on a five-layer mail filtering implementation to help reduce the amount of spam employees had to delete.
Hudson Research receives between 400 and 800 e-mails a day, of which about 85 percent comes from China. The layers are:
This combination eliminates all but 50 to 100 messages, Birnbach said. "The biggest problem is that our two Web sites attract spiders through the "info@xxx" general addresses. We can eliminate the bulk of the remaining spam by adding JavaScripts to the site, but that would compromise the ability of our sites to go through firewalls without requiring entries into the firewall database."
"We have always tried to maintain the maximum level of availability on our sites by minimising the number and types of JavaScripts and using code that is highly cross-platform compatible," he said.
Birnbach added: "We have elected to put a substantial portion of our defenses on the client rather than the server as it makes our system less vulnerable. It is annoying to administer, but worth the effort as it has prevented virus- and worm-based attacks. Given the number of security holes in Windows servers, the client-based approach has obvious benefits. It works. The spammers are not anticipating this, and they focus their attack on the server. While we take as much care as possible to protect our servers, they are but one layer and a deception as far as the spammers are concerned."
At this point, Hudson Research is faced with the choice of rewriting a substantial portion of two Web sites to mitigate the problem or continue to spend about a half hour per day on directly spam-related screening.
"We tune our various filters to block primarily by domain, secondarily on key words. Due to the highly specific and technical nature of our products and services, we block all mail from non-NATO countries. However, advanced spammers routinely send mail through third parties, particularly through free services such as Yahoo, MSN, Lycos, etc. These services represent one of the biggest problems facing us as we also get a portion of legitimate e-mail through these ISPs and cannot afford to summarily block these services.
"I can tell you that the impact of spam on small businesses is proportionally greater than the impact on large businesses. We have less manpower, less money, sometimes no IT department at all, and to devote even a half an hour a day to this issue is a terrible burden," he said.
TechRepublic is the online community and information resource for all IT professionals, from support staff to executives. We offer in-depth technical articles written for IT professionals by IT professionals. In addition to articles on everything from Windows to e-mail to firewalls, we offer IT industry analysis, downloads, management tips, discussion forums, and e-newsletters.
©2003 TechRepublic, Inc.
4%
4%
