The end-user view of Antispam

Today I read an article in the Wall Street Journal by Lee Gomes that gives an excellent view of the end-users perspective of the antispam fight. One of the biggest topics of discussions that I have with administrators of antispam solutions is the question of how to deal with spam. Should they quarantine, mark subjects, discard, reject, etc. It is a religious debate that has more to do with company policy, personal preference and IT budgets than anything technical, but it is interesting to me to hear Mr. Gomes prove how smart he is by agreeing with my general advice to people :-). My advice to all admins is taht users don’t care so much about getting extra spam but the minute you quarantine an important email you are dead meat.

With that precept in mind here are some general guidelines that I recommend.

1) Make sure that your antispam solution can fit everyone in terms of spam actions but start with the least restrictive policy. The least restrictive policy is either putting spam into a spam folder that is accessible by the users email client or marking subjects.

2) Only quarantine spam if your boss wants you to. Spam quarantine is expensive to manage and rarely checked. You will get a screaming call about a lost email and most likely the user has no idea how to check their quarantine and you will be the one clamoring around looking for the email and you will certainly have your head chewed off for being the sole cause of the malady. If you want to quarantine for all people make sure that users or admins can turn this off for themselves, as they can with MPP.

3) Mr. Gomes points to his experiments with changing filter levels from more restrictive to least restrictive and being disappointed with the results. My experience is that these knobs are mostly useless, especially the ones that make futile attempts to categorize spam. Give me the Viagra and Vicodin spam, but I sure don’t want to see the mortgage offers. Who thinks like that? In my experience spam companies to a horrible job of categorizing spam and it seems like a big waste of time anyway. Give your users the ability to change spam actions but these extra knobs will only bring problems as they did for Mr. Gomes.

4) Perfection is as elusive as the $40million that Barrister Hollings offered me from his hideout in Kenya. He points out that even the great Postini, which Google handsomely overpaid for, has false positives in the high sensitivity settings and misses lots when the sensitivity is set down. Don’t expect perfection and don’t back yourself into a corner by over promising and quarantine or rejecting too much spam.

5) If you decide to use quarantine systems less than 5% of your users will ever logon and of those 5% probably only a handful will ever dive too much around in the settings to see what’s available. Beware of a strategy relies on end-users learning your systems, they will mostly ignore them until it’s time to take off your head.

Comments

• Recent Posts

  • Privacy Concerns?
  • Should You Disinfect?
  • MPPv4 - Coolest MPP Yet
  • Google Competition? Cuil
  • A New Era for Email Security Appliances?

• Categories

  • MPP Releases and Fixes
  • News and Tidbits
  • Opinions on Email Security
  • Podcasts
  • Spam Wisdom
  • Uncategorized

• Archives

  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006

• Links

• Meta

  • Register
  • Login
  • WordPress
  • XHTML