Beta.easyofficephone.ca

WHITE PAPER
Demystifying the Anti-Spam Buzz:
Features vs. Fluff in the Search for an Enterprise The options available to mitigate the problems of e-mail spam in the enterprise are varied. Just as varied is the variety of definitions of spam today. These factors often lead to some confusion about what a particular anti-spam (or anti-fraud or anti-virus) solution may or may This paper demystifies the anti-spam market and its various choices and buzzwords to help you cut through the hype and focus on the basics: determining what features you need, whether a solution you are considering includes them, and to what degree. It also defines the important key elements that an anti-spam solution should have to ensure that your investment will be a White Paper: Demystifying the Anti-Spam Buzz
Spam is Spam
Ads, fraud schemes, urgent requests for help, porn, virus attachments, We treat all spam
phishing attempts … these are all examples of e-mail “spam” (junk or equally. If it's junk
threatening e-mail) that affect organizations and end-users today. The entering through
market for solutions to stop this spam can seem overwhelming, and common your mail servers,
pricing strategies imply that there is a difference between types of spam, or Roaring Penguin's
that different solutions are necessary to combat different kinds of junk CanIt anti-spam
solutions will
But these distinctions are misleading. The truth is, the techniques spammers use are common across all varieties of spam. For example, spammers of all types frequently use virus and worm-infected machines to send spam. Likewise, spammers seeking to steal money or identities (phishers) use the same techniques as spammers seeking to sell the latest Spam-Fighter's Cocktail
Three primary types of spam fighting solutions are available today: • Client-side solutions reside on individual users' machines. Distributed
support requirements and license fees make them unsustainable in large environments, they lock an enterprise into a particular client operating system, and mobile and webmail users may not be able to access them.
• Outsourced (third-party) solutions require an enterprise's e-mail to be
routed through third-party servers for filtering. Their primary drawback is the loss of control over an enterprise's e-mail and its filtering techniques.
• Server-based solutions come in the form of software and/or server
This paper focuses
appliances, and act as a gateway between the Internet and the e-mail on server-based
server. This paper deals with server-based anti-spam solutions.
solutions.
Scalable, Server-Side Architecture
Server-based anti-spam solutions are preferable for enterprise environments because they can fully protect your network and users from spam and viruses with minimum administrative burden. But, with spam and virus attacks increasing mail volumes exponentially, server-based solutions must be scalable. Look for solutions with streamlined architectures, technology For example, ensure that you can configure the solution to filter out viruses before spending resources filtering for spam. Also ensure that the solution Scalable cost:
Look for a solution
can be set to filter particular types and sizes of e-mail before performing that is priced
content-based filtering. These techniques contribute to a streamlined e-mail per-user, not
filtering architecture. Finally, look for a solution that is priced per-user and per-server.
not per-server. Per-server pricing puts you at a disadvantage because as mail volumes grow, you have to spend more to keep the solution effective by 2007 Roaring Penguin Software Inc.
White Paper: Demystifying the Anti-Spam Buzz
Integration with Existing Environment
You likely already have various systems in place related to e-mail. Adding Integration:
spam-filtering should not require you to change your existing systems. Look With mail servers,
for a solution that will work within your existing mail environment (i.e. mail authentication
server, O/S, mail transfer agent, etc.). Also, be sure to ask whether the directory and
solution will integrate with your existing user authentication infrastructure anti-virus software.
(e.g. LDAP, custom databases, Sendmail database, etc.) and anti-virus Equal-Opportunity Pricing
The anti-spam solution you select should not require that you pay more for One-price filtering:
filtering different kinds of spam. Spam is spam, and spammers should never Look for a
be allowed to dictate what you spend on a spam-fighting solution. The best comprehensive
approach in evaluating and selecting a solution is to begin by establishing solution that filters
the capabilities and features that you really need, then find a comprehensive all types of spam.
Never Lose a Valid E-Mail
An anti-spam solution should never put you at risk of losing legitimate Quarantine:
e-mail messages. This means that you need a solution with a quarantine Hold suspect
function that holds suspect messages in a safe area for inspection by a messages for final,
human who can make the final judgment.
human judgement.
Look for a solution with this flexibility, but be sure that your solution of choice enables you to customize spam thresholds and spam management techniques. For example, you may want to automatically quarantine or delete certain types of e-mails while only tagging messages that receive mid-range spam scores. Your solution should, at a minimum, have that level Centralized Solution with End-User Controls
A solution with centralized administration and distributed end-user controls Global rules:
is ideal to provide the administrative benefits – such as global rules, default Maintain control
settings and centralized administration – while at the same time allowing by pushing global
rule sets out to
end-users.
By pushing global rules out to end users and enabling them to participate in choosing the filtering solution that best suits them, the administrative burden and complexity of defining spam in a multi-user environment is If you want a solution with some level of end-user control, look for one that allows you to customize the end-user interface, including its look-and-feel and the controls you provide to end-users. Only you know what your particular users and environment need and can handle. A customizable interface will help minimize disruption to end-users and will eliminate 2007 Roaring Penguin Software Inc.
White Paper: Demystifying the Anti-Spam Buzz
Also, define up-front what you mean by “end-user control”, because available Customizable
solutions provide many different levels of user control. At minimum you interface:
should have the ability to give your end-users a choice among spam-filtering Give end-users
levels—and those levels should be determined by administrators, not by the exactly what they
product. You should also have the option to provide users with more need while
advanced features beyond merely whitelisting and blacklisting.
maintaining global
policies.
The ability for users to set spam thresholds and obtain details about individual spam incidents may be important for certain users in your environment. If so, be sure that the solution you choose gives you the power to provide such options. Keep in mind that even if you don't start with a solution that allows for end-user controls, you may need the option in the future. For example, central administration of an organization's spam may become too great for a single IT manager or department to handle. Your organization's policies about e-mail may change, or end-users may become vocal about having greater control over their e-mail.
Web Interface
Administrative and end-user interfaces of an anti-spam solution should not Web interface:
be dependent on any particular mail client or operating system. Look for a Full features
solution with web-based interfaces that enables administration of the tool available from any
regardless of mail client, operating system or user location. The tool's full mail client or web
features—not just a subset of them—should be available even to users and browser.
administrators located off-site or traveling.
Source Code Provided
How you filter your organization's e-mail is your business. With the Source code:
solution's source code in hand, you can implement filtering rules and For complete
methods, no matter how complex, arcane or unique they may be. Owning control and
the source code also enables you to perform complete system security audits security audits.
and make adjustments if necessary, and is the ultimate long-term insurance Multi-Factor Spam Analysis
Fighting spam is an arms race. As spamware becomes more sophisticated and spamming becomes more profitable, no single tactic is sufficient to do battle with increasingly aggressive and tricky spammers. While blacklisting offending DNS domains was once sufficient to battle spam, blacklisting is today just one small aspect of effective spam management. Commercial Multi-factor
spammers, phishers, perpetrators of e-mail frauds and virus writers all use a analysis:
number of methods to obfuscate their work. Spammers devote their time to A cocktail of spam-
inventing new techniques—both technological and sociological—to trick end- fighting tactics to
users into responding. Such tactics include, for example, masquerading as a future-proof your
trusted brand by spoofing a well-known e-mail domain. Any effective anti- investment.
spam solution in today's environment must employ a variety of integrated fighting techniques to be effective—and you should not be expected to pay more for different filters. If a solution claims to stop spam, it should be expected to stop all types of spam: even those not yet invented.
2007 Roaring Penguin Software Inc.
White Paper: Demystifying the Anti-Spam Buzz
In the “Buzzword Compliance” section beginning below, we've detailed the requirements for a future-proof solution, as well as others that you should understand and consider – or avoid.
Buzzword Compliance
Today's leading anti-spam solutions all lay claim to various features and Buzzword IQ:
capabilities that have interesting names . but what do these features really Even before
do? How do they do it? And do you really need them? learning what the
buzzwords mean,
The table on the following pages catalogs these anti-spam buzzwords, simply have a sense of the
explains what each means, and describes in practical terms why you may (or main features and
may not) need each. It also indicates which features Roaring Penguin's qualities that you
CanIt solutions offer, and to what degree.
need in an
anti-spam solution.
Use this table to help you sift through the “fluff” and truly understand the features that a solution offers, what they mean, and the value each will have 2007 Roaring Penguin Software Inc.
White Paper: Demystifying the Anti-Spam Buzz
Buzzwords
What is it?
Why do I need it?
Does CanIt have it?
Yes. And, in CanIt-PRO,
“Bayesian” filtering, this is a type investment. Adaptive filters ensure the Bayesian filters of spam filtering that learns what is that the anti-spam solution or is not spam over time, based on remains effective over time, even Yes. CanIt-PRO includes
Also referred to as “anti-phishing”. If you want to protect your end- Yes. CanIt's filters
spoof a well-known brand (such as It is estimated that at least 5% of used by spam phishers. into divulging personal data, such divulge their personal information. below as an example.) as credit card numbers, passwords Filtering out phishing attempts also CanIt's content filters and the like. Phishing e-mails are reduces the volume of junk e-mail can also be easily set to usually linked to a fraudulent web in your organization.
Yes. The Roaring
receive automatic updates to stay techniques, your solution must be Penguin Training updated or it will fall behind and its Network updates your A filtering technique whereby a list To filter out certain spammers and Yes. CanIt solutions
of disallowed senders or domains is spamming domains. However, the support blacklisting, and 2007 Roaring Penguin Software Inc.
White Paper: Demystifying the Anti-Spam Buzz
Buzzwords
What is it?
Why do I need it?
Does CanIt have it?
Yes. CanIt solutions can
A feature of an anti-spam solution To minimize the training and Yes. Administrators
A feature of an anti-spam solution To tweak default filters, turn Yes. CanIt's filters are
that enables administrators and/or certain filters off, or upload your end users to alter the way e-mail is own existing rules.
Because most e-mail borne viruses Yes. CanIt's
are distributed by way of particular administrative interface attachment messages that contain particular Rules within an anti-spam solution To enforce enterprise-wide e-mail Yes. CanIt
To eliminate a growing percentage Yes. Roaring Penguin
temporary delivery failure for mail filtered. (At publication date, Legitimate mail servers will queue all spam). It therefore reduces sender and recipient – neither one attacks (see below).
2007 Roaring Penguin Software Inc.
White Paper: Demystifying the Anti-Spam Buzz
Buzzwords
What is it?
Why do I need it?
Does CanIt have it?
Hit-and-run Also known as “greylisting” (see A feature by which the spam filter To eliminate the possibility of Spam Optional. CanIt can
spam after a designated period of enough to cause storage problems. spam after a certain users to manage their Spam Traps Spam Trap.
Yes. CanIt enables
sent from a particular domain was attacks, which tend to spoof Optional. With CanIt-
administrators or end-users when each end-user his or her own Spam PRO, administrators can Outbound / The filtering of e-mail that exits Optional. CanIt-PRO
internal mail your domain (i.e. e-mail sent by clients on your network). Internal “zombie” (see below) spam attacks filter incoming, internal growing. Outbound mail filtering is CanIt-PRO can filter one, 2007 Roaring Penguin Software Inc.
White Paper: Demystifying the Anti-Spam Buzz
Buzzwords
What is it?
Why do I need it?
Does CanIt have it?
The ability of an anti-spam solution Quarantines serve valuable Optional. CanIt
* Reduce administrative burden by suspected spam in any Supported. CanIt data
Refers to a type of spam filter that To protect your entire network and Yes. CanIt software is
e-mail server (rather than on client gateway. A solution that resides centralized functionality – such as Internet and your mail the creation of global rule-sets and server.
Refers to the ability to set a spam To set and adjust filter sensitivity. Yes. Spam thresholds in
To eliminate a large percentage of Yes. CanIt can detect
Yes. Roaring Penguin
per-department or per-individual). invented mail streams 2007 Roaring Penguin Software Inc.
White Paper: Demystifying the Anti-Spam Buzz
Buzzwords
What is it?
Why do I need it?
Does CanIt have it?
Optional. CanIt is
compressed compressed files (such as .zip and attachments hidden in compressed bundled with Clam unpacks compressed files must be unpacks compressed carefully written. Compressed files files. You can turn this can contain very large binary files feature on or off.
Looking into A filtering technique that looks Yes. CanIt's filters can
compressed inside compressed files and filters attachments hidden in compressed look inside compressed files. If you already have anti-virus files to detect hidden files, then you're likely covered. If without actually To provide users with a convenient Optional. CanIt-PRO
bottom of each e-mail that enable way to train their Bayesian filters.
indicate “this is spam” or “this is Whitelisting A filtering technique whereby a list To reduce the load on your spam Optional. CanIt enables
filters and streamline your filtering the creation of optional A type of “adaptive spam filtering” Word-pair analysis dramatically 2007 Roaring Penguin Software Inc.
White Paper: Demystifying the Anti-Spam Buzz
Buzzwords
What is it?
Why do I need it?
Does CanIt have it?
A web-based interface is beneficial Yes. CanIt
and/or end-user access) via a web • It can be administered from • It can work with any e-mail client web-based.
Yes. See “greylisting”
machines residing inside legitimate above.
compromised computer used as a detection is preferable to Contact Information:
2007 Roaring Penguin Software Inc.

Source: http://beta.easyofficephone.ca/downloads/dealer-rp-spam-hype.pdf