WHITE PAPER Demystifying the Anti-Spam Buzz: Features vs. Fluff in the Search for an Enterprise
The options available to mitigate the problems of e-mail spam in the enterprise are varied.
Just as varied is the variety of definitions of spam today. These factors often lead to some
confusion about what a particular anti-spam (or anti-fraud or anti-virus) solution may or may
This paper demystifies the anti-spam market and its various choices and buzzwords to help you
cut through the hype and focus on the basics: determining what features you need, whether a
solution you are considering includes them, and to what degree. It also defines the important
key elements that an anti-spam solution should have to ensure that your investment will be a
White Paper: Demystifying the Anti-Spam Buzz Spam is Spam
Ads, fraud schemes, urgent requests for help, porn, virus attachments,
We treat all spam
phishing attempts … these are all examples of e-mail “spam” (junk or
equally. If it's junk
threatening e-mail) that affect organizations and end-users today. The
entering through
market for solutions to stop this spam can seem overwhelming, and common your mail servers,
pricing strategies imply that there is a difference between types of spam, or Roaring Penguin's
that different solutions are necessary to combat different kinds of junk
CanIt anti-spam solutions will
But these distinctions are misleading. The truth is, the techniques
spammers use are common across all varieties of spam. For example,
spammers of all types frequently use virus and worm-infected machines to
send spam. Likewise, spammers seeking to steal money or identities
(phishers) use the same techniques as spammers seeking to sell the latest
Spam-Fighter's Cocktail
Three primary types of spam fighting solutions are available today:
• Client-side solutions reside on individual users' machines. Distributed
support requirements and license fees make them unsustainable in large
environments, they lock an enterprise into a particular client operating
system, and mobile and webmail users may not be able to access them.
• Outsourced (third-party) solutions require an enterprise's e-mail to be
routed through third-party servers for filtering. Their primary drawback is
the loss of control over an enterprise's e-mail and its filtering techniques.
• Server-based solutions come in the form of software and/or server This paper focuses
appliances, and act as a gateway between the Internet and the e-mail
on server-based
server. This paper deals with server-based anti-spam solutions. solutions. Scalable, Server-Side Architecture
Server-based anti-spam solutions are preferable for enterprise environments
because they can fully protect your network and users from spam and
viruses with minimum administrative burden. But, with spam and virus
attacks increasing mail volumes exponentially, server-based solutions must
be scalable. Look for solutions with streamlined architectures, technology
For example, ensure that you can configure the solution to filter out viruses
before spending resources filtering for spam. Also ensure that the solution
Scalable cost: Look for a solution
can be set to filter particular types and sizes of e-mail before performing
that is priced
content-based filtering. These techniques contribute to a streamlined e-mail per-user, not
filtering architecture. Finally, look for a solution that is priced per-user and per-server.
not per-server. Per-server pricing puts you at a disadvantage because as
mail volumes grow, you have to spend more to keep the solution effective by
2007 Roaring Penguin Software Inc. White Paper: Demystifying the Anti-Spam Buzz Integration with Existing Environment
You likely already have various systems in place related to e-mail. Adding
Integration:
spam-filtering should not require you to change your existing systems. Look With mail servers,
for a solution that will work within your existing mail environment (i.e. mail authentication
server, O/S, mail transfer agent, etc.). Also, be sure to ask whether the
directory and
solution will integrate with your existing user authentication infrastructure
anti-virus software.
(e.g. LDAP, custom databases, Sendmail database, etc.) and anti-virus
Equal-Opportunity Pricing
The anti-spam solution you select should not require that you pay more for
One-price filtering:
filtering different kinds of spam. Spam is spam, and spammers should never Look for a
be allowed to dictate what you spend on a spam-fighting solution. The best comprehensive
approach in evaluating and selecting a solution is to begin by establishing
solution that filters
the capabilities and features that you really need, then find a comprehensive all types of spam. Never Lose a Valid E-Mail
An anti-spam solution should never put you at risk of losing legitimate
Quarantine:
e-mail messages. This means that you need a solution with a quarantine
Hold suspect
function that holds suspect messages in a safe area for inspection by a
messages for final,
human who can make the final judgment. human judgement.
Look for a solution with this flexibility, but be sure that your solution of
choice enables you to customize spam thresholds and spam management
techniques. For example, you may want to automatically quarantine or
delete certain types of e-mails while only tagging messages that receive
mid-range spam scores. Your solution should, at a minimum, have that level
Centralized Solution with End-User Controls
A solution with centralized administration and distributed end-user controls
Global rules:
is ideal to provide the administrative benefits – such as global rules, default Maintain control
settings and centralized administration – while at the same time allowing
by pushing global rule sets out to end-users.
By pushing global rules out to end users and enabling them to participate in
choosing the filtering solution that best suits them, the administrative
burden and complexity of defining spam in a multi-user environment is
If you want a solution with some level of end-user control, look for one that
allows you to customize the end-user interface, including its look-and-feel
and the controls you provide to end-users. Only you know what your
particular users and environment need and can handle. A customizable
interface will help minimize disruption to end-users and will eliminate
2007 Roaring Penguin Software Inc. White Paper: Demystifying the Anti-Spam Buzz
Also, define up-front what you mean by “end-user control”, because available Customizable
solutions provide many different levels of user control. At minimum you
interface:
should have the ability to give your end-users a choice among spam-filtering Give end-users
levels—and those levels should be determined by administrators, not by the exactly what they
product. You should also have the option to provide users with more
need while
advanced features beyond merely whitelisting and blacklisting. maintaining global policies.
The ability for users to set spam thresholds and obtain details about
individual spam incidents may be important for certain users in your
environment. If so, be sure that the solution you choose gives you the
power to provide such options. Keep in mind that even if you don't start
with a solution that allows for end-user controls, you may need the option in
the future. For example, central administration of an organization's spam
may become too great for a single IT manager or department to handle.
Your organization's policies about e-mail may change, or end-users may
become vocal about having greater control over their e-mail. Web Interface
Administrative and end-user interfaces of an anti-spam solution should not
Web interface:
be dependent on any particular mail client or operating system. Look for a
Full features
solution with web-based interfaces that enables administration of the tool
available from any
regardless of mail client, operating system or user location. The tool's full
mail client or web
features—not just a subset of them—should be available even to users and
browser.
administrators located off-site or traveling. Source Code Provided
How you filter your organization's e-mail is your business. With the
Source code:
solution's source code in hand, you can implement filtering rules and
For complete
methods, no matter how complex, arcane or unique they may be. Owning
control and
the source code also enables you to perform complete system security audits security audits.
and make adjustments if necessary, and is the ultimate long-term insurance
Multi-Factor Spam Analysis
Fighting spam is an arms race. As spamware becomes more sophisticated
and spamming becomes more profitable, no single tactic is sufficient to do
battle with increasingly aggressive and tricky spammers. While blacklisting
offending DNS domains was once sufficient to battle spam, blacklisting is
today just one small aspect of effective spam management. Commercial
Multi-factor
spammers, phishers, perpetrators of e-mail frauds and virus writers all use a analysis:
number of methods to obfuscate their work. Spammers devote their time to A cocktail of spam-
inventing new techniques—both technological and sociological—to trick end- fighting tactics to
users into responding. Such tactics include, for example, masquerading as a future-proof your
trusted brand by spoofing a well-known e-mail domain. Any effective anti-
investment.
spam solution in today's environment must employ a variety of integrated
fighting techniques to be effective—and you should not be expected to pay
more for different filters. If a solution claims to stop spam, it should be
expected to stop all types of spam: even those not yet invented.
2007 Roaring Penguin Software Inc. White Paper: Demystifying the Anti-Spam Buzz
In the “Buzzword Compliance” section beginning below, we've detailed the
requirements for a future-proof solution, as well as others that you should
understand and consider – or avoid. Buzzword Compliance
Today's leading anti-spam solutions all lay claim to various features and
Buzzword IQ:
capabilities that have interesting names . but what do these features really Even before
do? How do they do it? And do you really need them?
learning what the buzzwords mean,
The table on the following pages catalogs these anti-spam buzzwords, simply have a sense of the
explains what each means, and describes in practical terms why you may (or main features and
may not) need each. It also indicates which features Roaring Penguin's
qualities that you
CanIt solutions offer, and to what degree. need in an anti-spam solution.
Use this table to help you sift through the “fluff” and truly understand the
features that a solution offers, what they mean, and the value each will have
2007 Roaring Penguin Software Inc. White Paper: Demystifying the Anti-Spam Buzz Buzzwords What is it? Why do I need it? Does CanIt have it? Yes. And, in CanIt-PRO,
“Bayesian” filtering, this is a type
investment. Adaptive filters ensure the Bayesian filters
of spam filtering that learns what is that the anti-spam solution
or is not spam over time, based on remains effective over time, even
Yes. CanIt-PRO includes
Also referred to as “anti-phishing”. If you want to protect your end-
Yes. CanIt's filters
spoof a well-known brand (such as It is estimated that at least 5% of used by spam phishers.
into divulging personal data, such divulge their personal information. below as an example.)
as credit card numbers, passwords Filtering out phishing attempts also CanIt's content filters
and the like. Phishing e-mails are reduces the volume of junk e-mail can also be easily set to
usually linked to a fraudulent web in your organization. Yes. The Roaring
receive automatic updates to stay techniques, your solution must be Penguin Training
updated or it will fall behind and its Network updates your
A filtering technique whereby a list To filter out certain spammers and Yes. CanIt solutions
of disallowed senders or domains is spamming domains. However, the support blacklisting, and
2007 Roaring Penguin Software Inc. White Paper: Demystifying the Anti-Spam Buzz Buzzwords What is it? Why do I need it? Does CanIt have it? Yes. CanIt solutions can
A feature of an anti-spam solution To minimize the training and
Yes. Administrators
A feature of an anti-spam solution To tweak default filters, turn
Yes. CanIt's filters are
that enables administrators and/or certain filters off, or upload your
end users to alter the way e-mail is own existing rules.
Because most e-mail borne viruses Yes. CanIt's
are distributed by way of particular administrative interface
attachment messages that contain particular
Rules within an anti-spam solution To enforce enterprise-wide e-mail
Yes. CanIt
To eliminate a growing percentage Yes. Roaring Penguin
temporary delivery failure for mail filtered. (At publication date,
Legitimate mail servers will queue all spam). It therefore reduces
sender and recipient – neither one attacks (see below).
2007 Roaring Penguin Software Inc. White Paper: Demystifying the Anti-Spam Buzz Buzzwords What is it? Why do I need it? Does CanIt have it?
Hit-and-run Also known as “greylisting” (see
A feature by which the spam filter To eliminate the possibility of Spam Optional. CanIt can
spam after a designated period of enough to cause storage problems. spam after a certain
users to manage their Spam Traps Spam Trap. Yes. CanIt enables
sent from a particular domain was attacks, which tend to spoof
Optional. With CanIt-
administrators or end-users when each end-user his or her own Spam PRO, administrators can
Outbound / The filtering of e-mail that exits
Optional. CanIt-PRO
internal mail your domain (i.e. e-mail sent by
clients on your network). Internal “zombie” (see below) spam attacks filter incoming, internal
growing. Outbound mail filtering is CanIt-PRO can filter one,
2007 Roaring Penguin Software Inc. White Paper: Demystifying the Anti-Spam Buzz Buzzwords What is it? Why do I need it? Does CanIt have it?
The ability of an anti-spam solution Quarantines serve valuable
Optional. CanIt
* Reduce administrative burden by suspected spam in any
Supported. CanIt data
Refers to a type of spam filter that To protect your entire network and Yes. CanIt software is
e-mail server (rather than on client gateway. A solution that resides
centralized functionality – such as Internet and your mail
the creation of global rule-sets and server.
Refers to the ability to set a spam To set and adjust filter sensitivity.
Yes. Spam thresholds in
To eliminate a large percentage of Yes. CanIt can detect Yes. Roaring Penguin
per-department or per-individual). invented mail streams
2007 Roaring Penguin Software Inc. White Paper: Demystifying the Anti-Spam Buzz Buzzwords What is it? Why do I need it? Does CanIt have it? Optional. CanIt is
compressed compressed files (such as .zip and attachments hidden in compressed bundled with Clam
unpacks compressed files must be unpacks compressed
carefully written. Compressed files files. You can turn this
can contain very large binary files feature on or off.
Looking into A filtering technique that looks
Yes. CanIt's filters can
compressed inside compressed files and filters attachments hidden in compressed look inside compressed
files. If you already have anti-virus files to detect hidden
files, then you're likely covered. If without actually
To provide users with a convenient Optional. CanIt-PRO
bottom of each e-mail that enable way to train their Bayesian filters.
indicate “this is spam” or “this is
Whitelisting A filtering technique whereby a list To reduce the load on your spam
Optional. CanIt enables
filters and streamline your filtering the creation of optional
A type of “adaptive spam filtering” Word-pair analysis dramatically
2007 Roaring Penguin Software Inc. White Paper: Demystifying the Anti-Spam Buzz Buzzwords What is it? Why do I need it? Does CanIt have it?
A web-based interface is beneficial Yes. CanIt
and/or end-user access) via a web • It can be administered from
• It can work with any e-mail client web-based. Yes. See “greylisting”
machines residing inside legitimate above.
compromised computer used as a detection is preferable to
Contact Information:
2007 Roaring Penguin Software Inc.
Traveling to: US Virgin Islands Health Brief prepared for: UCAR User User Prepared on: Jun 8, 2011 5:40:35 PM GMT US Virgin Islands Immunizations: Recommended immunizations for the United States Virgin Islands. Up-to-date routine immunizations, including tetanus, diphtheria, pertussis, measles, mumps, rubella, varicella (chickenpox) and influenza, areimportant for all internati
TABLETS MIDAMOR ® (AMILORIDE HCl) DESCRIPTION Amiloride HCl, an antikaliuretic-diuretic agent, is a pyrazine-carbonyl-guanidine that isunrelated chemically to other known antikaliuretic or diuretic agents. It is the salt of a moderatelystrong base (pKa 8.7). It is designated chemically as 3,5-diamino-6-chloro- N -(diaminomethylene)pyrazinecarboxamide monohydrochloride, dihydrate and has