Home > Articles > Security > Network Security

  • Print
  • + Share This
Like this article? We recommend

You Know It's Spam, But What Do You Do With It?

Once you have your friendly family of spam-fighting tools set up (as we'll discuss next in this series), it's easy to think that you can just sit back and let these tools do their work, throwing away any spam they find and making your life an idyllic existence. However, remember that little mail administrator's rule: Lose No Mail. Are you just going to blindly trust a computer to make these decisions? Do your users want to blindly trust these computers?

If you intend to even try to Lose No Mail, then your answer to these questions must be No. Believe it or not, this issue doesn't take us back to the beginning of making users go through massive folders of junk, inspecting each and every item. It does, however, give them the chance to look at every piece if they choose. You can offer this feature by implementing a "quarantine" area, ensuring that no one in the office will lose out on the deal that would have doubled the size of the company just because some vital incoming piece of E-mail happened to have a Viagra joke attached to the end of the otherwise important content.

Mind you, quarantines can be a bit of a pain. Storing all that spam requires disk space, and you can't hold on to this stuff indefinitely—well, you could, but do you really want to? Then there's the matter of somehow offering your users the ability to find and rescue legitimate items from the quarantine, in a way that doesn't make this process just as cumbersome as using their own mail client to filter spam, and that isn't so technically difficult that non-computer-savvy users will just throw their hands in the air and walk away.

Just One Quarantine Area?

One solution that many consider is maintaining a single quarantine that only the administrators have access to. Run, do not walk, from such a suggestion. For one thing, this requires users to come to you and beg you to fish out junk from the spam-infested pile of crud that's built up from the collective E-mail coming in for everyone on your system. We don't know about you, but this is not our idea of a good time.

Not just that, but how are you going to know what that person considers spam? Viruses are easy, by comparison. A virus is a virus is a virus, there's no debating it if your anti-virus program is working properly. Spam can be much hazier. For example, an advertisement for low-interest mortgages might repulse most of your users, but it might be just what that one guy down the hall is looking for. To everyone else it's spam, but to him it's an ad for a product or service that he's interested in, so while it's technically "unsolicited," it's still welcome.

There's also the matter of safeguarding the privacy of your users' communications, as we discussed in part II of this series. If administrators are poking around in the quarantine looking through users' E-mail to determine whether or not it's potentially legitimate, there's an invasion of privacy going on. Granted, many companies these days have policies that assert that employees have no right to privacy when it comes to company E-mail accounts, but generally these policies are not designed to encourage administrative snooping, either; they exist to allow an administrator or corporate investigator to examine evidence when there's some reason to suspect wrongdoing on the part of an employee. Whatever you do, be sure that the solution you choose complies with your organization's privacy policy. Otherwise, you could have a lawsuit on your hand.

So, rather than putting yourself in this combination of nasty positions, do yourself a favor and make use of the newer, more sophisticated tools that offer individual user quarantines. Doing so lets your users set their own individual preferences for how the content filter handles their own E-mail. Therefore, varying degrees of tolerance and different interests can be handled as simply as letting the users do it themselves.

Look, we just moved part of the work onto the users, and they'll even thank us for it! Shhhhh. It's magic.

  • + Share This
  • 🔖 Save To Your Account