Spam filters: Making them work
Here are eight ways to get more out of your e-mail watchdog. By Calvin Sun
Computerworld - Spam. It fills our in-boxes, wastes our time and spreads malware -- and it's only getting worse. According to Ferris Research, which studies messaging and content control, 40 trillion spam messages will be sent in 2008, costing businesses more than $140 billion worldwide -- a significant increase from the 18 trillion sent in 2006 and the 30 trillion in 2007.
In theory, e-mail filtering software and appliances allow "good" e-mail messages to pass through while stopping spam. But the filters can mistakenly allow spam to pass through (a false negative), or they can mistakenly block valid e-mail (a false positive).
Typically, after identifying a message as spam, the filtering software either blocks it or quarantines it, letting the recipient review it later. Although the latter method provides a chance to retrieve false positives, it requires time and effort that users often won't spare.
Users and organizations that receive spam pay about four cents per message to delete it, according to Ferris. But Richi Jennings, a Ferris analyst and a Computerworld.com blogger, says the cost of locating missing valid e-mails is far greater -- about $3.50 per message.
Even worse, Jennings says, is that organizations can incur potentially greater costs through missed opportunities because of false positives they never see -- such as a request for proposal that a consulting firm fails to receive.
Combating False Positives
On both the sending and the receiving ends, minimizing false positives is critical for your organization. Here are some steps you can take.
1. Use a spam filter. False positives can leave you wondering if you should simply toss your spam filter. Don't.
False positives can occur even without a filter, such as when a user, seeing multiple spam subjects in an in-box, manually hits "delete" multiple times, not realizing that buried within the list is a legitimate e-mail. A state-of-the-art spam filter catches 97% to 99% of spam, says Jennings, thus helping prevent erroneous manual deletions.
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!