Best Practices in Managing Spam by Forrester Research
Not new to this computer and web-connected world, spam management in many organizations still remains a challenge, even after 15 years of the development of the anti-spam business. Spam seems to be an impossible element to eliminate in the internet community, however, businesses and organizations can take steps in lessening the issue by embracing some best practices from the technology and policy points of view.
Recommended Best Practices from the Policy Perspective
When dealing with policies that attend to anti-spam policies, Forrester Research recommends that organizations should consider the following:
- Complete blockage of spam messages. In this approach, an organization can apply a ‘general rule’ policy that recommends that all spam messages are blocked explicitly and not quarantining them first. Although this approach is different in many organizations, all companies should have a general policy on anti-spamming, based on the kind of business the organization is doing. Therefore, pornographic matter, solicitation communications, or phishing can be classified as definite spam material, and the company may also include marketing letters, newsletters, business and political promotions materials, and other advertising emails.
- Implement policies in filtering specific for users and groups. Aside from implementing a policy as a ‘general rule,’ a business should look at its users and their specific roles in the industry, and espouse filtering policies that are group-specific or user-specific. For example, personnel in the IT or engineering department may be allowed to accept executable files due to the nature of their work, but the same is not allowed for other departments. Further, the conveyance of solicitation messages from other companies may be channeled to the organization’s sales department, but disallowed in other divisions.
- Incorporating solutions with email security components. Anti-spam is a singular element in an organization’s emailing management and security functions. Other functions are the protection of content, archiving of data, and MTA (or message transfer agent). Organizations should aim to incorporate their anti-spam tool to function smoothly with other components which should result in suitable performance and effectiveness in terms of management level.
Recommended Best Practices from the Technology Perspective
If organizations use the correct anti-spam tools, they can achieve a better outcome in addressing spam. Recommended practices from the technology perspective are:
- Implement connection management systems. Systems for connection management include various techniques such as white-lists, black-lists, rate controls, recipient confirmation, dispatcher reputation, and other things external to the assessment of actual material content. By adopting connection management, the organization serves as a filter for incoming communications and permits a more discerning application of robust analysis of content downstream.
- Organize self-administration of spam by users. To minimize overhead in administrative costs, a good anti-spam solution would allow users to manage the incoming spam and communications. This medium would allow users to administer messages by user-classification of spam as ‘definite legitimate’ or definite’. However, by allowing users to quarantine the messages that they themselves classify also requires that the anti-spam solution needs to have information of user accounts assimilated with user directories
- Administering bounce announcements. As spam operations become more target specific, surveys by spammers have started advancing as well. One scheme by which online spammers access valid email addresses is by bounce notification and directory collecting or harvesting. To offset this, companies should put limits on the amount of bounce notifications that are external for addresses that are not reachable. For instance, organizations should allow bounce notifications for specific domains that are trusted or limit the notifications that bounce from one particular source. Anti-spam tools that support the adoption of such guidelines should be considered.
For organizations who want to measure how efficient and effective their anti-spam solution is in their environment can use the following indicators:
- Operating costs. A decent anti-spam tool should only necessitate a few minutes of actual human effort to manage and operate.
- Limiting false negatives. Organizations should not allow the false negative figure to go beyond one spam per user daily.
- Limiting false positives. Organizations may allow false positives of up to one in every 200,000 authenticated messages.
- Client praises and complaints. Client feedback is very important in measuring whether your anti-spam solution is working or not. A successful anti-spam system can be measured if users and clients give little or no remarks at all. It can be assumed that lesser complaints indicate silent praise.
Advice in Developing a Spam Administration Plan
Group and individual users should always have the benefit of using and accessing the web without being harassed by unsolicited content and advertisements. The anti-spam industry presents a variety of solutions, but as an alternative to just one solution, organizations should consider the following:
- Look for solution providers with multichannel intelligence. There is a proven connection between the distribution of Web malware and spam promotions, therefore organizations should not look at their anti-spam tool as a distinct email storage facility. Choose an anti-spam tool that uses cross-channel intelligence which will raise more accurate identification of threats in electronic mail and other channels of incoming communications.
- Merge on- and off-premise components. Some filtering jobs are better completed off-premise (or in-the-cloud) before less desirable communications enter into an organization’s system to the end-user. Some filtering jobs are done on-site, such as encryption or deeper scrutiny of content. There have been instances where anti-spam implementation was a mix of both on- and off-premise functions (such as in MassageLabs or Postini). By doing this, the in-the-cloud premise will take care of unwanted traffic which further reduces the incoming stream of messages for the on-premise system to handle. This results in better performance and efficiency.
- Encompass anti-spam and email in a more extensive plan for content security and protection. For companies to prevent the occurrence of email mishandling or information infringement; and to abide by HIPAA, PCI and other pertinent rules and regulations, they need to protect content and email storage. The best place to integrate this function is in the same email system (or infrastructure) to counteract the spam. Organizations should look for anti-spam solutions that maintain two-directional scanning of content, sensitive information discovery, and the capacity to activate the protection of data as well as retention components which include archiving and encryption.
Organizations that have employees and end-users that require particular functions can begin by assessing vendors who specifically address these functionalities in the technologies that they develop. By considering these things, organizations may look into filters for email validity; anti-spam solution and high performing message transfer agents; merged email encryption; and/or industry black-lists.