Small Business Defense – Anti-spam
There are many anti-spam solutions in the market. They tend to fall into a handful of types. However, all of them must do the same thing: somehow determine which emails are legitimate and which ones are not. There are many ways to do this, and most of them use differing combinations of the same techniques. Thus, the main distinguishing characteristic is where the antispam solution fits into the network.
A common solution is to use software that plugs into the email clients. This gives the user direct control over spam handling at the cost of requiring the spam to completely traverse the system and end up on the final computer. Thus, the risk exists that any malicious software may exploit the client and then run directly on the target. Additionally, the server must handle the additional load of processing spam and the administrator has no direct control of the anti-spam system.
This solution is generally not a good fit for businesses, though it can be quite effective for home-based users or businesses small enough so as to lack an I.T. department or contracted service.
A traditional solution is to purchase anti-spam software for the server. This gives the email administrator direct control over the way that the anti-spam system operates. The users typically see an email folder that contains “known safe” spam messages. Thus, the users are protected against problematic emails but still able to inspect the acceptable ones if they choose to do so.
This is the standard solution for businesses, and works fairly well, though it does result in emails still traversing the system and adding load to the mailserver. As spam traffic increases, the resources of the server must be scaled up. Since there is no control of the spam until it reaches the server, the business still risks denial of service by choosing this solution.
One way to solve problem of the limitless scaling of server resources is to shift spam protection to an appliance. In this solution, a dedicated device is placed between the Internet and the mail server which serves only to filter spam. It is more complicated for the email administrator to manage, but it does keep everything within the control of the business.
Some of the larger businesses use this method. It still requires email to enter the network, but it does protect the core systems against exploitation and limits the amount of email that the end users must sort through.
Though “cloud” solutions are getting a lot of market buzz these days, some have been around for a long time. In the anti-spam world, in particular, a cloud solution is often a good one. With this solution, spam need not ever enter the business network. The business is protected against malicious software and denial of service attacks. The users don’t have to deal with spam at all.
However, nothing is perfect. The main drawback to the cloud solution is that it inevitably delays email delivery. In short, you are adding an additional layer of processing and network transport, so every single email is going to be slower. While email administrators often state that “email is not instantaneous”, the delays are often noticeable with this sort of solution.
As always, a balance must be struck. You can emphasize usability — giving control to your users and risking both direct exploitation and the consumption of internal resources. You can emphasize security — making email administration more difficult and delaying email delivery. You can pick a solution anywhere along this spectrum, but no solution will ever be perfect.
What you can’t do, however, is nothing.