Schmitt, Andy C - CIDD-2
acschmitt at BPA.GOV
Wed Mar 24 21:55:36 GMT 2004
I thought my response would be of interest to anyone else who had to justify an expensive server with MailScanner to managers who read about the latest low-cost toasters or outsourced services to hit the trade magazines.
Short answer: Whenever my managers ask me this, I tell them, "because we own it and we know what it's doing."
1. In-house rule-writing can provide rules tailored to the organization. I have a rule that will whitelist replies to employees based on the fact that most mail clients will put the human name (routing and all) in a reply to the address. If a new kind of spam comes flooding in, I can probably react faster and more directly than a third party.
2. If security is a concern, outside spam filters could allow another company to read trade secrets or sensitive government data. This may simply not be acceptable at some organizations (like mine).
3. Some things work well with a small lab of experts. Blocking of unacceptable mail is not one of them; it's in an organization's best interests to be part of a community of similar mail administrators who all contribute to total antispam knowledge as part of their job, rather than to employ a team who is forced to call support upon receiving a spam complaint.
4. Every time a company asks me to try out their antispam product, I ask them to describe what tests they do. How do they catch spam, exactly? I know how MailScanner does -- the code reveals that. But most sales associates are not allowed to detail their procedures, or don't know them. A customer may be left with an engine that does little more than grep incoming mail for "forbidden words". Trend eManager is a prime example of a proprietary grepping approach. Last year, it had an episode of rejecting all mail that contained the letter "p" due to a bad pattern file. And that's on our own server; what happens when something goes wrong on an spam service?
From: Pete [mailto:pete at eatathome.com.au]
Sent: Wednesday, March 24, 2004 1:16 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: Commercial Product
Kris Zabriskie wrote:
>I have been coming across a lot of commercial spam products. Most of the
>ones I have seen have been simple 1U rack mounts, that act as a mail
>pre-processor I believe. I have often asked myself, I wonder what software
>they run in there. Are you aware of any companies that have just tossed
>together a 1U rack mount, and tossed MailScanner on it?
>Network Admin / Consultant
We get a LOT of mail regarding people providn gthis service offsite. My
boss wants me to justify why i prefer to buy a $3500 server and put in
the effort and hours to combat spam, when these guys can do it offsite
saving us the bandwitdth of never receiving the spam...any tips for me ?
More information about the MailScanner