What's the Big Deal about Spam?: Page 2
So what can Akin and other IT managers like him do? Akin described the solution he's been seeking as well as the three steps he has taken in search of that solution. "I'm looking for the solution that filters the most spam while blocking the least legitimate e-mail. I also want a solution that requires the least amount of time from my IT staff, but gives us the flexibility to let requesting users design their own specific filters."
Akin fist tried a rules-based filter. With a file of rules for sorting e-mail, a filter of this type requires constant upkeep, but works well. The filter file lets you block e-mail by address, domain, or rule. For example, if you want to block mail that offers credit cards, your rule can look for the phrase "free, no obligation." For pornography, it's obvious that your rule looks for specific single words. The upkeep is generated when the spammers get smarter. For example, Akin had a rule that looked for "Viagra" in the subject line, but spammers now send mail with "Viagra" spelled "Vi*gra" or some similar variation.
For his second test, Akin ran an in-house heuristic filter from Postini, Inc. The filter blocked a tremendous amount of spam but was administratively hard to handle. This filter worked by assigning a number factor to different subfilters aptly named "Bulk email," "Get Rich Quick," "Naughty," and "Racially Insensitive." You could make the blocking more stringent by moving the number factor upward. The problem with this test for Akin was the high number of false positives. False positives can be rather difficult to fish out of the system -- if you even know that you have them.
Akin's third try, a hosted service from Postini, is running now. The filter is the same, but the administration is very easy. Each user has a personalized Web site where he or she can check what has been blocked. If the user wants to, he or she can unblock e-mail. Another good feature is the month-to-month contract, which gives Akin flexibility in the ever-changing spam world.
Fighting spam costs Akin about "$0.85 per user per month." But fighting spam saves Akin an untallied amount in storage resources, personnel time, and legal fees. Even without a dollar figure for the savings, that's easy math to do.
"Right now, the industry doesn't have the tools to stop spam completely," Akin said. "Spammers are too wily and crafty, and sending spam is too lucrative for them to stop. But eventually we'll get ahead of them." I think Akin has made big strides. Lately, I've even heard him mention once or twice IT challenges other than spam.