We all get it, all the livelong day, but spam can seriously hurt productivity, carry viruses and even clog your servers to a standstill. There is hope. GFI Analyst David Kelleher discusses how to cut the spam!
Bright Hub: A business today can't really run without e-mail, but spam can overload the e-mail servers. So do you have any tips on what an SMB should do to block spam or at least lower the effects it has on the employees?
David Kelleher: Every company needs an anti-spam solution installed on their e-mail servers to block the hundreds of spam e-mails that are received on a daily basis. Ideally spam should be detected at the SMTP level without the e-mail server needing to download it to check whether it is spam or not. This in turn gives better server performance.
Anti-spam products should feature a combination of techniques such as word lists, blacklist/whitelist filtering, trend analysis, directory harvesting and content learning techniques like Bayesian filtering. In so doing, the spam capture rate is greatly increased. Quality spam filters are also less likely to classify a genuine e-mail as spam and therefore the risk of losing e-mails due to false-positives is reduced. The less effective a spam filter is, the higher the risk that it will classify spam as genuine mail (false-negative).
Having an effective anti-spam filter in place is the first step to blocking spam. The second step is to educate employees to be careful which e-mails they open and which links they click on. Most anti-spam products allow users to browse through their spam folders to identify e-mails that may have been erroneously classified as spam.
It is important that employees are made aware of the various types of spam, especially those e-mails that appear to be from genuine companies, colleagues or friends. These would have been filtered but there is always the risk that an employee will open it or click on any links inside the e-mail. They should be warned not to open e-mails which are suspicious or which they are not expecting as these may redirect the employee to a website infected with malware.