Sunday, October 02, 2005

spam spam spam spam spam

i know i don't need to tell any of the visitors to the funcave what spam is, nor why it sucks.

but i did think that it might help to share my particular approach to fighting it.

ya see...your friendly neighborhood happyfunboy has heard too many admins who are so very very proud of their approach to getting rid of spam, which usually consists of the spam being delivered to their mail system first, before being checked as spam.

my problem with that approach is that you've already incurred a pretty huge expense simply by letting that crap use any of your bandwidth to get onto your mail server, let alone the additional processing load necessary to carry out spam checking on your equipment.

not to mention things like common ldap and directory attacks, which folks can use to reverse-discover valid e-mail addresses (and login ids) on your system.

letting them leech off you...no matter how insignificant you think it may be...is still how these nimrods continue to make money...which is the only reason they exist.

so i'm a big fan of off-site mail filtering. especially if it employs a signaturing system, which is 100% accurate at flagging spam.

sure, end-user annoyance and productivity loss sucks, and is fairly quantifiable. but in this brave new world of unlimited home broadband for a flat rate, a lot of folks coming into our industry kinda forget one simple truth:

real bandwidth costs real money

nothing is free. and every processing cycle a company's machines spend doing something that is not business-related for the company...well that's wasting the company's money.

off-site filtering, rather than on-site, can offer the following benefits:
  • our mail server is no longer directly exposed to the internet-at-large, which eliminates both port-based and directory lookup-based attacks
  • all incoming mail is checked for viruses before it ever gets to our network
  • all outgoing mail is checked for viruses before it ever goes to the internet-at-large
  • in case of an interruption in service of our mail server, all incoming mail is cached by the filtering company for later retrieval
  • all incoming and outgoing mail is checked as spam before it uses our bandwidth
once we moved to our off-site filtering service, your friendly neighborhood happyfunboy's inbox went from over 400 pieces of spam per day to 0. we also saw enough of an increase in our usable bandwidth to keep us from having to replace our connection with something much bigger, and vastly more expensive.

and i have yet to see a false positive.

so for those of you who think that off-site filtering services are too expensive and are convinced you are some kind of fracking ubermensch for using on-site filtering, make sure you're truly adding up all the costs before patting yourself on the back.

peace out.

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home