posted by Spam Links at
12:52 PM
|
0 Comments
If the appliance fails, company is down until a replacement arrives
Does not give any flexibility to the IT administrator
Inability to take decisions and implement immediately
posted by Spam Links at
10:47 AM
|
0 Comments
posted by Spam Links at
7:33 AM
|
0 Comments
Spam now has a sound. This isn't the latest headline in a science magazine - no one has been hitting tinned meat with a spoon and recording the results (as far as we're aware).
Instead, the sound of spam is the latest in a series of types of file that pump-and-dump stock spammers are using to evade spam filters and make their email more attractive.First they used text, then they mangled that with @ signs and strange layouts. Once the spam filters caught up they switched to GIF images, tried various files attached to spam, like PDF documents, and have just caught on to sound files.
One sample identified this morning by GFI, was a heavily distorted 30-second MP3 file. A synthetic female voice was used to promote a particular stock. This voice is distorted to avoid filtering approaches based on the file signature.
Once again, spammers are taking advantage of the fact that the MP3 format is one of the most common in use today, another attempt at social engineering.
GFI Software have uploaded a sample on their website, if you want to listen to it. For further details read GFI's mp3 spam roundup.
posted by Spam Links at
12:00 PM
|
0 Comments
Selecting an antispam solution is a major undertaking even for seasoned IT professionals. How do you make the best choice when hundreds of solutions are on the market? How do you ensure that you get the best value for your investment? And, how do you guarantee that you continue to maximize value throughout the life of the product?
In this article, we examine some of the key factors to consider when selecting an antispam solution. Follow on articles will provide more insight and information to help you make an informed choice.
Hint - It's not AntiSpam!
Surprisingly, antispam capabilities should not be your primary consideration! Certainly everyone wants unsolicited trash removed from their in-basket - but not at the expense of legitimate e-mail.The goal of any e-mail security solution is the accurate, reliable and consistent delivery of legitimate e-mail. Antispam capabilities are secondary!
People usually don't mind the odd bit of spam as long as they can trust a product to always deliver e-mail from established peers. We refer to the predictably correct handling of e-mail from established peers as consistency.
Your customers do business with you because you deliver consistent, predictable value. People who travel often visit familiar restaurant chains because they know what to expect. And, consistency should be the primary criteria in selecting an e-mail security solution.
Surprisingly, most vendors don't publish consistency data. This lack of hard data makes it especially challenging to satisfy yourself that a product is capable of predictably consistent filtering. Unless a vendor provides some guarantee of performance, it is safest to assume that consistency isn't a feature of a product under consideration.
If the vendor doesn't offer consistency metrics (and you are still interested), look for Black & White capabilities. Black lists are lists of unwanted senders while White lists are lists of wanted senders. Black lists are mostly ineffective (as spammers regularly change addresses). White listing may be effective in preventing unwanted rejects but won't help much in stopping spam. This is because White Lists are very easy for spammers to defeat.
Four key metrics should be considered when selecting an antispam solution:
1. ConsistencyA product should learn your e-mail peers and never, ever reject e-mail from them (exception: viruses). Any consistency rating below 100% is not acceptable.
2. Accuracy
The percent of time the antispam solution gets it right. Products that don't offer at least 95% filter accuracy are probably not worth considering.
3. False-positives
The rate at which wanted messages are incorrectly rejected as spam. This value should be as close to zero as possible. Products with false-positive Values above 1% probably don't belong on your short-list.
4. False-negatives. This is the amount of spam that is incorrectly allowed through the filter. This is the least critical metric but still worth investigating.
Because appliances include hardware, you don't need to provision expensive server systems to run your security solution. Appliances should be easy to install, configure and run, and should offer administrative and reporting tools.
Appliances are the only class of antispam protection that removes work from your e-mail server (thus freeing it to handle more users and legitimate e-mail).
Server software products are usually fast and easy to install. They are easy to run and are tightly integrated into your mail server. Server software solutions may even be inexpensive (because you've already bought the hardware and operating system) and can be effective. They are most attractive to smaller deployments where cost and ease of use are key.
The major disadvantage to server software products is that spam and viruses actually make it to your mail server. Your hope is that your e-mail security product will stop them before any damage is done. If your server software product misses a malicious message, your mail server is put at risk.
Another concern is the amount of resources that e-mail server based antispam products steal from your mail server. Mail servers are expensive to buy and license. Any product that forces you to buy more hardware than you need or license more users than you need is costing you $$ well beyond the cost of the software.
Because of the risks and hidden costs of server based e-mail protection, we do not believe this approach is effective for any but the smallest organizations.
Desktop e-mail security is unattractive to business because the labor cost involved with these products usually far exceeds the benefits provided. Even worse, by blocking spam and viruses at the desktop, you are allowing unwanted and malicious traffic to travel through your mail server - putting it at significant risk.
Does your right to use the product expire? If it does, it is likely that you will have no residual value beyond the expiry date. That may force you into another expensive acquisition or a costly renewal agreement.
With software only products, the residual value of the product on the expiry date is most likely $0.00.
Does the product you are considering charge by the user? If it does, you had better find out what the vendor considers a user. E-Mail aliases, generic e-mail accounts, e-mail addresses being forwarded and other items may all count as users to your vendor. If they do, you may be forced to buy many more licenses than you have people in your company.
If you are willing to consider per-user licensing, look to buy blocks of user licenses rather than exact license counts. That way, you can add staff or e-mail addresses without having to take out your check book.
Verify that everything you need is in the base price. Satisfy yourself that you get maintenance, support, updates, and new features (including antivirus protection) before you buy. By not doing your homework up front, a good deal may not look that way after you've had to purchase expensive upgrades and add-ons to get the protection you need.
Because the spammers constantly change their strategies, you need to ensure that the product you select remains effective. The best way to do this is to subscribe to the vendor's support and update services.
Look at the timeliness of updates. Who updates your product (you or the vendor)? If it is you, have you budgeted administrator time for this task?Product accuracy and effectiveness claims are usually derived from tests performed by the vendor or someone the vendor has contracted. As a result, you should treat all vendor claims with a degree of suspicion.
Verify consistency, accuracy and effectiveness claims by checking published reviews. NetworkWorld's December 2004 study of antispam solutions is still the most thorough review conducted. In this study, NetworkWorld reported accuracy scores on some products that were as much as 5% below the vendor's claim.
A great source of information on how a product might perform is a customer who is currently using that product. Look for customers in your industry who have at least one years experience with the product (so that the initial euphoria has had a chance to wear off). Ask them about effectiveness, updates, false-positives, accuracy, server resource consumption, user involvement and administrator overhead. Be wary of products that require a lot of human intervention.
Even this isn't a perfect predictor of what you can expect because spammers can and do target different companies in different ways.
Once you've created your short list of potential vendors, estimate the Total Cost of Ownership for each product. Estimate how much mail and spam your users handle each day. Use the accuracy rating, consistency and false positive rates along with your average salary costs to determine how much time and money you will save by blocking unwanted messages. Then reduce your savings by the cost to purchase, license, deploy, administer and work with each solution. Assign high costs to any false-positive estimates you have (due to the potential impact that a false-positive may have on your business).
The result should be the true cost of ownership and realized benefits of a solution.
__________
Copyright 2006 by Larry Karnis and XPMsoftware.com. All rights reserved. All products are trademarked by their respective owners. Please feel free to contact the author with your questions and comments.
posted by Spam Links at
12:00 PM
|
0 Comments
What do you do when you have too many physical servers to fit in your server room but not enough servers to run all of your workloads? Answer... virtualize.
So say XPM Software, makers of just one of the virtual appliance spam filters becoming available.
If you want the ease of a VM, but still with the raw power of your own hardware, you can run off a pre-done ISO image.
Either way, you save on system administration tasks and can concentrate on getting the spam filter to do what it is meant to do.
posted by Spam Links at
12:00 PM
|
0 Comments
The host for spamlinks.net, spam.abuse.net, and others was
subjected to a distributed denial-of-service (DDoS) attack starting Friday 12th
January 2007. The attack peaked on Sunday 14th and was largely mitigated around 4pm (PST). A low-level attack was still underway as of 17 January 2007 and efforts are continuing to mitigate it.
At least two other spam related websites (worldwidespam.info and spamnation.info - both hosting information about stock spam) were subjected to DDoS attacks at or around the same time.
Labels: ddos, stock spam
posted by Spam Links at
12:00 PM
|
0 Comments
The Spam Links Blog, part of the anti-spam portal, SpamLinks.net, keeps track of interesting new links about spam.
Subscribe to
Posts [Atom]