Ok, here’s a typical scenario:
a) Employee at remote bldg connecting to network via vpn over a wireless broadband connection (translation: slow connection) tries to check email. Employee finds out he has 100+ new messages, 95% of which is spam. Boss follows-up important email to employee, which employee is painfully waiting to download.
b) Employee receives 100 new messages (95% of which is spam), opens an email attachment from someone he knows, and unwillingly unleashes an annoying worm in the network (W32/Dumaru).
I don’t have an email spam filter. I have ISA Server 2000 and Exchange Server 2000.
I am thinking of cutting everyone off (except managers) from sending and receiving email messages to and from the Internet,ie restricting email to internal use only. I will be creating delegated email addresses for official use of departments (ex marketing@emailaddress.com) that can communicate outside.
I am expecting violent reactions to this move. However, my question is, is there a better alternative other than spend for a good email spam filter?