General discussion

Locked

To Monitor or Not to Monitor

By tech_know ·
My company battles spam on a daily basis. We have a spam filter already bought & paid for that we can implement at the enterprise level HOWEVER we are not allowed to implement it. The way management wants to work with this issue is to have each user construct rules in their mail client to move the mail to another folder & then delete the contents of that folder. Their reasoning is that until someone from another department is willing to monitor the filtered mail at the enterprise level we don't want to take up the IT staff time to do it. My thought is that it does not need to be monitored on a daily basis. The filtered mail could be kept for some length of time and mail could be released upon request should it be filtered as a false spam positive. How are other companies dealing with the filtered mail? Is it being monitored by someone on daily basis or not monitored at all? In reality, we are taking up more time teaching people how to set up rules than it would be if we were monitoring it...

Thoughts please....

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by likertj In reply to To Monitor or Not to Moni ...

Many spam filtering technologies can retain some type of information from each email and/or relocate that message to a folder or mailbox.

From a security standpoint, it may not be necessary to monitor what spam is removed. If a user is noticing messages getting deleted that aren't spam, they should notify IT and you can update the filter at that time.

Collapse -

Monitor

by TheChas In reply to To Monitor or Not to Moni ...

At least at the start, any spam filter needs to be monitored on a daily if not hourly basis.

Why?
You don't want to be responsible for a business critical email being delayed.

Until you have qualified that the spam filter is NOT grabbing any business critical messages, you will need to monitor it several times a day. If not every hour.

With user rules, the individual user and not the IT department is responsible should a business critical message not be looked at in a timely manner.

The BEST defense against spam is user education.
Users should ONLY give out their email address for business related functions.

Signing up for newsletters and free software is the easiest way to get on the spammers mailing lists.

Chas

Collapse -

Newsletters and Software

by Oldefar In reply to Monitor

The traffic from newletters can also be significantly reduced by getting a corporate subscription and posting this on an internal Web site.

To deal with downloaded software, a procedure can resolve both the spamming aspects and the security risks. Have a procedure where users can easily request a download from IT. IT can handle this and have a specific email address to use (no messages expected, simply a corporate address for enterring in download forms). Downloads can be checked for viruses, trojans, and spyware before being made available to the user. This works when IT sees its role as support rather than control. The requests should not require justification. The users' management should receive notification of the requests and if they have an issue with it, they should deal with it rather than IT. After all, that is part of their job as managers.

Regarding spam in general, by putting the filter at the user machine the cost of spam on bandwidth and server load remains. The time cost for filtering is multiplied by the user count. Moving this as close to the source as practical is the cost effective approach.

Collapse -

Corvigo MailGate is a strong option

by Cactus Pete In reply to To Monitor or Not to Moni ...

This software/apliance puts the power in the users' hands, but gives you good general administration over the system. You can retain messages for a period of time, or have them expire within a certain range, too...

www.corvigo.com

I don't work for them - I bought the product.

Collapse -

I say not to monitor

by Aldanatech In reply to To Monitor or Not to Moni ...

Noting personal, but management doesn't always know technology well or how to approach it. In this case, there is no need for ANYONE to monitor spam because it is a waste of time and resources. After all, spamming is just unsolicited marketing e-mail from anyone to try to make you buy anything. Besides, true spammers either ignore your request to be removed from their list, or they don't provide you with the option at all. I say implement the spam filter and save yourself a nerve or two. You already paid for it. Might as well use it.

Back to Security Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums