In the fight against spam, vendors and customers must join forces
- By Doug Beizer
- Apr 16, 2008
Receiving one or two pieces of spam e-mail a
day used to be typical for municipal employees
in Fresno, Calif. Then, a little
more than a year ago, that
number began to rise.
First, it hit about 10 a day. Then it quickly
rose to as many as 20 or 30 unwanted
e-mail messages every day.
For Fresno, the increase in spam was
potentially hurting employee productivity,
besides exposing the city to security threats,
such as phishing attempts, said Raj Nagra,
the city's senior network systems specialist.
The city's homegrown spam protection
solution that had worked for years was finally
starting to lose the fight against unwanted
e-mail. Rather than try to fix the old system
or build a new one, city officials decided to
buy a spam protection appliance to stop
junk e-mail, Nagra said.
"It could have taken a few weeks to fix the
existing system, and we didn't want to wait,"
Nagra said. "And we couldn't guarantee fixing
would stop all the spam. To get a guarantee,
we had to spend the money and buy a
After looking at several products and trying
blocked spam ?
city officials selected
a security gateway
Proofpoint Inc., of
daily digests of blocked e-mail
and Web interfaces, were the
determining factors between the two products.
"When it came down to it, it was some of
the smaller features that won us over
because the main features everybody had,"
Nagra said.APPLIANCE AVAILABLE
Fresno chose the Proofpoint Messaging
Security Gateway, which is typically how customers
use the product, said Andrés Kohn,
Proofpoint's vice president of product management.
The gateway is also available as a virtual
appliance running on VMware or as a hosted
version that runs in Proofpoint's data centers.
The appliance sits at the perimeter of an
organization's infrastructure, typically within
the first line of the network. It scans all
inbound and outbound e-mail messages and
applies the appropriate policies that decide
what gets through and what doesn't.
"So, for the city of Fresno, we're looking at
all the inbound e-mail, detecting spam messages
and blocking them from coming in,"
Kohn said. The system also scans for viruses.
One of the biggest challenges organizations
face is a tremendous increase in the volume of
spam messages, along with a rise in viruses
and malware. The sheer volume makes it difficult
for some anti-spam systems installed three
or more years ago to keep up with the demand.
"With the city of Fresno, since the beginning
of the year until now, they've seen their e-mail
volume more than double," Kohn said. "What
that obviously means is if you bought a solution
that was barely keeping up with demand
when you first bought it, by now, it would be
half the power they need."
Kohn has seen organizations that received
10,000 e-mails a day three years ago now
receive about 100,000 a day. That makes it important to find a system that can scale to
meet an ever-growing demand.
Fresno's initial use of a homegrown system
is typical, especially in the government, Kohn
said. However, it is difficult to continually
update in-house systems to keep pace with
increasingly sophisticated spammers.
"It takes a lot of time and effort to keep
these filters up-to-date; you might even need
programming skills," he said. "Even older-generation
solutions need to be constantly
tweaked, which takes a lot of
Proofpoint's appliances and
some of its competitors' offerings also help
agencies comply with privacy regulations by
scanning outbound e-mail messages. The same
infrastructure can detect such information as
private health care and credit card data.
One of the city's biggest concerns was
whether a system might block too much
e-mail. City council members, for example,
depend on the municipal e-mail system to
interact with citizens. Blocking legitimate
messages hasn't happened yet, and a digest of
blocked messages is available to employees
who want to monitor the traffic.
"Some users would like more blocked and
other people, just to be safe, want to let more
in," Nagra said. "It's just that tightrope you
have to walk."
Proofpoint's update service
automatically maintains spam
protection. It also has individually
controllable spam and
adult content scores that
allow the organization to
enforce policies against
Proofpoint's multilingual spam
detection offers protection against
spam in any language, including
such as Japanese and
For systems integrators working
with government agencies in
circumstances similar to Fresno's,
Nagra recommends approaching
only those vendors willing to provide
The best way to evaluate the products'
effectiveness is to run them side
by side in a real environment,
he said.Doug Beizer (firstname.lastname@example.org)
is a staff writer at Washington Technology.