Aside from the entire cast of Monty Python, I have yet to meet anyone that has any appreciation whatsoever for spam.  If you are one of my network support customers, we have probably had several conversations about it, and I've been telling you the same thing for years: "We do what we can, but it's a losing battle no matter how we attack it.  The best we can do is reduce it's impact as much as possible".

Today (8/9/2007) NPR's Neal Conan hosted a discussion of spam on Talk of the Nation.  The link to the audio is listed below.  There were some interesting facts raised in the conversation, and it has prompted me to talk about it here.  The story is available online if you would like to listen: http://www.npr.org/templates/story/story.php?storyId=12633463 (click on the "Listen" icon under the title of the story).  I highly recommend that you take the time to listen to the show, which is only about 20 minutes in length and is very informative.

I currently have three main spam solutions in use on customers systems.  In order of preference they are:

• DigiTar Sentinel Messaging Service (SMS)
• Microsoft Forefront Security for Exchange (Antigen)
• Symantec Mail Security for Exchange.

It should be noted that each of these products not only filters spam, but also scans and removes virus infected email messages.

Each of these systems have their positive and negative traits.  My personal choice is the DigiTar service, which is a true service and does not require any on-site server resources, which is a huge plus.  It also has the highest accuracy rate of anything I've ever used.

The downside to the DigiTar service is that it carries the highest cost of the three, but is still an excellent value because of it's performance and features.  SMS has a couple of major check marks in "Pro's" column on the comparison sheet with the others, which features that are completely lacking in the others.

First of all, SMS is a zero administration system.  That means there are no worries about ensuring that the latest spam and anti-virus definition updates are applied, and no software updates or upgrades.  That is all handled by the folks at DigiTar, which makes the system itself completely hands off for customers and system administrators.

The second the Portal feature.  Each user in your email system has direct access to his or her own quarantine, white list and black list.  That means that there is no longer any need for a user to contact an administrator to determine wether or not the filter trapped a message they were expecting to receive.  The white and black lists can also be used very effectively basis on the user level to further control the filtering of incoming email.

Concerning accuracy, SMS beats Antigen and Symantec MS hands down.  DigiTar boasts a 99.9% accuracy rate, and not just for positive hits.  They track false positives as well as false negatives to come to the 99.9% figure.

One of my favorite selling points for DigiTar SMS is that not only does it save on server resources (there is no software or services required on the local network), it also saves your Internet bandwidth.  Since all of the processing is done on DigiTar's network, offending email never touches yours, which can drastically reduce the network load on your WAN link.

To be fair, Antigen and Symantec MS for Exchange have a couple of features that, depending on your needs, could be big selling points.  They have the ability to scan outgoing email for specific language or keywords, can be configured to block specific attachment types and filenames, and will add disclaimer text to the bottom of every outgoing email as it leaves the system.  Depending on your corporate policies, these may be "must have" features on your system.

My last word on spam:

No matter what we do, even if we do nothing at all, spam costs us money.  It is negatively impacting our bottom line. That's right,  our bottom line.  As a service provider we spend quite a bit of our monthly time budgets dealing with spam, making it more expensive for us to do business.  Our customers spend money on software and services, and a substantial portion of their labor costs can be attributed to users dealing with spam as well.  If you want to go even further, a small fortune in our federal tax dollars is spent every year in the war against spam, and network carriers have to bolster their systems to handle the added bandwidth, increasing our cost for Internet connections.  We all pay.

What is the solution?  I'd love to hear your ideas, because I am fresh out.  For quite a while I thought legislation was the answer, and while it has proven to have at least some positive effect, enforcement issues and the constantly changing nature of spam itself have kept it from making event a dent in the problem.

Andrew Lockart, senior director of marketing for Postini (a messaging security firm in California) sad that of the 25 billion messages the firm processed in May 2006, 86% were malicious or spam.  Nothing we've done in the last several years, legislation included, has made a difference.

Useless trivia:  SPAM is a trademark of Hormel Foods Corporation.  spam, on the other hand, is not.

If you have any questions concerning spam, or anything mentioned in this article, feel free to contact me.