Spam is a curse that just keeps getting worse. Figures from independent studies suggest over 80% of global email traffic is spam [Cisco]. You might not be able to hunt down the spammers and mete out well deserved punishment but you can take steps to reduce the amount of time wasted manually checking and discarding this electronic junk mail.
You know what it is, you know what it does, you get so many spam emails you regularly trash real messages by accident and you're probably paranoid about getting viruses (it's not paranoia, they really are out to get you).
What you can do about it is to make sure that your organisation uses a combination of client and server based protection, such as:
- Server based anti-spam Running on your email gateway, antispam software examines the content of an email message against a ruleset and if it looks sufficiently spammy, the message is either labelled or rejected immediately.
- Server based anti-virus Also running on you email gateway, antivirus software examines email attachments for known viruses and rejects infected messages.
- Client junk mail filters Usually a function of your email client, junk mail filters will automatically file as 'junk' or delete messages that look like spam. Client junk mail filters operate in the same basic way as server based filters but are generally less configurable.
- Client virus scanners Software running on the client computer that scans email messages and other files for viruses and prevents them from being executed.
If I have virus scanning on my server why do I need it on my clients as well?
Because email is not the only infection vector available to viruses. Any program that can be executed on the computer may contain a virus. These programs might come from CDs, diskettes, USB drives or other network devices.
Having client based virus checking will prevent other infected programs from damaging or propagating to other users.
So if I have to have virus checking on the clients why do I have it on the server as well?
Partly through paranoia – a multi-layered defensive strategy improves your chances of detecting new viruses, and partly as a way to ensure that at least on level of scanning is done on all emails.
Email scanning is important for both incoming and outgoing emails. Because client virus scanners can sometimes be disabled without the user's knowledge (many viruses attempt to do this), you may inadvertently generate infected emails. Having a server-based virus scanner provides a guaranteed level of scanning for all messages and protects your own infrastructure as well your clients.
Mail Gateway
A mail gateway provides a single point of control for all email entering or leaving a corporate network.
A mail gateway is not a substitute for a firewall, nor should it support live data. In a small to medium sized installation, the mail gateway may also support other services such as a proxy server or web server.
Are you part of the problem?
Misconfigured mail servers ('open relay' servers) can be used by spammers to send emails. Not only does this contribute to the problem of spam, it may also get your server black-listed which can prevent any emails you send from being accepted.
Having an open relay server will also generate substantial additional internet traffic, for which you may have to pay, and which will interfere with your legitimate internet use.