Just Can the Spam

False-positives are no reason to keep junk mail.

Just dump it. its OK. After spending three days living and breathing anti-spam product demonstrations and implementations in Madison, Wis., Ive come to that conclusion. Dumping spam is not only OK to do; its the only thing to do. Having spent a significant amount of time with some of the top vendors in the crowded anti-spam market, its clear that the false-positive rate is so low that theres just no reason not to send spam to the big bit bucket in the sky. (A false positive is an e-mail message wrongly flagged as spam.) However, what IT managers should know is that to get low false-positive rates, users are going to have to live with at least 5 to 8 percent of spam finding its way into corporate e-mail boxes.

I define spam as unsolicited, bulk, commercial e-mail. I never want to see it. Ever.

However, some end users and e-mail administrators dont trust anti-spam tools to do the right thing: to catch only spam, not that e-mail awarding a $10 million contract.

Its important for e-mail administrators to balance their desire not to be blamed for trashing important e-mail against the possibility that the e-mail system may become so cluttered that it can no longer be used to conduct business.

During testimony July 9 before the House Energy and Commerce subcommittee on Commerce, Trade, and Consumer Protection, Microsoft Associate General Counsel Ira Rubinstein said, "The risk of inaction and the risk of not combating spam will render this vital communications medium so cluttered with interference that it will no longer be seen as a reliable and efficient communications tool."

In this case, Rubinstein was advocating anti-spammer legislation that would, in my opinion, unnecessarily curtail speech on the Internet. I oppose the legislation, but I agree with his larger point: When it comes to spam, something must be done.

Even if a person is unsatisfied with his or her physical endowment, even if someone is considering refinancing a home, even on the off chance an e-mail user has a spare bank account that can accommodate $25 million from a deposed dictators wife, if its bulk, unsolicited, commercial e-mail, corporations never need to see it.

In addition to the outright loss of productivity as employees scour quarantined e-mail for the 1 in 1 million (or even 1 in 100,000) false-positive e-mail message, there are the costs of carrying, processing, storing and retrieving spam e-mail. As the percentage of spam increases, so will the IT costs rise for e-mail administrators who dont put their foot down.

There are legitimate reasons to store spam for short periods of time or to process it in some way. But these reasons have nothing to do with paranoid e-mail users who just know that the spam filter is going to junk that one good message. Running reports on the volume and type of incoming spam and who its going to can help IT managers control e-mail habits that are exposing the organization to spammers.

Information about spam e-mail is also useful to most of the products included in our eVal. Brightmail and CipherTrust use customer-specific spam to help ensure that emerging spam campaigns are stopped in their tracks. Even for these purposes, spam needs to be stored for only a week at the most. Anti-spam tools need to get just part of the e-mail message forwarded to a processing site to identify and understand the spam attack.

As anti-spam service provider FrontBridge Technologies put it, quarantine boxes that let users peruse their blocked junk mail are a workaround for ineffective filtering or a way to build trust in the anti-spam system. FrontBridge, like competitor Postini, provides comprehensive quarantine boxes for the latter reason.

Based on our experience with anti-spam products at eWEEK Labs, I know that quarantine boxes start getting ignored after the first couple of weeks. Lets see, spam is useless, and people ignore quarantine boxes. What more reason do we need to just dump the spam?

Discuss this in the eWEEK forum.

Senior Analyst Cameron Sturdevant can be contacted at cameron_sturdevant@ziffdavis.com.