Pete Kretche, network systems administrator at the University of Wisconsin-Green Bay, decided to fight spam with a software-only tool that integrates directly with his mail servers.
The university is a Microsoft Corp. Exchange shop, and Kretche chose an anti-spam tool that works only with Exchange: iHateSpam, from Sunbelt Software Inc. Kretche oversees about 12,000 e-mail boxes for university, faculty, staff and students. In October, UW-Green Bay received 5.4 million e-mail messages, 76 percent of which iHateSpam quarantined.
iHateSpams tight integration with Exchange provides distinct advantages, according to Kretche. For example, the anti-spam software automatically imports Exchange e-mail accounts and creates new e-mail folders for quarantined mail.
Kretche said it took only about 20 minutes to install iHateSpam on each Exchange server. He said that he spent many hours administering the product during its first two weeks of operation but that the time commitment dropped dramatically after that. In fact, like the other administrators eWEEK Labs interviewed for this evaluation update, Kretche had to refresh his memory about how to generate reports because its been so long since hes had to do so.
There is at least one drawback to using a server-based anti-spam system, according to Kretche. All e-mail must hit the e-mail server to be processed against the anti-spam filter, thus creating a measurable drain on system resources. Kretche suggested that administrators using or considering a server-based anti-spam product ensure that their e-mail servers are configured with at least the suggested—not minimum—memory and processor requirements.
Because iHateSpam relies on filters along with user behavior to learn whats spam and what is not, it is among the most user-intensive of the products covered in this report. Kretche said he doesnt see this as a drawback because users are often best at determining the appropriate disposition of questionable e-mail. As users drag e-mail to the block list or the allow list, iHateSpam learns for each user what should be quarantined as well as what should be allowed, without the need for Kretche to write extensive rules.
On the rare occasions when Kretche has had to create a rule—such as when a bad “Rolex watch” spam outbreak occurred—it took only seconds to do so, he said.
One thing to look for in an anti-spam system is the ability to set the filters level of aggressiveness. All 12,000 university users were subscribed to the standard level of filtering by default, but Kretche posted online instructions about how to change the level. To date, only 30 users have done so.
Good support is another thing that distinguishes the anti-spam wheat from the chaff, and Kretche has been pleased with the support offered by Sunbelt.
When an update to the iHateSpam engine earlier this year caused severe performance problems at the university, UW-Green Bay received the support it needed to correct the problem. Product engineers worked with UW-Green Bay IT staff to make changes and get the system running at full speed.
“There was no playing the blame game or finger-pointing like you get with some companies,” said Kretche. “I worked with [Sunbelt] developers in one weekend, and they had it resolved. They do what it takes to get the product working.”
This mirrors the experiences of the other IT managers interviewed by eWEEK Labs for this special report.
Carroll Colleges John Arechavala reported a solid level of support from Solinus Inc.s MailFoundry appliance, and Robin Jarlsberg, of the School District of Cambridge, in Cambridge, Wis., said she has immediately gotten help from FrontBridge Technologies Inc. any time she has had a question about the vendors TrueProtect anti-spam service.
Indeed, because of the fast- and ever-changing nature of spam, good technical support and timely updates are especially critical for anti-spam products and services. IT managers should put service and support near the top of their anti-spam evaluation checklists.
Technical Director Cameron Sturdevant can be reached at [email protected].
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.