E-Mail Management
Be a Spam Slayer
To combat false positives, make sure you choose a spam solution that gives you a quarantine area for probable spam that users can access to check for legitimate messages. Users can be alerted in the form of an e-mail digest of all blocked spam subject lines or be directed to a Web mailbox. Outsourcers generally maintain quarantine areas on their servers so that companies don't have to tie up their own networks with suspected spam. Giving end users the ability to add addresses to trusted sender lists (often called whitelists) also ensures that legitimate senders won't get blocked.
"We took the approach of putting in very coarse controls at first, then tightening them up, rather than going with the 'big bang' theory and begging forgiveness for weeks," says Gene Fredriksen, vice president of information security at financial services company Raymond James Financial. "It's absolutely a strategy I'd recommend. You have to build trust in your system first." Fredriksen uses Syntegra's managed service to filter spam for the company's 14,000 mailboxes.
It's also smart to test before you buy, particularly if blocking any legitimate e-mails would harm your business. At Fenwick & West, Kesner created shadow e-mail boxes for some of the firm's biggest e-mail users, into which he put duplicates of all of their messages. He then used those shadow boxes to test antispam products. Because some of the language used in the firm's large commercial transactions - buy, sell, price, dollars - tends to show up in spam, he was dismayed to discover false positive rates of 1-to-1,000 and even as high as 1-to-100.
"In our business, every e-mail from clients is really crucial. We can't block a high percentage of legitimate e-mail," Kesner says. "We needed to be below 0.05 percent, which seemed near unattainable with a filter."
After trying out more than 18 antispam products, Kesner decided to go with Postini's antispam service. With Postini, his false positive rate approaches 1-to-10,000, in part because users can put trusted senders on a whitelist, meaning messages from those senders automatically bypass the filters and get delivered.