Technology Leadership, your competitive edge

Going beyond IT management. We create IT strategies that drive your business forward. Contact us to talk about how we can help you.

The importance of off-site spam filtering

Nobody needs me to talk about what kind of a nuisance spam (and siblings) are for most companies.  The impact really has become so expensive (in terms of support costs) that it’s down-right scary.

For a long time, I’ve been recommending various on-site services, ranging from using free products like SpamBayes (which rocks – I use it myself), to several server-based products (Sunbelt Messaging Ninja is fantastic for Exchange Server).  Today I’m going to talk about the benefits of using an off-site provider.

The Basics
Off-site spam filter and anti-virus providers take your inbound e-mail and get rid of the crap before it ever hits your server.   Usually they’ll use multiple different spam/anti-virus engines to ensure they clear away as much of the crap as possible.  Some even  monitor your outbound e-mail and clean spam from there (in case a computer becomes a spam-bot).

The Benefits
Well,  not getting spam is always a huge benefit. Most providers do a great job of significantly reducing spam and virtually eliminating e-mail based viruses.

Configuration on these services is generally very easy – simply point your MX record at their service and them at your mail server.  Some services have you setup user accounts (and subsequent e-mail aliases), but the majority don’t need that anymore.

Off-site filtering services provide many upsides (over on-site filters).

First, they increase the security of your server.  Not just by reducing the amount of spam and viruses that hit it, but by almost completely reducing the chance of having your server be an open relay.  This is especially important for companies using Exchange Server, since it invariably seems to be hijacked in its default configuration. Since all your company’s e-mail will be directed first to the spam filtering service, you can then tell your server to only accept inbound e-mail from the service.

Off-site filters remove all of the filtering load from YOUR server.  One of our clients averages around 95% spam, for over 1000 spam a day (they only have 30 staff).  The filtering load on the server isn’t massive, but it’s definitely there.

It will also reduced the load on your Internet connection.  I’ve had a couple clients experience “overage” charges on their Internet connection which can be directly tied to the level of spam they were receiving.   More bandwidth for downloading music, YAY!

One side benefit that most people don’t think of is that the off-site service provides some amount of e-mail continuity, should something terrible happen to your server or Internet connectivity.  This is a hidden gem of a benefit.  If your server goes down, if the power goes out, your Internet connection drops, or you move offices (all of these have happened to some of our clients in the past 2 months) it doesn’t matter at all.  We won’t even talk about an acutal disaster scenario.  While your server is unavailable, mail is simply queued by your provider.

I can see people already saying “but e-mail is automatically queued and will retry”.  Completely correct.  It will retry several times in the first 24 hours, but at the 24-hour mark, it usually sends back a “message is delayed” email to the sender.  That doesn’t look too professional, does it?   After 48 hours, it’s returned to the sender and not retried.

By queuing up at the provider (most provide at least 5 days of queuing), you don’t have to worry about what people may see.  Your server is always up and it’s business as usual.

The Downside
So far I’ve evaluated a few different services.  I’ve had mixed thoughts about some of them.

Cost.  This is always the big one.  The cost of such services has reduced dramatically over the years (I remember paying $250/month for spam and virus filtering years ago).  The cheapest I’ve found service for is about $2/user/month, with a required 1 year contract.

Many of the server-based spam filtering products come in around $1.50 (or less) per user over the same time-frame.  Granted, this gets somewhat mitigated by management costs, server resources and the like.

Generally spam detection rate is good, but not as good as some of the on-site levels.  This may be because of the configuration or an attempt to minimize false-positives.  Sunbelt Messaging Ninja (my on-site favorite) kicks pretty good ass for catching spam, thanks to it’s very configurable spam detection settings.

The “Quarantine” process is a major downfall for users.  Questionable messages are stored in a quarantine for users to verify.  They do this through a webmail-like interface.  Unfortunately, I should say they “supposedly do this”.  Most of the time, they don’t actually ever check there.  I would get e-mails every couple days from one of my old clients (a law firm) asking me to check individual users’ quarantines for messages or complaining that messages never arrived.

Many server-based products actually tie right into Outlook’s Junk Mail folder (or a derivative of it), making quarantine management a snap and REALLY empowering the users.

I’m currently re-evaluating services and will be implementing off-site spam filtering for several of my clients, so expect more thoughts to come.

Leave a Reply