Spam Blocking Experts: False Positives "Inevitable"
It's impossible to block spam without inadvertently catching some legitimate e-mail, experts agreed, but the problem can be contained.
It's impossible to block spam without inadvertently catching some legitimate e-mail, experts agreed, but the problem can be contained.
Inadvertently blocking legitimate email is inevitable with spam filtering, and blocking spam is like shopping for cantaloupes. These are just two of the conclusions reached by a panel of industry experts this week.
The executives from NetIQ, Postini and Sophos spoke in a teleconference sponsored by technology research firm the Radicati Group.
The costs of such blocking are predicted to soar to $419 million in 2008 from $230 million in 2003, according to a study by Jupiter Research, a division of this publication’s parent company.
“I don’t think we’re ever going to reach the nirvana of stopping 100 percent of spam with no false positives,” said Andrew Lochart, director of product marketing with spam blocking service Postini. But, the panelists agreed, it’s possible to minimize the problem.
“One of our customers, the Hillman Company, is able to catch 99 percent of spam with less than one false positive for every 10,000 messages,” claimed Clarence Morey, product marketing manager with NetIQ, a systems and security management company.
Generally, though, the consensus was that as the number of false positives goes down, the amount of spam goes up.
The vendors suggested a two-step approach to avoiding false positives, bouncing the most egregious spam and quarantining messages falling into a gray area by placing them in a folder for the user to examine and pass judgment on.
“It’s like picking up fruit in the grocery,” said Morey. “You can spot the rotten stuff, the pornography right away, and dump it. It’s the questionable stuff you examine further, you squeeze it or sniff it before you put it in the cart.”
There are a number of tricks to catching spam while minimizing false positives, the vendors said.
One example: filters for a medically oriented company might be configured so that the word “breast” would not blocked when followed by “cancer research.” Panelists agreed that a sense of such nuances is critically important.
Another suggestion: “Find a system that allows end users to build and manage their own whitelists,” said Jesse Dougherty, director of development with Sophos, an anti-virus, anti-spam software firm.
The panelists seemed less than enthusiastic about economic approaches to fighting spam, such as email “postage” fees, with Dougherty expressing reservations because of the cost of the necessary infrastructure and Lochart commenting, “It’s not enough to set up toll booths. These spammers are flying stealth jets.”
Morey saw things a bit differently: “It’s a multidimensional problem and requires multidimensional solutions – a blend of education, technology and legislation. There’s no miracle solution.”