Balancing Spam Filter Risk ManagementWritten by Carl E. Reid on December 15, 2008
A law firm in Colorado was being overrun with spam. Employees complained to management. The information technology department was given a directive to fix the spam issue. The spam filter was tightened and the spam count dropped dramatically. The side affects of fixing the spam issue ended up costing the law firm quite a bit of money.
It turns out the spam filter held back important e-mails. They contained notices from the U.S. District Court for the District of Colorado. Included was a notice advising company lawyers of a court date for a hearing in a civil lawsuit. The judge overseeing the matter ordered the law firm to pay attorney fees and expenses incurred by the lawyers who showed up representing the other side of the case.
What the spam filter did is referred to as a “false positive”. The spam filter deleted valid emails, because its programmed rules identified good email as bad. Installing spam filters is still the most effective way to thwart daily spam within a company. These filters work to separate the unfriendly emails from the friendly ones. Spam filters allow the valid emails through and file the junk into the trash. This is accomplished by combining various types of technology that updates spam filters continuously. Although the best quality spam filters do provide relief, sifting out about 98% of spam, they are still imperfect.
To create a balance a good approach is to quarantine all mail marked as spam into a spam folder. Email users should have access to suspected spam addressed to them. Although it may appear time consuming, with a quality anti spam filter it will actually save time . The better that spam software is at recognizing real spam, the fewer emails will actually end up in the spam folder.
As spam filters improve, spammers get smarter in developing their spam tools. As a result, spam filters may never be 100% effective. Those spam filters programmed to delete every piece of spam may cost more companies money. At some point the result will be a few important emails will get deleted. On the other side of the coin, spam filters that allow all important email through may also let in some junk mail. Implementing a well configured spam filter and integrating it with the email server will result in reducing the amount of spam email users receive. False positives will also be reduced.