Best Practices for Using Hosted Anti-SpamWritten by Casper Manes on May 7, 2013
If you are considering a hosted or cloud-based antispam solution, there are a few things you should consider to make sure you get the most for your money, have the best results you can get, and have the minimum number of issues. Hosted antispam solutions are a great way to save bandwidth while getting very effective results from your content filtering solution, but there are also some key points to consider, and some missteps you can make when setting them up. Here are some best practices for using hosted antispam with your messaging system.
There can be only one
One common misstep I see customers take is by setting up more than one. I guess the reasoning is “more is better” but in this case, it’s not. Whatever anti-spam solution you choose, it should be the only one. That’s not to say you cannot use additional anti-spam measures within your on-premises environment, but you will want to disable anything that looks at source IP addresses since every message filtered by your first hosted antispam service will show as coming from that service. That will make RBL and SPF lookups all fail, since the sending system (the first hosted system) won’t match the domain or SPF records.
Hosted antispam is a great way to go, but don’t put all your eggs in one basket. Make sure your hosted provider has multiple data centers and Internet connections so that a single point of failure doesn’t stop mail flow for your organization.
Don’t create a bypass for spammers
Many companies like to keep their own SMTP gateway listed in DNS and able to receive email in case their hosted antispam solution goes off line. They may set up their SMTP gateway on-premises with a higher MX weight, thinking it will only get mail when the service provider goes down. Unfortunately, spammers are wise to this trick, and will send their junk to those systems specifically to get around the lower weight, more effective screening system. Your fallback method becomes a way to let spammers bypass your hosted service completely.
Have user self-service
Make sure your hosted antispam service offers a user self-service for releasing messages from quarantine or searching for blocked messages, and then make sure your users learn how to check things for themselves. You want your messaging team to spend time on messaging, not spam patrol, so empower your users to help themselves.
When selecting a hosted antispam solution, following the best practices laid out above will help to ensure you get the most effective protection for your investment, and that your users are satisfied with the results.