There isn’t too much to it. These days, spam filtering should be pretty hands-off, and some of the old-school approaches are outdated.
I’ve been selling and deploying Barracuda Spam filter appliances to my customers since 2007, and using their Cloud filtering solution for the past 18 months. It’s all works very well and is transparent to the users. I’m happy with Barracuda’s RBL, which is the core of the product. Inbound/outbound, spooling, LDAP and multiple domains are all supported. The usual content, source/destination switches are in place. Analyzing headers is easy, and the interface of both the appliance and cloud solution is intuitive enough for me to hand over to customers to self-manage. Barracuda Cloud: https://www.barracuda.com/products/emailsecurityservice Barracuda Spam Firewall: https://www.barracuda.com/products/spamfirewall<https://www.barracuda.com/products/spamfirewall?gclid=CIq_8qLXzMECFZM1aQodOXkAKA> The approach to training the spam filter and initial deployment is different these days. I used to spend hours training the filter to discern SPAM from HAM and engage the Bayesian database to influence scoring on the Barracuda appliances. Nowadays, Barracuda recommends that Bayesian filtering be left off. The RBL (BRBL) has gotten that good. False-positives are infrequent. The Barracuda “Intent Analysis” feature handles the phishing and suspicious URL and header scanning. See: http://www.barracudacentral.org, as they leverage their Web filter URL classification data for the spam filters. Right now, the Barracuda appliances are still in the $3k+ range for the Spam firewall. It’s high and the licensing policy and reliance on cheap-ish hardware isn’t worth it. I’ve let most of my appliance’s contracts lapse and moved filtering to the Barracuda cloud solution. This also cuts down on mail bandwidth; a perfect application for a cloud service. My cost has been around $8/user/year, billed in blocks of 100 mailboxes, but I think it’s negotiable. Far less expensive than the appliance if your business is okay with offsite. Retention is 30 days, I believe. I’ve had one short 4-hour outage of the service in the past 1.5 years. I manage mail systems for 35 companies. I probably look at the spam filters 1-2 times per week; usually to whitelist a vendor sending mail from a residential broadband line. It’s interesting to deal with other organizations and their filtering solutions. I’ve learned what NOT to use based on that. Otherwise, my decision process has been based on mindshare, mail volume and ease of use/management. Barracuda deals with a lot of mail. Google deals with a LOT of mail. Microsoft’s servers deal with a ton of mail. I’ve had problems with some firms who are on the Microsoft side. Very few issues delivering to gmail and Google Apps types. Lots of problems with people who rely on bad RBLs or have misconfigured mail servers. -- Edmund White e...@ewwhite.net From: "Edward Ned Harvey (lopser)" <lop...@nedharvey.com<mailto:lop...@nedharvey.com>> Date: Monday, October 27, 2014 at 5:56 AM To: "tech@lists.lopsa.org<mailto:tech@lists.lopsa.org>" <tech@lists.lopsa.org<mailto:tech@lists.lopsa.org>> Subject: Re: [lopsa-tech] How to choose Junk Filter? No response? Surely people here must be using junk filter products? How do you go about choosing what product to deploy? From: tech-boun...@lists.lopsa.org<mailto:tech-boun...@lists.lopsa.org> [mailto:tech-boun...@lists.lopsa.org] On Behalf Of Edward Ned Harvey (lopser) Sent: Friday, October 24, 2014 10:14 PM To: tech@lists.lopsa.org<mailto:tech@lists.lopsa.org> Subject: [lopsa-tech] How to choose Junk Filter? Do you perceive a quality difference between various junk filtering products? Whether you do or don't notice the difference, do you think there's room for improvement? How do you choose what to deploy? I am looking at these guys - http://www.astraid.com/phishingguardian/ Although our existing spam filters are pretty good with MS and Google, I *do* think there's room for improvement, and in particular, these guys are security-centric and claim to be better for preventing Phishing and Social Engineering Attacks. Even if they are better, even if I personally come to believe they are better... How do you go about making your decisions about this sort of thing?
_______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
