Wrapping up the messaging and spam tour

That’s it – the four-city Network World Messaging and Spam Tour is over. If you were one of the attendees, thanks for coming. If you weren’t, well, you missed some great events.

One thing we do at these events is award a stupendous, fantastic prize for the best question put to the panel, and on this tour we got some great questions!

Looking back, it is interesting to identify the queries that were asked most often. Three questions were more common than any others.

The first was how to educate users about spam.We explored this topic extensively both publicly and in private conversations afterward, and it is apparent that it isn’t a simple issue.

The main difficulty seems to be how much interest your users have in the spam problem and how good their computer skills are. Most users are too busy to worry about how to drive the spam-filtering system.

You might argue that they should be interested, but unless you have a remarkable level of political power in your organization, you can only lead the horse to water. These people need to have minimal spam training.

For staff interested and capable, you can train them to whatever level is most useful for IT to get the greatest benefit from the anti-spam solution.

So what do you tell your users at a minimum? The basic need is for them to understand the scale of the problem, the parts of your acceptable use policy that apply to spam, and how to avoid compounding the problem (such as don’t open attachments if you don’t know what the attachment is for or its format). In other words, enough to be informed but not too much to lose interest.

The second top question concerned spam filtering: How do you filter out spam but minimize false positives?

The answer is, it requires management. Messages from known important senders must be added to your whitelist. Messages from unknown senders (such as potential clients) need to be managed in quarantine.

There is no silver bullet that fixes this issue because spam is an evolving problem.

Our third top question was how to get the resources to attack the problem. In many companies this is a political problem and requires that you approach the keepers of the corporate purse with a well-argued and financially sound solution.

I recommend starting this project with a review of how your messaging systems are put together and how they are performing. If you check out the latest interactive version of my spam cost calculator you’ll see that there are a score of parameters you can use to build your case.

In the model (you also can download the underlying spreadsheet from the same location) you can tweak the parameters and explore the impact of unfiltered and filtered environments on the costs of connectivity, storage, support and productivity.

Once you know where your costs lie and the cost savings of spam filtering, you have a viable argument to take to the powers that be for funding. The spam problem is going to dominate Internet e-mail to within a few points of 100% in, at best, the next couple of years. This means you need a strategy.

Start with evaluating and modeling, identify a solution to address the problem, sell that solution internally with a persuasive financial argument, implement and train users, and then keep reviewing and improving your solution.

Spammers are not passive – they are constantly researching how to get around the spam-filtering systems, so you need to keep refining and adapting your approach.

One thing is certain from our discussions at these events – it is highly unlikely the spam problem will be solved in the near future, so the only practical approach is to focus on defending your organization. Now is the time to start.

Thanks to all who attended the tour and to our sponsors. Now tell me your plans at backspin@gibbs.com.