[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [ASRG] 0 - General, Reliability of Transport

To: "Chris Lewis" <clewis at nortelnetworks.com>
Subject: RE: [ASRG] 0 - General, Reliability of Transport
From: "Chris" <asrg at rebel.com.au>
Date: Thu, 27 May 2004 13:57:34 +0930
Cc: asrg at ietf.org
Importance: Normal
In-reply-to: <40B55E93.5010406@americasm01.nt.com>
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
Sender: asrg-bounces at ietf.org

>
> To filter/not filter is more than a simple yes/no question.
>

WHY is it people misconstrue my words to say I said the above. I did not
saying anything closely resembling the above.
I said! "filter, but not at the expense of missing important emails". How
does that become "turn off the filters"?



As the maintainer you would, I imagine, have a constant tussle between what
gets through and what doesn't.

Imagine the CEO NOT receiving an important email because the idiot who wrote
it included some common spammy terms and a filter tripped that shouldn't
have.

Imagine the loss of that ONE email resulted in the CEO not receiving timely
information and therefore was left embarrased or worse it cost the company a
substantial sum of money.

So you must be very diligent, mustn't you.

Now say the ASRG comes up with a filtering system that takes that control
away from you (further clarification below). and because of that, the above
scenario becomes a reality.

Is your job safe?.

What of the CEO. what of the person who sent it. They may not even be a
member of your organisation. Where does the blade fall?

I would suggest it falls on you for implementing a system that is not up to
the task.

Would you put forward a system to your bosses that you felt may let your
company down? (see "business choice" thread)

My argument is and will always be KILL OFF all obvious spam but let the end
user decide what happens to the doubtful mail.

That way you don't need to worry about the mellissa's getting through and
can concentrate on ensuring the mail that must get through does in fact get
through.

Please note. You as the mail administrator for the company are the "end
user", by being responsible for what gets through to the actual end user.

Chris

**clarification (because it seems I must)**

I said
"Now say the ASRG comes up with a filtering system that takes that control
away from you."

The control may be taken away from you because a remote administrator
implements the "filtering system". Therefore mail destined for you, that
passes through that remote MTA is under their control not yours. even though
the mail is intended for you.


P.S. your mail only got through because I manually filtered. the "to"
address was left blank a common enough spam trigger.


>
>
> > spend some time on webmaster forums and discuss the use of filters with
> > them. you will find many (the ones that care about customer service)
> > disable
> > them for this reason.
>
> Perhaps you don't know...
>
> I run the inbound spam/virus filters for a corporation with 60,000
> employees that has revenues in the billions. The Internet is our
> business, and some of those emails can be worth an enormous amount when
> you consider some of our contracts are worth 100's of millions.
>
> The consequences of not filtering, however, can be quite costly too.
> $100-200K/day of lost productivity alone, having to double internal
> infrastructure, leaving us wide open to viruses, etc.
>
> Indeed, _not_ filtering leaves us at risk of being sued under workplace
> harrassment legislation, and has severe employee satisfaction impact. Or
> having our entire email infrastructure crashing down around our heads.[*]
>
> Were we nervous about filtering? You betcha.  It took over a year to
> production deploy filters because of all of the compensating controls we
> implemented - every filtered email results in an inline rejection (so
> legitimate senders know they've been blocked and how to get it fixed,
> but forged senders don't get hit), quarantine/recipient notification.  A
> well developed false-positive handling system.
>
> To filter/not filter is more than a simple yes/no question.  It's what
> you wrap around it that makes the difference.
>
> > But when it comes to the decision makers you will find that the
> attitude is
> > different.
>
> The decision makers here are the most strident in insisting that
> we filter.
>
> [*] Melissa hit three months before we were scheduled to deploy
> filtering.  Melissa came close to taking us down, averted at the last
> minute by a frantic over-the-weekend deployment of the filters 3 months
> early. The filters have saved our butts many times since.
>
> _______________________________________________
> Asrg mailing list
> Asrg at ietf.org
> https://www1.ietf.org/mailman/listinfo/asrg


_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [ASRG] 0 - General, Reliability of Transport
  - From: der Mouse
- Re: [ASRG] 0 - General, Reliability of Transport
  - From: Seth Breidbart
- Re: [ASRG] 0 - General, Reliability of Transport
  - From: Chris Lewis

References:
- Re: [ASRG] 0 - General, Reliability of Transport
  - From: Chris Lewis

Prev by Date: Re: [ASRG] 0 - General, Reliability of Transport
Next by Date: Re: [ASRG] 0 - General, Reliability of Transport
Previous by thread: Re: [ASRG] 0 - General, Reliability of Transport
Next by thread: Re: [ASRG] 0 - General, Reliability of Transport
Index(es):
- Date
- Thread