Circling the Wagons - Page 2

May 26, 2004

Ray Everett-Church

The most basic approach is a multi-tiered, anti-spam architecture. Imagine an organization's email infrastructure as having three layers or zones.

The innermost zone, which we will call the 'mailbox zone', is where end users interact with their mailboxes. Just beyond this layer lies the 'server zone'; the home of an organization's email servers. At the perimeter is the 'network Zone'; the land of routers, bridges and switches handling all of the network's packet traffic, including the data packets that comprise your email.

An effective multi-tiered defense strategy includes defenders in two, or possibly all three zones.

In the mailbox zone, the focus of defense is on keeping spam out of an individual's inbox. Filtering products are used as an individual means of defense. While these tools can be highly personalized and individually effective, they offer no organization-wide protection and provide scant defense from the economic consequences of the spam assault. They are also inefficient for the growing population of mobile, wireless users.

In the server zone, a layer of defense is applied across all mailboxes. These include add-in products such as gateway mail transport agents and specialized filtering appliances that replace, or sit adjacent to multiple email servers. These defenders are generally quite effective and offer organization-wide protection.

More Spam, More Money

However, as the spam assault grows in intensity, more defenders are required to maintain effectiveness, resulting in increased defense budgets.

In both the mailbox and server zones, filtering approaches are the technology of choice due to their high effectiveness. But left alone, these defenders will grow to consume as many resources as the spam itself. These defenses do nothing to short-circuit the fundamental elements of spam: volume and speed. Filters need a front-end to control the volume and speed of mail so the filters can work most effectively.

Thus, it is still necessary to deploy a defense strategy against the aspects of spam that other solutions do not address. By deploying a perimeter device like an anti-spam router in the network zone, enterprises can push the costs associated with combating spam to the outermost edge of the network, where a much smaller investment can return much greater dividends.

CIOs need to take a more proactive approach in dealing with the problem of spam. Filtering is not the end solution and, as costs continue to spiral out of control, CIOs need to develop strategies aimed at controlling costs, while eliminating the problem. A multi-tiered approach can effectively, keep spam entirely off of the network and out of your user's inboxes.

Ray Everett Church brings over 15 years of experience to his role as TurnTide's chief privacy officer (CPO). He is a co-founder and serves as counsel to the Coalition Against Unsolicited Commercial Email (CAUCE), the nation's oldest and largest anti-spam advocacy group. In addition, he has co-authored Internet Privacy for Dummies (2002) and Fighting Spam for Dummies (2004), among other publications. You can contact Ray via email at

Page 2 of 2


0 Comments (click to add your comment)
Comment and Contribute

Your comment has been submitted and is pending approval.



 (click to add your comment)

Comment and Contribute

Your name/nickname

Your email


(Maximum characters: 1200). You have characters left.