How to Stop Spam (and Viruses) at the Door

Spam is like an uninvited houseguest with a runny nose. Both take time away from what you'd rather be doing and can bring viruses into your domain.

Spam is a problem for everyone. According to the Cisco 2008 Annual Security Report, spam—or unsolicited bulk email—accounts for roughly 90 percent of email sent, or nearly 200 billion messages each day. Spam wastes employees' time. And when it carries viruses or links to phishing websites, spam can take down your network and result in stolen passwords and information theft.

Fortunately, you can now find cost-effective firewall appliances that stop spam, viruses, and phishing at the door, without blocking legitimate email in the process. Or you could try to stop spam with an antispam service.

At Your Service?

If you subscribe to one of the stop-spam services offered by an Internet service provider, beware their limits:

  • ISP services typically have a poor "catch rate" for spam because image- and PDF-based spam slips through the filters.
  • The ISP cannot determine whether a to: email address is legitimate before forwarding email. This lets spammers execute directory-harvest attacks, which involve sending thousands of emails to guessed addresses.
  • They don't protect against misdirected bounce-back messages (return-to-sender receipts), which clog inboxes when a spammer uses an employee's email address to send spam, some of it to nonexistent addresses.

Specialized antispam filtering services are more effective but have other drawbacks. Miocon Networks, a Cisco Premier Certified Partner with five employees, saw spam practically disappear when it subscribed to a specialized service. "However, it was expensive, and we didn't like the idea of diverting our confidential email to a third party," says Michael O'Coners, president.

Beware Overzealous Blocking

Spam filtering appliances overcome these problems, but they vary widely in effectiveness and management requirements. Lunar Design, a 50-person firm that designs consumer products and medical devices, used to have a spam firewall that regularly blocked legitimate email as well as spam. "Employees didn't appreciate it when emails from their new clients were mistakenly marked as spam," says Dick Taylor, the company's systems administrator.

"Our marketing people finally requested that I whitelist all of their senders because they didn't want to risk missing a new customer opportunity," he says. Taylor spent hours "training" the firewall to recognize spam before he deployed it, and afterward had to devote three to five hours weekly to keeping blacklists, whitelists, and filtering rules up to date.

Hire Your Own Bouncer

Both Lunar Design and Miocon found a cost-effective way to stop spam with an appliance specifically designed and priced for small businesses. When you evaluate solutions for your business, consider these criteria:

  • Accuracy: Look at the spam "catch rate" as well as false positives. As an example, Cisco Spam & Virus Blocker, the solution chose by Lunar Design and Miocon, is delivering a 99 percent catch rate and less than one in one million false positives.
  • Continuous automatic updates: Spammers continually change their methods. To ensure you're protected against the newest email threats, choose a solution that constantly, rather than periodically, updates its database. Cisco Spam & Virus Blocker, for example, connects continuously to Cisco SenderBase®, a threat database that is moni¬tored 24 hours a day by a dedicated team of security analysts.
  • Ease of installation: Taylor and O'Coners both had their solution up and running in about 15 minutes, deploying it directly behind the network firewall. O'Coners, who also uses the appliance to scan outgoing email (to be sure that the company's domain is not used to send spam), spent another few minutes pointing the email server to it. "Then we just plugged it in and let it run," he says.
  • Ease of management: Administrative time requirements vary widely. Taylor, who once spent three to five hours a week managing his spam firewall, now logs in for a few minutes a week, "more out of curiosity than anything else," he says. O'Coners periodically runs a standard report that shows blocked email by domain, saving him the time he would otherwise spend looking through the blocked email folder.

Liberate Yourself: Say No to Unwanted Email

"Our employees did not suffer spam in silence," says Taylor. "Now, with effective spam and virus blocking, everyone is happy, and my time is freed up for more interesting activities."

Next Steps

Let Us Help

Find a Local Reseller



Tips to Success

Visit the Cisco Small Business blog to learn about tips for your products, industry-wide information, and how to get the best out of your technology from Cisco and industry experts.

Cisco Small Business Blog