|University home | A-Z | Accessibility | Contact us | Help|
Daniel, if I have understood your question properly then the answer is a bit of a yes and no:
The yes bit: If a message is likely to be trapped by a SPAM filter then MessageLabs would stop it first and we will be notified.
The no bit: But if you are thinking about a less sophisticated SPAM filter at the destination that is likely to trap more false positives, then the fact that it has passed safely through MessageLabs won't give it any advantage.
Posted by jill shacklock, on 09/15/2010 at 15:08
Does this mean, when implemented, outgoing mail processed by MessageLabs will be less susceptible to false-positives with other filters when they are received as well?
Posted by Daniel Warren, on 09/15/2010 at 00:08
I was worried about the scheme of appending 'This message has been scanned' notices to email breaking public-key cryptography based signatures.
But it looks like MessageLabs are clever enough to NOT append the footers to signed or encrypted messages. Phew, scared me for a moment! I was foreseeing great disruption...
Posted by Eric Kow, on 06/25/2010 at 14:48
The Helpdesk will have full access to messages that have been quarantined by the Message Labs service and will be able to release these in the very unlikely event of a false-positive being blocked.
Message Labs have been chosen after a lengthy investigation of the various services available due to their excellent reputation and their significant experience in this field. We evaluated several products and went through careful testing and discussion before deciding on this service as one of the best.
The main reason for implementing such a service was the username/password phishing emails that were regularly getting through our existing spam filters and being replied to by members of the University. The problem with these email attacks is they compromise a legitimate account and therefore SSL and Secure SMTP are then rendered useless as the attacker is using genuine credentials to abuse our email systems.
We tried user education using logon screens and repeated emails to advise users on password security, but this all failed and users who admitted to seeing the messages regarding password security still sent their passwords to attackers, despite being asked not to.
Also worth noting is that the secure SMTP service is not used by the Exchange email system, which is where the attacks were made, using legitimate user credentials.
Hijacked machines are not the issue, the main issue was users giving out their credentials.
After lengthy discussion and consideration, it was decided that the best method to protect the University from these attacks was to ensure the phishing emails never appeared in users inboxes in the first place, and therefore we needed a service that would provide this level of protection.
Message Labs have over 10 years experience in the field of message filtering and spam detection and have several layers of protection in place. Their false-positive rate is reckoned to be 1 in 330,000 which is one of the best in the business. We also have access to be able to white-list domains and even individual addresses if needed.
I hope this puts your mind at rest that we have carefully considered this service and the implications and that we have multiple means at our disposal to ensure legitimate email is delivered, but spam and viruses are blocked.
If you have any further questions or comments, please email me.
Posted by Adam Collett, on 06/22/2010 at 09:16
Will we have any means to a) look through junked mail and b) even more vitally, be consistently informed if outgoing mail has been junked? A single false positive in such a system could be a disaster. I speak from experience having lost a project this year that would have netted a 6 figure sum, directly as a result of outgoing mail filtering.
On a system that already uses authentication and ssl for smtp this seems like overkill. In the event of a hijacked machine sending spam it would be far better and more effective to block that machine altogether and contact the owner immediately than risk the blocking of vital legitimate emails on a per message basis.
Posted by Jon Dron, on 06/19/2010 at 00:21
Posted by Jill Shacklock, on 06/18/2010 at 14:37
> … mail coming in to the university from the internet
Will the AntiSpam Filter Service apply to outgoing messages, from the University?
Or will it be limited to incoming messages?
> … tens of thousands of messages
Posted by Graham Perrin, on 06/18/2010 at 13:07
You are not authorized to leave comments - please login.
Comments? Questions? Compliments? Complaints? Email us at firstname.lastname@example.org