you're reading...

Email Security and Anti-Spam Solutions: 10 Things to Consider During Evaluation – Part Two

In our last blog post we reviewed the first five things you should consider when comparing and considering an email security and anti-spam solution. An email security and anti‐spam solution is a critical ingredient for protecting both your network and your company’s overall employee productivity, and with many solutions on the market you need to evaluate carefully.

Here are the remaining 5 things to consider when comparing email security and anti-spam solutions:

6. The number of appliances you have to acquire to get complete protection

Most solutions are sold by functionality and the SMB models in most product lines have much less capability. You need to make sure that you’re not overlooking important features such as LDAP access, end user controls, and on‐box spam quarantines. If these are not available on your SMB solutions, you may be forced to move up to more expensive systems just to get the basic functionality your business needs.

7. What kind of support is available once you’re up and running?

Buyers should be careful to select products that offer solid, well‐trained, 24/7 tech support for their mission‐critical security products. Some vendor support can be lacking in depth and thus you may be forced to rely on user forums for most of the real support.

8. Does it provide automatic, uptotheminute security?

You need to make sure your email security solution doesn’t need constant fine tuning. If it provides a means for automated and constant self‐updating, so that it is always aware of the latest threats, you’ll ultimately get better security while also reducing your administration costs.

Many anti‐spam solutions on the market rely on a 1st generation (at best) reputation service, which in turn depends on RBLs (real‐time block lists) that provide a simple yes/no result for legitimacy of an email based on sender IP history – much like a credit bureau which makes decisions based on history. But the RBLs are not updated quickly enough to keep up with the increasing volume and purveyors of spam. Depending on how aggressively you set your spam threshold, with a simple RBL, you’ll either get a low catch rate or a high false positive rate. If your spam solution requires you to constantly adjust and manually add new scanning rules to catch spam (because the engine doesn’t), you’ll further increase false positive rates.

9. Understand what features you’re getting

Will your email security and anti‐spam solution allow you to adjust your spam settings for your unique needs? Some vendors list features like ‘attachment stripping’, ‘footer stamping’, and ‘body and header keyword search’ and then market them as highly effective spam detection tools. In reality those spam detection offerings do not allow you to set up even simple logic in filters to fine tune your spam settings or the ability to combine multiple actions on messages, resulting in legitimate messages being blocked.

Here’s a short list of features and functions that we think should be part of your checklist:

Threat Protection

  • Anti‐Spam
  • Anti‐Phishing
  • Anti‐Virus/Anti‐Malware
  • Next‐generation Reputation Services
  • Threat Outbreak Protection
  • Spam Dictionaries
  • Pattern‐based Message Filters
  • Message Quarantine
  • Inbound Attachment Control

Data Loss Prevention

  • Pattern‐based Content Rules
  • Compliance Dictionaries
  • Objectionable‐Content Filtering
  • Outbound Attachment Control
  • Outbound Content & Attachment Scanning
  • Document Fingerprinting and Data Classification
  • TLS Encryption
  • Message Level Encryption

Management & Reporting

  • On‐box Reporting
  • Messaging Logs
  • Customizable Granular Policies
  • Customizable Granular Reports
  • Centralized Management


  • Message Redundancy
  • Geographical Redundancy
  • Queue Replication
  • One-Demand Clustering

10. Is open source the right solution for your security?

When security vendors base their products on open source technology, they can put your network at risk. Spammers are motivated, highly capable people with a monetary incentive to engineer their way around your security barricades. They can reverse‐engineer open source security technology in order to bypass its detection of spam and threats, making it more open to hacking than proprietary solutions.

If you have thoughts or additions to you’d like to add to the list, feel free to add them in the comment box below.


No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: