BETT: Brunel tackles harrassment with anti-spam

gallery

But it's not easy to balance blocking unwanted spam with so much diverse material coming into the university, he said. For example, anti-Semitic text is usually junked as spam. "But we do have a modern history department, which is talking about the holocaust," and might recieve materials containing certain key words, he explained. As well, his team needed to block viagra spam from some parts of the school without preventing health researchers from recieving their materials. "We needed to stop viagra spam from getting to secretaries in accounting while letting health sciences get what they might need," he said.

In this case, he used IronMail to apply quarantines in groups with a lot of granularity - letting certain type of mail get through to certain groups, but not others. "For most Secure Computing customers, it's a frill, but for some of these policies, we need to split people up," he explained.

The system has helped manage the five million incoming emails to those at the university recieve each week - some 98 per cent of which is stopped or quarantined. "When IronMail went in, it took an Alumni Officer just five minutes to sift through the morning mail, instead of up to two hours," Liddle said.

While some good email does get blocked, it's no more than a few incidents a week, much of which turns out to be a problem on the sender's end, said Liddle. "A little friendly-fire is accepted," he said. "The alternative would be horrendous."

But working with Secure Computing's latest innovations has let them improve their quarantines from text to include images, as well using reputation scoring for IP addresses to help prevent unwanted messages while still allowing good mail.

Indeed, Secure Computing takes feedback from all its customers, tracking day-to-day acticity. "For us, getting specific feedback, especially in targeted attacks, allows us to improve the product," said Mike Smart, Secure Computing's EMEA product manager. "For us, a lot of customers use different aspects of the product, so they feedback in a blended way which helps against blended attacks."

University students, such as those at Brunel, play a key part in gathering information about malware in email or on the web because they access such tools in a more diverse way than other people. "University users are in fact visiting a more diverse part of the internet than business or consumers... so it lets us get better coverage," Smart said, adding that many anti-virus vendors would never have to deal with an attack as targetted as that against Kim-Chan.

Email to a friend

Print this page