Exchange 2003: Spam-killer?
- By Stephen Swoyer
- June 09, 2003
Many Exchange administrators cite Exchange 2003’s improved spam-filtering capabilities as another attractive feature of the new messaging platform.
Microsoft has defined several new levels of spam control in Exchange 2003, starting with a feature that allows administrators to selectively filter incoming messages according to global “Deny” or “Allow” lists. “There is the whole set of recipient and sender filtering, there’s the recipient filter, that can filter based on if a piece of mail is being sent to a non-existent filter, there are filters based on if mail is sent to a particular e-mail address,” says Missy Stern, Microsoft product manager for Exchange. “There’s also new support for spam blacklisting, which lets you subscribe to services that maintain lists of blacklisted IP addresses,” Stern says.
Blacklisting describes a method by which administrators can configure an SMTP server to reject incoming messages from domains, IP addresses or IP netblocks that have been “blacklisted” – i.e., known to have disseminated Spam in the past. The new version of Exchange 2003 supports Spam filtering by means of subscriptions to real-time blacklist services, which maintain up-to-date databases of known spammers.
Microsoft’s arch-rival, IBM, which markets the Notes/Domino messaging and collaboration environment, announced similar functionality late last year. Both vendors have touted spam blacklisting as an important technology to combat the profusion of unsolicited bulk e-mail. Unfortunately, most analysts say, spam blacklisting simply isn’t enough. “We think that it’s a very important step, but it’s just not enough. It’s important, however, because to fight viruses and Spam effectively, you need to have a multi-tiered approach. So it’s high-time that the messaging layer itself starts to come with some provisions for that,” says Sara Radicati, president and CEO of messaging consultancy The Radicati Group.
David Ferris, president of messaging and collaboration consultancy Ferris Research, says that Spam blacklisting as currently implemented in both Exchange and Domino is “very crude.” At the same time, he concedes, it is “better than nothing.”
As a potentially more powerful technology to combat Spam, Ferris points to Microsoft’s announcement in April of a partnership with third-party vendors that market Spam filtering software. At the time, Microsoft announced that Exchange 2003 will give administrators the ability to filter incoming messages based on a “Spam Confidence Level” determined by third-party software. Such products typically “score” incoming messages against algorithms designed to recognize Spam. IT administrators can set scoring thresholds in Exchange 2003 that determine whether messages appear in users' Inboxes or in their Junk Mail folders. In a mid-April interview, Microsoft Exchange product manager Chris Baker told ENT that the new feature is similar to a “volume control” that “allows an Exchange administrator to have a throttle or a control over how much spam gets blocked.”
Messaging analyst Ferris says that organizations are increasingly turning to third-party tools to combat Spam. “What’s happening is that organizations really are now biting the bullet, really are evaluating much more powerful antispam software solutions and investing in them. Lotus and Microsoft recognize this and are trying to open up their products to third party vendors.”
Vendors that will develop plug-in support for Exchange 2003 Spam Confidence Level scoring include the usual antivirus suspects, such as Network Associates, Sybari Software, Symantec and Trend Micro, along with messaging security specialists Brightmail and GFI Software.
Exchange 2003’s final line of defense is on the client-side, with both the stand-alone Outlook client and the browser-based Outlook Web Access (OWA) view. Starting in Exchange 2003, OWA will support junk mail filtering. In addition, says Microsoft’s Stern, the junk mail filtering capabilities of OWA and the upcoming Outlook 2003 client have also been enhanced, with the introduction of what Microsoft calls “trusted senders.” Says Stern: “A user can put any number of names or addresses on their trusted sender list, so even if a mail got a sort of high spamminess scoring [from Exchange’s Spam Confidence Level feature], they could still receive it if it was on their [trusted sender] list.”
Stern says that the new Outlook clients can begin to recognize potential Spam signatures. “It’s basically now a smart list that actually can learn over time.”
Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.