October 13, 2003 By Merrill Douglas
"No one was complaining," said David Jordan, chief information security officer for Arlington County.
After seeing several news reports on the swelling tide of electronic junk mail, however, Jordan decided to explore what harm spam was inflicting on county operations.
"Your security officer wants more spam," declared an electronic newsletter he distributed last fall to 3,500 county employees. Users obliged with a flood of forwarded e-mails hawking everything from mortgages to Russian brides to child pornography. The volume of junk on the network reached artery-clogging proportions.
"About 20 to 25 percent of all message traffic we had been receiving was spam," Jordan said, adding that the percentage isn't as important as the waste it represents. "It doesn't really matter whether it's 2 percent of the message traffic or 30 percent. It's 2 percent we don't need."
So along with protecting Arlington County's computers from viruses and barring traffic from countries that harbor terrorists, Jordan added spam prevention to his to-do list.
He wasn't alone. Corporate and government officials are realizing spam is more than an inconvenience, said Sara Radicati, president and CEO of the Radicati Group in Palo Alto, Calif.
As part of a survey, her research firm recently asked respondents to list major plans for their messaging systems.
"The top priority that came back was reducing spam," she said. "This is the first year that's happened."
The problem is spam forces organizations to expand network capacity, Radicati said.
"You're spending more all over on your infrastructure, in terms of more servers, more networking, all kinds of things, to support traffic that's trivial and unnecessary," she said.
Along with inflating overhead costs, spam chews up employee time, said Chris Miller, a group product manager at Symantec Corp. Extra time is spent deleting unwanted messages and retrieving legitimate mail accidentally deleted along with the trash. Some content is offensive, Miller added, and users exposed to pornography at work might sue employers for failing to block that mail.
"You're providing the infrastructure," he said. "You have to maintain it and make sure it's clean."
For these reasons, Jordan and two county network engineers set out to eradicate spam from the network. Arlington County uses Symantec tools for network security, and beta tests the company's new products. To combat spam, Jordan deployed tools from Symantec's AntiVirus for SMTP Gateways suite, which combine spam blocking and virus protection.
Software in this suite scans incoming mail for unwanted content. The goal is to stop spam at the mail server before it invades other servers and desktop systems, Miller explained. Along with anti-virus software, the package provides four layers of spam filtering, using techniques such as subject line filtering, heuristics, black lists and white lists.
Arlington County first tried subject line filtering. Jordan and the engineers used the software to build a database of keywords and phrases that, when found in a subject line, usually indicate junk mail. Since compiling the initial list, they have continued to scrutinize incoming mail to stay ahead of new tricks devised to get around filters.
"We have about 50 different spellings of 'Viagra' filtered," Jordan said. "We have probably close to 4,000 keywords we now use in subject lines."
Subject line filtering requires some labor and commitment, but it's effective against junk messages, he said, noting that once the county put it in place, staff started to filter thousands of spam messages each day.
Heuristics was not part of Symantec's suite when Arlington County started its war on spam, Jordan said, but when the vendor introduced that filter, he added it to his arsenal. The software in this
You may use or reference this story with attribution and a link to