Smart solutions to security problems
The Love Bug virus struck a harsh chord with the IT department of Taylor Guitars, a manufacturer of acoustic guitars. The virus, which invaded the company’s network after an employee opened an attachment in a message with the subject line “I Love You,” duplicated itself and distributed infected e-mails, using the victim’s address book.
Taylor’s IT department quickly noticed the problem and warned the rest of the company’s 150 employees not to open the message. But to purge the system of the virus, the company had to shut down the mail server for a few hours, preventing any e-mail from being sent or received. After the Love Bug attack, Information and Systems Manager Bret Houston decided that he needed to find a way to prevent such e-mails from getting to employees. In addition to virus protection (not discussed here), the company decided to install a spam-filtering product that would block the likely carriers of virus attachments.
Houston began his search for a spam filter by looking for a product that would automatically filter unwanted e-mails without requiring his users to maintain lists of approved and blacklisted senders. On average, he says, employees at Taylor guitar aren’t extremely computer savvy, and finding a user-friendly application was mandatory. He also wanted a product with a low rate of false positives—e-mails flagged as junk mail that should have been allowed to reach the recipient’s inbox.
After evaluating several well-known products, Houston chose DigiPortal’s ChoiceMail, an e-mail filtering product that works by automatically sending a verification e-mail to all senders attempting to contact a Taylor Guitars employee. Most spam is generated in bulk using a computer, Houston explains. The ChoiceMail program operates on the assumption that valid senders will reply and spammers will not. Once the sender has replied to the e-mail, the employee gets the e-mail.
The e-mail asks the sender to reply “so they can verify that there is an actual human being sending those e-mails,” says Houston. Once the sender replies to this message, he or she is considered an approved sender and is put on an approved- sender list. Messages from new senders and those who don’t reply are considered suspect until approved. This feature sold Houston on the product. He says other products he evaluated required a dedicated administrator to manage several lists of approved and unapproved senders.
Although Houston admits that responding to a verification e-mail may be cumbersome to some senders, he says that he does not know of any instance when a sender attempting to contact Taylor Guitars failed to follow through with the verification process.
“We tried a lot of different things,” says Houston, “but we found that this works best for us, because it puts the responsibility of authentication on the sender.”
The approval process appears seamless to the recipient, and authenticated e-mails are sent through without requiring any oversight by the recipient or a dedicated administrator. However, the program also has a feature that allows the recipient to create whitelists of approved senders, avoiding the need for the sender to reply to the approval e-mail. To access these lists, the employee must enter a username and password on a protected ChoiceMail Web site.
Additionally, the Taylor Guitars employees can blacklist undesirable addresses. These blacklisted e-mails will automatically be sent to the recipient’s trash bin, where they will stay for four days. If an employee decides to remove a sender from the blacklist, he or she simply includes the sender’s address on the whitelist.
Lastly, employees can also view e-mails awaiting approval. The e-mails are kept in the approval queue for up to four days, when they are moved to the trash bin. To access the e-mails in the approval queue, the employee simply clicks on the e-mail and approves the sender manually.
Houston says this manual approval feature has been extremely helpful in detecting legitimate e-mails which would normally be generated by a computer, such as receipts from Internet retailers. Because there is no person from the sender side to reply to the ChoiceMail e-mail, the receipt will remain in the approval queue until it is manually approved.
Houston says that he appreciates the product’s ability to allow individual users manual approval rights, but he thinks the product would be easier to use if it was integrated with the employee’s e-mail program, rather than requiring the employee to log into a separate site.
Installation of the product, which operates on a Windows 2000 server, was straightforward, Houston says. It runs on a Dell workstation, and Houston says it requires very little maintenance from the administrative side.
ChoiceMail has worked extremely well and has had a very low false-positive rate, Houston says. He adds that he has been consistently impressed with DigiPortal’s customer service. For example, a small problem involving e-mails not being received from Hotmail domains was patched very quickly.
Houston says that since the product has been installed, the amount of spam reaching employees’ inboxes has drastically decreased. Although ChoiceMail is not a virus protector, Houston says, it helps prevent viruses, worms, and phishing scams that often come attached to spam messages. And that’s music to his ears.
(For more information: Ronald Weindruch, CEO, DigiPortal; phone: 407/333-2488; fax: 407/333-4453; e-mail: firstname.lastname@example.org )