|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
[PLUG] Spam filtering, anyone?
|
I'm curious as to what we all use on servers (not at home).
My ISP uses Postini and I called them today for a quote for work. Their
accuracy is frightening. Once a week I log in to clean out the junk
box. This week there were about 500, of which 3 were false positives.
At work, there's a lot of whining (isn't there always) about the filter.
It has more false positives than I'd like, causing us to have to
whitelist aggressively. It's human nature to ignore the 300 pieces of
spam the filter caught but to bitch about the 1 email you didn't get.
So I'm curious about what others are using. I'm very curious about the
balance between filtering and user-interaction. My users are extremely
unhappy about missing emails, yet if I were to employ a solution whereby
they received *every* piece of email in a junk box and had to go through
it, they'd never do it (we can't get them to empty their deleted items
folder).
I guess I'm simply asking for a 100% perfect spam filter that can
operate sans end-user input. And a six-figure salary to operate it from
the comfort of my home in a state with warm temperatures and very little
humidity. Please let me introduce you to my secretary, Adriana Lima.
The server is (ack.... pbthlllllt) Exchange 2003.
=========================================================================
Random work stories follow. Not on topic.
The CIO got pissed about offsite storage costs, specifically email. A
brief bit of math showed that we could save tons by simply having people
empty their deleted boxes, clear sent items, and delete a few of the
four thousand personal joke virus emails in their inbox.
Said CIO asked nicely for everyone to perform said operations.
And nothing happened.
Ok, I exaggerated: four people complied.
So we *educated* people about what to do and why.
A few more did so.
Last month the CIO realized it was time to send out his quarterly
reminder to empty the deleted box.
And nothing happened.
I am not exaggerating this time.
[What the CIO failed to realize is that each one of his messages arrives
with the Auto-Ignore flag on. I stopped sending out emails two years
ago for this very reason.]
SOMETHING had to be done, obviously. We had no choice but to implement
limits. Being the mean-spirited, fun-killing ogres we are, we put into
effect the draconian limit of 500megs per user. Yes, 500megs.
You'd have thought we killed their puppies from the collective howl that
arose. One genius actually exploded in our office, screaming bloody
murder about only having 33,000 messages in her inbox and why were we
picking on her. Another did not pass GO and ran straight to the COO.
His whining was curtailed rather quickly by the COO's admission that
limits were *her* idea.
No, we still did not force deleted items to empty on closing (even
though we're basically heartless clods). When we mentioned this to the
lady with 6,000 deleted items, she begged us not to delete them because
`that's where she files stuff.'
Then there was the Great Password Change Debacle of 2004. One day I
hear an announcement over the p.a. for the meeting of the IT Password
Change Committee.
I was most intrigued, especially as I had never heard of the IT Password
Change Committee, nor had my boss, who had just that moment found out he
was ON the committee.
The name of the committee should pretty much say it all, but allow me to
set the stage.... somebody put together this group, consisting of dept
heads and others (janitors, presumably) for the express purpose of
*discussing* whether there *should* be password changes and possibly how
frequently.
Pick ten random coworkers of yours who aren't involved with computers
and ask yourself if any sane person would put them in charge of IT policy.
[Stop that. Get up off the floor. I can hear you snickering all the
way over here.]
I hear the meeting degenerated into my boss being asked who we were
really defending against with these proposed password changes. Finally
it was decided, no doubt after a year of committee meetings, voting,
catered meetings, and enough Krispy Kreme donuts to sink the USS Harry
Truman (would that be four or five?) that the password changes would
occur quarterly. I asked my boss if we should pull the plug on the
firewall too, while we were at it.
Mind you, this was all without my boss' input. He would just sit there,
in total shock, shaking his head until he developed repetitive stress
injury in his neck and got fired because he enjoyed the pain meds a
little too much.
We knew we were in for it regardless but there's no way we could have
predicted how bad it was going to be. Two weeks before the mandatory
password change, everyone was notified they had 14 days to change their
password, and would they like to change it today. Invariably everybody
waited til they couldn't log in anymore before they changed it.
The entire next day was spent resetting passwords because they forgot
them overnight.
Some would say that this isn't a problem. It just proves that we have
nothing but highly motivated, energetic coworkers who leap right on
forgetting things instead of waiting a day or more to forget them.
To those people, I say that this kind of optimism should require
hospitalization. And the administration of lots of those medicines that
make you drive like Ted Kennedy, speak like George Bush, and shake like
Ozzy Osbourne.
After about two password change cycles, my dept longed for the safety
and serenity of someplace quiet, like Iraq. Fortunately the entire
topic was made moot by the Extreme High Muckity Mucks, who found the
entire experience way too mentally taxing and decreed that password
changes would henceforth occur twice a year.
If you're still with me, you'll be happy to know that network password
changes require Treo password changes. When I explained this to a VP
who was complaining that her Treo wouldn't get email, she said that all
this security nonsense was really a pain in the ass and she didn't see
the need for it.
If you need me, I'll be in the server room, hanging from a CAT5 cable.
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|