Blog / Email Filtering – Doing it Right is Very Tricky…
Email must be one of my biggest peeves, when it comes to dealing with problems. Email is not really that complicated, since there are only three kinds of snags: configuration issues, hardware failure, and Spam.
Configuration issues do not happen very often, since email systems are not the sort of thing that get repeatedly tinkered with. There’s a lot of configuration in the beginning, but other than that, most changes are creating and deleting email accounts. Sometimes you enable or reconfigure a Spam check, but once those are working properly, they tend to get left alone. Thus, this doesn’t really occur that much.
Hardware issues can happen at any time. A drive could fail, the system could overheat, there might be a power surge, and something could spontaneously explode (that’s always fun.) When hardware issues occur, they generally mean that email is non-functional until the issue has been corrected.
Then … there are Spam issues. Oh, the joys of Spam. It can be eaten in many, MANY different ways, it can be turned into a Monty Python skit (if you don’t know what I’m talking about, go find it on YouTube), and it can turn your Email Inbox into a sea of useless garbage.
Something we can all agree on is that Email Spam is a serious problem. So then, why does it seem like nothing is being done about it?
Email is something I’ve touched on in other newsletters, and something I’ve said before is that “Email is a very simple system.” This is exactly the reason that Spam isn’t something that can easily be remedied. E-mail was basically designed to emulate the system we have for delivering regular mail. Email has all the same bits and pieces; you’ve got an envelope and it contains a letter. Officially, the envelope is supposed to be set-up a certain way, and so is the letter inside (think back to elementary and high school English.)
So, if you think about a physical letter then, what is the minimum information you need to put on the envelope, for it to get delivered? Now then, I know you’re supposed to have the address it came from, as well as the address it’s going to, along with the names, but sit back for a second and ask yourself what will happen if you don’t put all of that on an envelope? If there’s information missing that should be there, the post office will do their best to deliver it somewhere. So, the absolute minimum information you need to put on an envelope is a destination. Everything else is just nice to have.
That’s exactly how Email works. Some methods of electronic communication are very strict. Encryption is a good example of something that, regardless of the actual information involved, the steps involved to set-up up the communication have several district steps that must be done for things to work. Those steps cannot be substituted, and nothing is optional. Don’t do them, and it all fails. Make a mistake anywhere along the way, it fails. Email isn’t like that. It’s not a strict method of communication.
Since it’s not strict, detecting spam can be very difficult. As the protocol only requires a destination, putting in strict rules means rather then identifying spam, you could start recognizing people who wouldn’t have their email service fully or properly configured. Email is so flexible that it really has only one hard rule. With that in mind it becomes easier to see why Spam is hard to detect. The more check-up you enable and the stricter you make your own mail server, the more likely it is that something will be detected that isn’t Spam. The truth of the situation is that no one cares about the Spam that was blocked because they didn’t see it. The system could have blocked 10 million Spam email over the course of two years, but it suddenly detects one piece of email as Spam incorrectly, and it’s a massive emergency indicating that something must be terribly wrong.
I didn’t invent those numbers, by the way. I used to be the company guru for email at a place I worked, and those numbers came straight out of one of my support tickets. The fact is email is designed to be a “best effort” protocol. This means that the rules are very loose and that the mail server will do its best to deliver your message. If the communications’ method is best effort, that means that Spam detection methods are also best effort.
Email is not an exact science. I know this is strange because computers are, by nature, exact. So, try to remember this when you go through your own emails: The Spam filtering guys are doing their best, but never assume it’s going to be perfect. Something is going to get through. Hence, if you assume it’s not Spam, simply because it’s in your inbox, you could be the one who winds-up causing the next information breach, and never even realize it.
If you have any questions about Spam Filtering, please reach out to your TRINUS Account Manager for some stress-free IT.
By Kind Courtesy of Your Friendly Neighbourhood Cyber-Man.