I post at SearchCommander.com now, and this post was published 18 years 3 months 21 days ago. This industry changes FAST, so blindly following the advice here *may not* be a good idea! If you're at all unsure, feel free to hit me up on Twitter and ask.
To say “spam is out of control” is not really accurate, so let me give you some figures that will put it in perspective.
For my own domain pdxtc.com, August 2006 brought me these numbers…
- 19,306 total incoming emails (and we only have 9 addresses!)
- 16,209 were identified and blocked as spam before a human ever saw them
- 102 of those blocked contained viruses
- 71 of those that were blocked contained “phishing” attacks
- Only 15.15%, (2,924) of the emails were deemed “legitimate”
- Of the “legitimate” emails that made it through, I can only guess at the number I’d have been better off without seeing!
In the past, I have recommended SpamArrest (and I still do) for users that have only 5 email addresses or less, and it’s still one of the best in my opinion, since you can block 100% of all the cr*p with a simple one time auto response, asking “are you human?” to the sender .
That’s not practical for a business that wants to protect it’s whole domain. The “user verification” option is fine for persinal mail, isn’t really acceptable in a corporate environment, and you need something more robust.
I have payed a monthly fee for years to protect my whole domain with Securence, and I’ve been very happy with it, practically never getting any “false positives” blocking mail that I want. however, in the past month I’ve had to go into my “quarantine” folder on their server four times looking for email that I was expecting, which turned out to be blocked.
Perhaps I’m a bit premature considering changing, but I thought I’d throw it out here…What mail management methods do you use to maintain your sanity?
I too have found the “Are you human” approach too cumbersome for use…but like you am looking for the end-all.
I now set all unrouted to :blackhole: – I dont even want to respond to them and let them know it doesnt exist.
Ive found the spam assassin folder to be NOT preferred by the majority of my clients because of the fear of loosing something into it, and then the labor of having to check 2 mail boxes….so they just live with the spam.
I *dont* want to live with it! My numbers are similar to those you posted, but I end up having to filter them on my end…
I’ll be watching your blog here to see if you ever get the answer…
Sorry, but as I’m sure you know, the only thing that really works 100% effectively is “human verification” on the part of the sender.
It’s not cumbersome at all for the subscriber, only for the sender of the flagged message to have to verify. If human verification is on, then there’s no need to check the folder unless you’re expecting something that you haven,t gotten.
I think if you set your email client outgoing mail server to SpamArrest, it whitelists anyone you send to automatically.
Tell your clients that even if they had a real human go through your mail first they would still have to spot check their work!
Securence is pretty darn good though, with no recent missing emails…