Twenty-Four Seven Security« Storm Worm Raging Again | Main | FBI Enlists Spyware »
July 18, 2007Spam Filter Gone Wild
While spam has continued to grow, most people seem to have grown accustomed to it, treating spam as nothing more than a mere nuisance. But other than the fact that behind the scenes spam clogs up servers and often carries malicious files or links, there is also another danger lurking: the false positive.
With email servers being bombarded with every sort of fake message trying to insist that it is real, the line between spam and actual email grows ever finer. And unless an IT department keeps up with whitelisting, which is the list of companies whose email should always be accepted, false positives, or real emails that are deemed a fake and tossed out before ever reaching the intended target, will remain a real threat to the efficient flow of a companies information.
A recent example of this comes from NetworkWorld, where the problems with the law firm of Franklin D. Azar & Associates started when their email accounts started being inundated with pornographic messages. The employees of the Aurora Colorado firm complained about all the unseemly messages, which forced the IT Admin, Kevin Rea, to ratchet up the settings on their Barracuda Spam Firewall. The tougher settings made it harder for spam to break through, but it also made it easier for real email to get thrown out.
And that’s exactly what happened when the higher spam threshold began blocking emails from the U.S. District Court of Colorado, including a notice for the firms’ attorneys to attend the May 30th hearing for a civil lawsuit. Email notification is a growing trend with U.S. state and federal courts, using a system called Case Management/Electronic Case Filing (CM/ECF). And while law firms can choose to be notified other ways, the business and scheduling of court dates is now done largely electronically.
Which meant that Azar and Associates missed their court date, and the judge ordered them to pay the attorney fees and expenses for the other side. While this is certainly a worst-case scenario for an IT department, it does represent a very real worry. And by simply whitelisting the uscourts.gov domain, the problem could have been avoided altogether.
Tag: Spam Filter, Spam,False Positive,Whitelist
Tags:
Posted by pschooff in
|
Digg This|
Add to del.icio.us
Trackback Pings
TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/2136
While the intent of the story is quite understandable, your example points out a flaw in the way people think of email. Had a court notice been sent through the US Post Office, it would have been sent (at the very least) registered mail, which would require a signature at delivery.
People should never assume that their email will always be delivered. And not just because of spam filters. How about errors with the senders ISP? Is it possible that the district courts email server might suffer a glitch? While spam filters will remain a critical defense against the mounting volume of spam, there must also be a responsibility on the sender to insure that their message was received.
The district court should at least require a reply from the recipient to insure receipt. Many companies do this already and it doesn't take a large amount of work to implement. If I were the law firm, I would hold the court responsible for the missed email. If they want to bypass the post office, then they need to offer the same guarantees of message delivery.
Posted by: Michael J at July 19, 2007 11:02 AM
Post a comment
