Tuesday, May 09, 2006

Today's MS Update for Exchange Will Impact BlackBerry Enterprise Server Users

Microsoft has released an update for Microsoft Exchange 2003 Service Packs 1 and 2, and Microsoft Exchange 2000 Service Pack 3 that will revoke the 'Send As' permission, preventing users from sending messages.

RIM and Microsoft have post directions for fixing this problems by changing some settings in Active Directory.

I first wrote about this impending doom, I mean update, here. This issue was covered on the Microsoft Exchange Team blog last week.

Technorati Tags:
, , ,

Sunday, May 07, 2006

SANS on the Blocking of Non-Spam E-Mail by Realtime Blacklists

SANS - Internet Storm Center: Spam blocking by RBL, when is a good thing too much?

Real Time Blacklists are the common tools of the trade of spam blocking. The idea is simple. Put the sending addresses, domain names, and IP addresses of people who are sending spam on a list, so others can use it for a directory for blocking spam.

But it isn't always that easy:
It is a long standing issue with the various RBLs that it is easy to get blacklisted, and tough to get unlisted. Needless to say the company in question requested a new address assignment from the ISP and resolved the problem that way. Leaving that address to the next poor victim to deal with it.

I have seen this situation personally a few times in the last year. I have started to suggest that anyone working with an ISP to get a new address assignment check the address block with various RBLs before accepting and putting the addresses into production. I also recommend that they request the ISP perform this check prior to making the assignment, some are more cooperative than others. Sorry I will not mention any names of ISPs.

An anonymous user wrote to SANS as a follow-up advocating individuals building local RBLs for local use. This sort of system won't work for those of us using an out of the box solution such as Symantec's Anti-Spam/Anti-Virus products on our SMTP gateways. The less labor intensive strategy is to keep a local whitelist.

There is further reading listed by SANS:
Why don't spam blocking lists block only the spammers?
Remember that the system administrators who use blocking lists use them because they trust that using the list will eliminate a maximum of spam while blocking a minimum of wanted e-mail. Admins who find that a blocking list is not working that way will stop using it. Most likely the list in question affects very little non-spam e-mail.

As I've said before, the practice of some blacklists blocking non-spam legitimate email in a law firm environment is a nightmare. For now all we can do is keep small local whitelist and hope those who have been blacklisted will seek to be removed.

Technorati Tags:
, ,

Legitimate Email, Spam Filters and Blacklists

Wired News: Are Spam Blockers Too Strict?
Estimates vary as to how large a problem "false positives" represent. JupiterResearch estimated that in commercial mailings, 12 percent of marketing e-mail was blocked because of false positives in 2005, down from 18 percent in 2004.

Ken Schneider, chief architect with Symantec, which sells spam-filtering tools used by most large U.S. internet service providers, says false positive rates are actually much lower than the Jupiter research indicates. It's hard to get an exact figure, however, because determining what qualifies as spam is a matter of opinion. What marketers call "false positives" may be messages that aren't technically spam, but nonetheless do not contain information that end users want.

"There's a very gray notion of what's spam and what's not," Schneider said.

Symantec also sells spam-filtering tools for the enterprise, such as law firms, for spam blocking on SMPT gateways.
Some of the oldest tactics for spotting junk e-mail still work. Spam filters isolate bulk mailers who generate a lot of complaints. ISPs and filtering firms also maintain blacklists of known spammers and "whitelists" of legitimate bulk e-mailers.

I've seen firms engaged in mass litigation get caught in the mass e-mail spam trap. These non-marketing bulk, case related messages which are necessary communication in conducting ongoing litigation can have as many as 60 or sometimes over a hundred recipients. The only recourse is to list the email address and domains being blocked on your own local "whitelist" of legitimate bulk e-mailers.

AOL and other have proposed a program called CertifiedEmail in which senders would pay a fee to be whitelisted at the ISP level.
To join the CertifiedEmail program, e-mail senders must meet accreditation criteria and pay $200 to $400, plus a quarter of a cent per e-mail. In exchange, AOL guarantees the e-mails will get to a user's inbox and will bear a seal identifying them as certified messages.

AOL says it plans to launch the service in the next month. Goodmail said it is also working with Yahoo on a certified e-mail program.

Under current laws, opponents of certified e-mail can probably do little to prevent its adoption, said David Sorkin, a professor at The John Marshall Law School in Chicago.

Sorkin doubts the program will be popular with e-mail users. Even so, given the strides ISPs have made in reducing inbox clutter, a few "certified" marketing messages aren't his biggest worry.

"Personally I'm much more concerned about missing a few legitimate messages than figuring out what to delete," he said.

When you are engaged in the practice of law, can you afford to miss even one legitimate e-mail?

Technorati Tags:
, ,

Saturday, May 06, 2006

On Spam and Blacklists

I read this posting over at the SANS Internet Storm Center with great interest this afternoon. In the past few days more and more legitimate email is ended up being bounced or dropped by our spam filter.

The good news is that my firm's domain does not appear to be blacklisted, but some of the largest firms on our state seem to be for some reason.

I'll have more the subject of spam filtering and blacklists later, but now I'm going to go do what I don't get to do during the week: play outside.

Technorati Tags:

Monday, May 01, 2006

Another BlackBerry Patent Lawsuit

BackBerry maker RIM is the target of another patent lawsuit. This time from a company called Visto. RIM stock lost 4.3 percent today on the news.

Technorati Tags:
, ,