Before I go any further in this discussion of ways to prevent spam from becoming a problem on your network, I'd like to mention the role of education. You may understand the importance of the steps you are taking to fight spam, but your staff and your customers may not. Start by explaining to your staff what kinds of checks to perform on new customers and why; they need to know what issues (such as bad credit and/or being on black lists) raise red flags.
Don't neglect your customers in your educational campaign either. You can include articles on your web site that explain what spam is and how to fight it, either with your own tools or others. Make sure both your customers and your staff understand good emailing habits (as both senders and receivers). You should also make sure your customers know what to do if they are accused of spamming.
You might be reading this and feeling somewhat frustrated. "I have instant account activation; my customers appreciate it, and it reduces hassles all around. Now you're telling me I have to get rid of it?" If that's what you're thinking, you need to take another look and decide whether it's really working in the way you intended. Spammers use web hosts with instant account activation to get set up quickly, send lots of spam, and then go on their merry way. Is it really worth the convenience to risk being a magnet for spammers?
Another magnet for spammers is open relays. Don't let your servers be used in this way. Make sure you have SMTP authentication turned on. Also, if you provide your customers with form mail scripts, use a secure one; if your customers use their own form mail scripts, make sure they're using a secure one (or at least know what to look for).
Make sure you're keeping up with the various tricks spammers use to avoid detection. According to a research brief from Trusecure, an information security company, "We are beginning to see more and more cases of 'spam jacking,' hackers who exploit poorly configured systems to take control of them and send mass amounts of spam. In most cases these organizations don't even know they have been compromised, or that there are very simple mitigating measures that can be taken to protect themselves."
No comments:
Post a Comment