Back to Community Threads
What is spam?
Problem reported by Douglas Foster - Today at 6:46 AM
Submitted
D
We want spam filtering software to block spam, as if everyone knows what that means.   We know that developers cannot solve a problem if it is not defined.   So let's do some defining.

I use this definition:
  • The purpose of spam filtering to block all unwanted messages and allow all wanted messages.
  • A message is "wanted" when it is acceptable to the user and acceptable to the domain owner. 
Which messages are unwanted?
  • Malicious messages:  Messages with harmful attachments or harmful links that will cause immediate harm to the organization.
  • Phishing messages:  Messages that seek to cause the user to respond, starting a conversation that will lead to harm at a later date.
  • Deceptive Messages:  Messages with no detectable harm, but with language that may cause the recipient to act contrary to his own interests or the interest of the organization.
  • Illegitimate Businesses:   Messages that appear to be ads for a legitimate businesses, but engaging with the seller will lead to an unhappy result.
  • Recruitment away:    Messages that use the organization's email system to harm the organization by inducing employees to work elsewhere.
  • Irrelevant advertising:   A message may be a legitimate ad for warehouse space in Roanoke Virginia, but it is irrelevant if the recipient is not involved in warehouse management or not working in that geography.
  • Nuisance ads:   Every company wants to sell stuff to somebody, and that product may be relevant to the recipient's job.   But the recipient's job involves more than listening to sales presentations.   If he is not ready to search for a product in that category, it is unwanted even if legitimate.   One source of legitimate advertising was generating 10% of all incoming mail until recently, when I blocked them completely.
From this list, I conclude that spam filtering requires these elements:
  • RBLS and other tools to block messages that are unwanted by everyone everywhere.
  • A set of filters to block messages that are unwanted by organization policy or by all users in the organization.
  • A set of filters to block messages that are unwanted by specific users.
  • A feedback system for users to report unwanted email (the Training folder)
  • A ticket system for users to complain about missing email.
I get impatient with the large cloud-based anti-spam vendors who sell on the idea, "let us make all your spam filtering decisions for you."   I don't see how they can deliver on that promise.
   
Back to Community Threads

Reply to Thread

Enter the verification text
Related Knowledge Base Articles
Send User Spam Feedback Options in SmarterMailSmarterMail > Antispam and Antivirus
Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management
Key Feature and Version Milestones in SmarterMailSmarterMail
Configure SmarterMail as a Backup MX ServerSmarterMail > Installation and Configuration
SmarterMail and Network Address Translation (NAT)SmarterMail > Troubleshooting