Security Basics mailing list archives
RE: Outsourcing spam filtering and secuirty
From: jburzenski () americanhm com
Date: Fri, 19 Sep 2003 13:37:31 -0400
Tony, I will attempt ot respond to your inquiry about outsourcing spam filtering. Outsourcing certain functions of 'security' is generally a trusted practice as long as you are working with a reputable firm. In regards to outsourcing of spam filtering, it depends on the business. By performing gateway level filtering of this nature, you are effectively routing all inbound mail (from the Internet) through a third party service. So all inbound communication can be monitored. It may be prudent for a vendor to provide you with documentation describing the security measures they have in place to prevent unintended capture of you mail traffic. You may also be concerned about the false positive review process (if mentioned in the SLA). There may be sensative emails that are accidentally sent to the spam quarantine and are reviewed by vendor ops personnel. Personally, I don't like the idea of outsourcing this task and you should weight the reasons for doing so against the reasons for keeping this in-house. If you are interested in saving some money on this project while bringing the service in-house, you should consider MailScanner (http://www.mailscanner.info). This is an open-source product that is easy to setup and configure and also has commericial support options in case you need help. It works very well. Jason -----Original Message----- From: Tony Brisco [mailto:tony_brisco () yahoo com] Sent: Thursday, September 18, 2003 11:22 PM To: security-basics () securityfocus com Subject: Outsourcing spam filtering and secuirty Hi, Is trusting third party with the corporation's MX records for spam filtering purposes is widely used ? Accepted ? And how secure ? I appreciate in advance your comments and suggestions. Tony Brisco __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- Outsourcing spam filtering and secuirty Tony Brisco (Sep 19)
- Re: Outsourcing spam filtering and secuirty Roger A. Grimes (Sep 19)
- Re: Outsourcing spam filtering and secuirty Matt Taber (Sep 19)
- Re: Outsourcing spam filtering and secuirty Chris Ditri (Sep 19)
- Re: Outsourcing spam filtering and secuirty chort (Sep 22)
- <Possible follow-ups>
- RE: Outsourcing spam filtering and secuirty jburzenski (Sep 19)
- Re: Outsourcing spam filtering and secuirty Craig_Brauckmiller/LEK (Sep 19)
- RE: Outsourcing spam filtering and secuirty Timothy Onsomu (Sep 19)
- New Secure Enterprise Magazine from Network Computing Steve (Sep 23)
- Re: Outsourcing spam filtering and secuirty Dana Rawson (Sep 19)