Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Tangent's Spam Filtering Service

From: Louise O'Sullivan <louiseo () TANGENT COM>
Date: Thu, 28 Jul 2005 11:32:14 -0700
Listserv members,
I would like to correct some information which was posted this week
regarding Tangent's Spam Filtering Service. I am the vendor and thank you
for the opportunity to set the record straight.
Louise O'Sullivan
Sales Manager - Tangent
T 800 342 9388 X2137

">Reasons to consider actually having the box on your site:


1.  Control.  The Barracuda only allows for a single administrator.  For
it to function at 100%, you would want your own box for your
organization so that you could control all of the settings.  The spam
that St. Augustine's gets could be much different than the spam that
Keystone gets.  If you are both operating off of a hosted box, the
settings can only be tweaked to the best common setting."


Tangent Response
Each of our customers has the ability to change many
of the settings to tweak their service as needed
to better suite their own needs. These include

         Tag Levels
         Quarantine levels
         Block Levels
         Spoof Protection
         User White and Black lists
         Domain white and black lists (coming soon)
         Users Quarantine Service (on/off)

The only items that our customers do
not have control of are the content filters which
is a major part of our hosted service. We build and
maintain a list of thousands of content filters that
are unique to our service and are NOT available if
you buy a box.

">2.  Security.  Do you really want an outsourced provider to have a copy

of all of your inbound messages?"


Tangent Response
Our mail logs only hold approx 40,000 messages at any one time.
As each of our servers filters over 1/2 million messages each day
we can only see messages that were sent in the last 2 to 4 hours.

Please also note that e-mail is NOT a secure means
of communication. ANYONE with knowledge of the internet
can gain access to anyones email by simply sniffing the
network that their mail passes by. All email (unless it
is encrypted is sent as open text that anyone can read)

And finally .. We really don't have the time or manpower
to review the millions of messages we see each day and
really don't see any point in trying.

">3.  Cost.  These people are charging $1000/year at a minimum.  You can

buy a solution for a very little bit more."


Tangent Response
Our three year cost is approximately the same as buying a box but saves you
time in maintaining an in house solution and we also provide these
additional services, namely -

         Administration page
         Report Server (user and domain)
         Content Filtering


">4.  Reliability.  Ms4.tcnoc.com and ms5.tcnoc.com both resolve to the

same IP address (63.209.10.244).  This means there is no geographic
diversity in this solution."


Tangent Response
Incorrect. We have two data centers. Each of our
customers are asked to add two MX entries to
their DNS server. In the above case it is MS4 and MS5.

If MS4.tcnoc.com were to fail our DNS server would
update the records and ACTIVATE MS5.tcnoc.com. We
do not have this domain name active because it
would only increase the amount of spam our customers
would receive and as noted there is no reason to
activate it unless the primary server goes down.

">5.  Reliability.  Will users in NC really understand their mail being

broken if there is a power outage in California?"


Tangent Response
Our primary service is hosted at one of the largest
data centers in the world (Level3) which has in
place every precaution against power failure including
their own emergency gas powered generators that can
run for weeks if needed.

">6.  Knowledge.  These people don't appear to know what they are doing.

They left mercury.keystone.edu (with IP address 65.209.95.165) as an MX
record.  Any spammer can find this and attack it without effort.  (See
below.)

220 mercury.keystone.edu Microsoft ESMTP MAIL Service, Version:

5.0.2195.6713 ready at  Tue, 26 Jul 2005 09:24:36 -0400"



Tangent Response
We recommend to all of our customer that they need to activate our service
as follows.

         Add our MX records to their DNS server

         When mail starts being filtered they should
         remove the MX record(s) that point to their
         local mail server.

         Final recommendation is to allow only mail
         from our service to be delivered to their
         mail server.

We can not however force our customers to make these
changes and many do not for their own personal
reasons.
Previous By Date Next
Previous By Thread Next

Current thread: