Yellowknife takes a slice out of spam

For the City of Yellowknife, spam had become the virtual equivalent of black flies — painfully irritating and increasingly unavoidable.

Spammers were harvesting e-mail addresses off the city’s Web site

and jamming users’ — including the mayor and councillors — inboxes with up to 100 largely unsavoury spam messages a day, says network administrator Andre Thibodeau.

“It was a constant problem,” says Thibodeau. “There were constant e-mails and phone calls from staff — they wanted the spamming stopped. So we started putting blocks in our e-mail servers to stop accepting mail from from yahoo.ca and hotmail.com. Of course there’s a lot of legitimate e-mail from those domains as well, so that didn’t work because you have the public trying to contact the mayor and the councillors and they couldn’t get through, so we had to take all that out.”

It was a problem for more than the users, though. Thibodeau estimates he used to spend 10 hours a week dealing with spam-related problems.

Spam was also a big problem for the secretary at the city’s firehall: the city uses e-mail to communicate confirmation of the city’s emergency services and its dispatch to staff responsible for sending out billing notices.

“It was getting really difficult for the secretary at the firehall to filter visually on the screen between spam and messages from 911,” says Thibodeau. “It didn’t affect the 911 calls operationally, just (the staff person’s) performance and work.”

The city needed the IT version of RAID — something that would stop unsolicited e-mail dead in its tracks. Thibodeau researched the anti-spam software available and settled on a solution from Ottawa-based Roaring Penguin Software Inc. called CanIT, which, according to the company, boasts a kill rate of 99 per cent. Thibodeau says that stat is accurate, based on his experiences.

“It has probably cut out about 98 per cent of the spam,” he says. “Maybe once every two weeks a user will call to say they got a spam message.”

His 10 hours a week dedicated to spam have also been reduced to about five minutes a day. “You log into a Web-based interface, and it sorts it by spam score. We said anything over five is flagged as spam, and anything over eight is automatically deleted,” he says.

David Skoll, president of Roaring Penguin, says CanIT works by sitting on the e-mail server rather than on the user’s desktop.

“By rejecting spam at the server you stop it before it gets on people’s machines, and that’s especially important if you’re dialling in long distance to pick up your mail,” says Skoll. “You don’t want your filtering to take place after an expensive long-distance call.”

It also makes the spam stay on the sender’s server, increasing the cost to the sender, not the recipient. “It’s a small thing but it’s fun,” he says. “It makes people feel good.”

CanIT allows users to create their own blacklists, whitelists and rules and to customize it even to the extent they can make it look like their own Web sites. The scoring system lets users decide whether or not to reject mail as spam.

“It has a GUI that lets you sort through mail very efficiently,” says Skoll. “One person can sort through mail for 100 people in about 10 minutes because interface makes it super-efficient to look through the messages.” At the same time, he adds, “If you want to reduce the workload you can get it to reject messages automatically by setting thresholds, but that’s up to you, we don’t force you to follow our rules.”

Some anti-spam software vendors have taken a different approach — trying to identifying trusted senders rather than trying to eliminate unknown senders. But that puts the onus on e-mail senders, even legitimate ones, to prove they exist, says Skoll.

“For business reasons, a lot of those systems have some sort of challenge response mechanism where the sender has to prove they’re real and that might work on small scale, but it’s totally unacceptable for business. If you have an e-mail address on your Web site people will just get annoyed if they have to prove their existence. It also increases by a factor of three the number of mail messages every time someone wants to contact you, so you’re just making things worse. It’s just as spammy as real spam.”

Thibodeau settled on Roaring Penguin because it’s a Canadian company, first and foremost, but also because the product was easy to install and customize. The city paid just over $6,000 for the product, including 15 hours of support and any upgrades.

Roaring Penguin also provides all customers with source code, which allows them to tailor the product to their needs. Having the source code also protects the city’s investment, says Thibodeau.

“If Roaring Penguin ever went under we could continue to develop the software,” he explains. That’s even more important because while Roaring Penguin has been around for four years, the product is only about a year old, he adds.

Comment: [email protected]

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs