Pity today's poor e-mail administrator. At some enterprises, 75% of e-mails are spam, and many corporate users appear content to save the remaining 25% in perpetuity. Sarbanes-Oxley has made archiving e-mail a necessity, but without company policies to govern the process in place, many administrators are archiving first and asking questions later.
Savvy administrators can find ways to resolve these and other e-mail problems, according to Andy Pedisich, president of Technotics, Inc., a consulting firm specializing in deploying infrastructure and messaging/collaboration systems, with a focus on Notes and Domino. Pedisich offered pointers for e-mail admins using the Domino platform during a recent SearchDomino.com webcast entitled Taking Back Control of Mail Files in Your Domain.
Below are five of the tips offered by Pedisich during the webcast. To hear the webcast in its entirety, click here
1) Treat spam like a virus. Don't rely on content filters alone – spammers change IP addresses by the minute, use fake domains and find dozens of ways to spell certain popular prescription pills. If you rely on content filters, you may miss legitimate messages. For instance, several months' worth of e-mail from a consultant never got to Pedisich because the filter he had set up to reject the term "Cialis" also rejected the word "specialist," which was contained in the consultant's electronic signature.
Pedisich recommends a perimeter-based architecture that stops spam before it reaches the server. One possibility is a blacklist, which administrators can identify in the Server Config document. Blacklisting offers three options: logging all incoming messages, logging and tagging them as spam, or logging, rejecting and sending the messages back to the host. He recommends that administrators experimenting with anti-spam techniques simply log the messages, recalling times that the salespeople he worked with got riled up when they thought they were missing sales leads. "There's nothing worse than having the townspeople coming at you with pitchforks and torches," he said. He also noted that the upcoming Release 7 of Domino will include a whitelist option for certain senders, Pedisich said.
2) Close open relays. When the Internet was in its infancy, if Pedisich's server was down, he would simply find another one to deliver his e-mail. Today, that's what spammers do. Fortunately, admins working with Domino 6 can keep many spam messages out of their system by using the SMTP Inbound Controls tab, which enables them to have messages sent to their own domain and nowhere else. "Beyond that, you want to perform these e-mail enforcement options…for all external hosts except for people who are authenticated," Pedisich said.
3) Limit mail file sizes. Domino 6 allows administrators to set a quota for users' mail files, and Pedisich said that 400 MB should be plenty. Administrators can set the server to send a message when users exceed the quote or reach a certain threshold, e.g., 350 MB. Messages can go out as often as every minute. It's a method that is not without irony, notes Pedisich, saying. "The poor son of a gun is over the limit, and we're sending him this mail message to them that they're over the quota." If users don't comply, their outgoing mail can be held or even bounced back until the mail file is manageable again.
4) Archive mail on another server. Leaving old e-mail on the mail server is about as useful as placing a humidifier and dehumidifier in the same room, Pedisich said. A desktop or local server is OK, but data backup is a concern. He recommends that administrators dump archived mail on a weak server – after all, few folks are going to visit it. "After about six months of archiving user mail, you can look into the user's file and see if they've ever read that mail again," he said. If they haven't, to the trash it goes, he said.
5) Sell your case to the bosses. Go into meetings knowing your server's remaining lifespan and calculate how much time your users lose each day to deleting spam. "Force management to look at the problem," Pedisich said. "Predict when this [server] space is going to run out and then talk about the dollars to get there." Whether this is done in-house or outsourced does not matter, he said, but added, "My choice is, let someone else do it, if [you] can afford to."
Finally, Pedisich recommends that you get corporate lawyers on board to enforce the mail file size limit, noting that users are more likely to adhere to a company policy versus an IT advisory.
If you're attending Admin2005 in Boston from May 18-20, you will also have the opportunity to hear Pedisich address the topic of Taking Control of Mail Files in Your Domain on May 18 at 9:45 a.m. He will also speak at four other sessions: Front-Line Techniques in the Battle against Spam (Wednesday at 2:15 p.m.); Automating Mail File Maintenance Procedures (Thursday at 8:30 a.m.); Exploiting Domino Directory Services (Thursday, 1:15 p.m.); and Leveraging Domino Monitoring to Optimize Performance (Friday, 10:15 a.m.). He will also oversee two Hands-on Labs on Policy Implementation (Thursday at 10:15 p.m. and Friday at 8:30 a.m.)