| What is a Spam Firewall? | | | | Are Spam Firewalls Expensive? |
| A spam firewall is a hardware device that sits | | | | Spam firewall appliances range in price from around |
| between your internet firewall and LAN. It is called a | | | | $2000 up to $20,000 or more, depending on the |
| "firewall" because it provides data filtering of email | | | | number of users it needs to protect and features. |
| packets, and blocks the packets that meet the | | | | Many spam firewalls have optional features like |
| criteria of "spam". Spam firewalls can also provide | | | | antivirus or anti spyware. Spam firewalls need to be |
| anti-virus protection, anti-spyware, anti-spoofing and | | | | kept up to date with the latest data on known spam |
| anti-phishing services, depending on the model you | | | | sites, new algorithms, updated filters, etc... This is |
| choose. A spam firewall is not designed to protect | | | | normally handled by the firewall manufacturer as an |
| your network against intruders such as hackers - you | | | | auto-update feature. As with most network |
| will need a regular internet firewall for that. | | | | appliances, an annual maintenance plan is usually |
| How Does a Spam Firewall Appliance Work? | | | | purchased for the purpose of keeping the firewall up |
| Spam firewalls use a variety of methods for | | | | to date and performing it's best. |
| determining what is considered spam and filtering it | | | | What About False Positives? |
| out. Normally a form of blacklisting is used, which | | | | Spam firewall appliances use many sophisticated |
| automatically filters out email from known spammy | | | | techniques to identify and block spam, generally with |
| addresses. A whitelist may also be used, which allows | | | | very good success. Because spammers are |
| the administrator to identify addresses or domains | | | | constantly change their techniques in order to get |
| that should never be blocked. Keyword scanning may | | | | their junk mail past the latest and greatest spam |
| also be used, allowing the administrator or individual | | | | filtering technologies, spam firewalls must continually |
| user to block emails containing certain keywords or | | | | monitor patterns and make filtering corrections. Spam |
| keyword combinations. A form of message | | | | firewall manufacturers are also constantly make |
| authenticity checking is also normally used to identify | | | | corrective configuration changes to keep up with the |
| valid "from" addresses, check details of the entire | | | | battle against spammers. For this reason, even the |
| SMTP process, or validate legitimate IP addresses. | | | | best spam firewall is going to filter out "good" mail |
| Many spam firewall appliances also use bayesian | | | | from time to time. This is called a "false positive", and |
| algorithm filtering, which help the firewall block more | | | | administrators (and users) must always be on the |
| spam over time as it "learns" what is considered | | | | lookout for this. Most spam firewalls have sensitivity |
| spam based on message history, user input and | | | | thresholds that can be adjusted by an administrator |
| other analysis. Incoming message flow filters also look | | | | to help overcome false positives. |
| at the number of incoming messages and where | | | | A spam firewall appliance is not your typical "set it |
| they are from, allowing them to quickly spot and | | | | and forget it" firewall, but the advantage of having |
| stop a sudden barrage of spam emails that have | | | | such an appliance on your network far outweighs the |
| been mass-distributed from the same source. Spam | | | | need for some administrative work. If your |
| firewalls are very "smart" and good at eliminating the | | | | organization experiences a lot of spam mail - get a |
| majority of spam email that comes into a network. | | | | spam firewall and experience the difference! |
| They are not 100% effective, but many come close. | | | | |