Virginia county fries spam with heuristic software

Arlington County, Va., officials didn't think they had much of a spam problem, or at least nothing out of the ordinary.

Sure, they got their share of e-mail from members of a distinguished but exiled Nigerian family. They saw plenty of messages offering low-cost ink-jet printer supplies and painless ways to consolidate credit card debt. But nobody was walking the halls complaining about spam, said David Jordan, the county's chief information security officer.

Last November, Jordan and his team decided it was time to assess the spam situation. They set up a tutorial about spam on the county's intranet instructing 3,500 employees to forward bothersome messages to spam@co.arlington.va.us. An audio file of the Monty Python song, 'Lovely spam, wonderful spam!' greeted visitors to the site.

Hundreds of spam e-mail messages began pouring in from employees. The office used the e-mail to create a blacklist of 4,000 keywords for the county's Novell GroupWise
e-mail filter.

It turned out that the county did have a significant spam problem: about 5,000 messages a day, Jordan said. But because the spam was spread out among 3,500 employees, it hadn't been too noticeable.

The county installed Symantec AntiVirus for SMTP Gateways 3.1 from Symantec Corp. of Cupertino, Calif., between the county's firewall and e-mail server. Written in C++, AntiVirus for Simple Mail Transfer Protocol software runs under Microsoft Windows and Sun Solaris.

Meat of the problem

It uses heuristic detection to stop viruses, worms and spam, said Chris Miller, a Symantec product manager. That means learning to judge the probability of bad versus good messages, or as Miller said, 'spam or ham.'

An organization can't solve its spam problem with an algorithm or engine, Miller said.

'You can only keep it under control,' he said. People are looking at fighting spam more as 'e-mail hygiene. The threats are blending. Spam now is used as a delivery mechanism for Trojan horses, malicious code and viruses.'

The combination of the Symantec software and the keyword filter is catching 130,000 to 140,000 spam messages each month'around one-quarter of the e-mail traffic. 'That's a lot of spam for the second-smallest county in the United States,' Jordan said.

He has another weapon in his arsenal against spammers. In April, Virginia Gov. Mark R. Warner signed a bill that makes it a felony to send high-volume unsolicited bulk e-mail. Jordan now notifies spammers of the state's antispam legislation and the possibility of a seven-year prison sentence.

The Internet is an important part of how people communicate now, and 'we want to filter out all these negative aspects,' he said. 'We don't want people to stop using it.'

County employees are pleased, he added. 'We get letters of appreciation from employees who say, 'Oh, I'm so glad I'm not getting that junk anymore.' '

About the Author

Trudy Walsh is a senior writer for GCN.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above