So says Brett Casey, MD at specialist IT security management company, Securicom.
 
According to him, about 2,5m e-mails processed by Securicoms systems for its customers each day are spam.
 
Spammers are bombarding company networks at an unprecedented rate and it is more than just an irritation. Because spam works off network and system resources, it negatively affects business. First of all, users are forced to wade through reams of unwanted and irrelevant mail items, which results in a loss of productivity.
 
Secondly, when large amounts of spam messages enter a mail server, they dramatically slow down the delivery of important mail within the organisation and also waste bandwidth, says Casey.
 
He adds that spam also poses another more ominous risk to businesses.
 
Spam is designed to sell you something and will more than likely redirect you to a Web site where you will be encouraged to purchase something or other. The problem here is that a large number of these sites are sources of SpyWare, which will install itself on your machine.
 
Without you knowing, SpyWare tracks Internet habits and harvests important information, including passwords, credit card details, Internet-banking logon details and e-mail addresses. So you can just imagine the security implications for a business where users access these sorts of Web sites via links from spam messages, says Casey.
 
He explains that spammers use multiple methods to access the mail addresses of their targets including for instance, collecting information via Web sites or by directory harvest attack. This involves randomly generating e-mail addresses for a specific domain name and then monitoring the Non Delivery Reports (NDRs) that are returned, which enables spammers to identify the naming conventions that are in use and the active e-mail addresses that can be targeted.
 
In order to ward off the wide range of sophisticated methods of attack, companies need to have a best of breed anti-spam filtering system with 24/7/365 automated filter updates. This, coupled with a best of breed content filtering system, will ensure optimal protection against spam and the threats associated with it.
 
However, Casey admits that this kind of protection does not come cheap, and very often does not fit the budget of a small business.
 
A best of breed anti-spam appliance alone can run into the tens of thousands of rands and then the skills required to properly integrate this with a content filtering system are also expensive for a business to employ and retain in-house, says Casey.
 
He also warns companies against downloading free anti-spam software packages from the Internet, firstly because they tend to create a high false positive rate, whereby valid mail is detected as Spam and removed. Secondly, users who install this software from an untrusted source often discover that the very software they are using to target spam has in fact installed SpyWare on their system, thereby opening them and their organisation up to an even greater risk.
 
Casey suggests that the best route for a small business to take to tackle spam is to outsource the function to a specialist e-mail security company.
 
By enlisting the services of specialists, small businesses have access to best of breed technology as well as a team of highly-skilled engineers. Furthermore, some IT security consultants combine the best anti-spam, anti-virus and content filtering software in an affordable solution to provide small businesses with optimal protection against all the threats associated with having an Internet presence.

For instance, Securicoms affordable IMCF solution offers Anti-Spam, content filtering and three layers of anti-virus. All of this is hosted upstream at the ISP, stopping the spam before it reaches the clients line.
 
This, together with the implementation of recipient validation, where only mail for valid customer mailboxes is accepted, ensures that between 90 and 95% of all spam is prohibited from entering a companys network, with a false positive rate of less than one in one million e-mail messages, concludes Casey.