X

Thank you for sharing!

Your article was successfully shared with the contacts you provided.
Scott Petry, 39, is vice president of products and engineering for Postini Inc., a Redwood City, Calif., leader in anti-spam and anti-virus software and systems. Petry, who founded the company in 1999, numbers some of the top law firms nationally as clients. Here he discusses the issue of spam and what’s known as “directory harvest attacks.” Besides being a nuisance, why is e-mail spam an issue with law firms and other companies? For law firms, the biggest issue with spam is its effect on partner productivity. A partner may receive [numerous] e-mails per day, and it can be a waste of time going through them to find out what is spam and what is not. High e-mail volumes can also bring down a mail server. Also, today spammers can hammer at a firm’s mail server [in a directory harvest attack] and eventually compile a list of the e-mail addresses, so there’s theft of directory information, as well. What is considered “spam”? That’s highly subjective, but it’s generally unsolicited commercially oriented e-mail that’s asking the customer to do something explicit . . . .It varies case by case. Spam to law firms might be selling a legal CD. Spam used to be like a “dumb bomb.” Now that spammers can harvest directories and get specific e-mail addresses, it’s like precision munitions. How big is the problem? On a typical day, Postini processes over 100 million e-mail messages for customers, and quarantines about 73% of them. That’s 73 million messages. If you think that almost three-quarters of the messages being processed on a company’s server can be a waste, how do you do capacity planning? Was it always this big of a problem? When we started in 1999, about 5% to 7% of the traffic we processed was spam. Between 2001 and 2002, it went to 20% to 50% of the traffic. So last year showed a huge growth of spam. How does your technology deal with spam? The traditional approach was to accept the [e-mail] messages and write them to disk, but in our case the data flows through spam-filtering servers and we analyze it in real time . . . .Our technology allows us to process e-mail on the fly-there’s no interruption of the e-mail flow. Are the messages filtered before they get to the client firm? Yes, filters are set up so that spam is quarantined before it reaches the client’s corporate “firewall,” but depending on the client arrangement, some individuals can still view what has been sent to them. Some individuals like to see all their e-mail and make a determination about it themselves. Do you block e-mail based on key words? No, there’s no way key words would work. Spammers are very creative and will spell “sex” as “s.ex, s-ex, seks” or so on, and the spammers are always changing it. It’s more like we look at the URL and other content and characteristics of each e-mail and we formulate a probability score. We can say, for example, that an e-mail has a 93% chance of being spam or pornography. When you quarantine what looks like spam, do you risk losing a legitimate e-mail? We don’t actually delete the e-mail. If it looks like spam, we quarantine it in a certain Web location, and then notify the customer that certain messages have been intercepted. They can then go to the quarantine center and view the e-mail. How many customers do you work with? We have over 1,600 customers, including more than 160 law firms throughout the U.S. Are there any tips you can provide on avoiding spam? The most important thing is to never, never reply to unsolicited e-mail, even if your reply is a request to get off the e-mail list. If you reply, you’ve then confirmed your e-mail address. At one time firms had policies such as not posting e-mail addresses on their Web sites, or they asked individuals to be careful about releasing their e-mail addresses. However, since spammers can harvest e-mail addresses off of company servers, that isn’t as useful now. How did you get started in this area? Back in March 1999 when we were getting started, Web-based interface was the big area-communicating or selling goods online. But we felt that e-mail was the defining application of the Web and went in the direction of adding innovations to e-mail. We focused on spam and virus blocking, and it’s been “off to the races.” Are there many other firms working to combat spam now? Yes, it’s a hot area. Bernadine Cassell is a freelance writer based in Lexington, Mass.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]

 
 

ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.