>People decide to use IMGate because they've heard, in this list and elsewhere, that
>IMGate gives good results. So they try it (even after buying and using Declude), and
>they find that Imgate works for them, too.
They think they're getting good results because they're not seeing the FP's.
In a situation where single point failure tests are being administered at the
corporate level (not at the ISP) then IMGate and similar solutions may appear to work
well because the admin (presumably) is looking after the concerns of his *customers*
i.e. internal users. They have been empowered to do so by their employers to act in
good faith and with the companies and it's employees interest at heart. Fine, until
that all important email is blocked because it's been misclassified. This is a problem
with single point failure test and weight systems alike so why just rely on one test
rather than a multiple test that provide better confidence?
Go one further step back to the ISP level any test system that rejects is simply crazy
because you can never be sure you're not rejecting FP's. You're in a position to
determine what should happen to a customers email. You have the power to excercise
that control and it's all very clever stuff but do you have the right to do so?
By not informing recipients of FP's (you can't because you're not detecting them)
you're lulling yourself and them into a feeling a false security by being convinced it
works. If you don't care about FP's then fine it will work but in my book rejecting
just one FP rejection is a no-no - it should never be allowed to happen.
If you decide to reject then it is common sense that multi-point testing is the better
option because you can incorporate the single point test as part of an overall testing
strategy and have better faith (it isn't religion it's a state of mindful security) in
the decision to reject email. 25 tests are better than 1.
Your argument is that you're happy to reduce the amount of spam by rejection with an
added benefit of reducing traffic and processing power at the cost of customers not
being aware of the level of FP's that are occuring. If you're customers don't care
either then you're onto a winner - in the short term.
My argument is that I'll allow all email to pass to ensure all email (aside from virus
laden) gets delivered to the customer. However, I do my very best to provide the
customer with as much information as I can so they can make their own decisions and
just as importantly they're better educated. The downside is that traffic volume
remains high and requires additional processing (it's not very high anyway even
running with 25 tests per email) IMHO that is a price well worth paying.
David Lewis-Waller
________________________________________________________________
Sent via the WebMail system at wiss.co.uk
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
