Friday, June 1, 2012

Why a server-based anti-spam solution might be a good idea


By Emmanuel Carabott

You open your favorite mail client, such as Microsoft Outlook, only to find your mailbox filled with spam. It's a frustrating scenario and one we encounter often. But how do we fix it?

To effectively tackle spam, we must first understand how the email infrastructure works. Outlook email, like so many other services out there, is a client/server system. Mail clients that we use to read our email, such as Microsoft Outlook, obviously belong to the client side of things, while the server side is populated by various solutions -- one of the most popular being Microsoft Exchange Server.

Spam can be blocked from either the client side or the server side of the infrastructure. But how do we determine which approach is best for our organization? Should we apply a desktop solution that stops spam at the client level? Or should we block spam at the server level before our mail server distributes the emails to their respective recipients?

I normally like to weigh up the pros and cons of each approach, offering you a final recommendation. However, in this particular scenario, I feel that the answer is to simply block spam at the server level, unless -- and only unless -- you do not have an email server infrastructure hosted by your organization.

How did I come to this immediate conclusion? There are just so many advantages of hosting your anti-spam solution server side, and really no notable disadvantages, that there is just no sense in hosting it on your client system, unless that really is your only option. Let me explain why.


Desktop anti-spam solutions are primarily intended for the home user market, or else for very small businesses that have up to ten email users. As a result, they tend to have a basic feature set in order to keep costs down, as well as to remove any complexity to make for easy software installation and management. On the other hand, server based anti-spam solutions generally include more advanced features such as greylisting, SPF and trainable Bayesian analysis.


Desktop based anti-spam solutions result in each client having its own configuration. This also provides users with the power to change configurations if they wish. This can make the process of debugging issues a nightmare for support staff as they must conduct a physical inspection to determine that particular client configuration.

Contrast this scenario with a server based anti-spam solution that has a centralized configuration. Such solutions allow for granular configuration settings to cater to the specific needs of individual clients. However, unlike desktop based solutions, the administrator remains firmly in control.


We have already discussed how users can manipulate the configurations of client-based anti-spam solutions, with the resulting chaos that comes from having different rules for every user with no central control. Beyond this, however, these desktop-based anti-spam solutions are tied to specific client software. If a user, for some reason, decides to stop using Outlook as their mail client and switches to a new solution, that user might mistakenly think he's still protected against spam and malware, when in fact he's not.