subscribe: Daily Newsletter

 

False positives can prove expensive

0 comments

The trouble at a major US law firm began with pornographic spam. The company was being bombarded with offensive messages, and enough of it was seeping through its spam filters that employees complained to management, and the IT administrator was instructed to take action to resolve the situation.

What happened next, as detailed in federal court filings, shows how the fight against spammers can backfire. Spammers have been using increasingly sophisticated techniques to evade filters, so that over the past few years and despite predictions to the contrary, unsolicited e-mail continues to plague businesses worldwide.
The IT administrator reconfigured the spam filter it was using to make it harder for spam to land on the desktops of company employees; but it had one unforeseen consequence. The filter appliance began blocking e-mail from the United States District Court for the District of Colorado, including a notice advising company lawyers of a in a civil lawsuit.
Unfortunately, the law firm missed their court date and the judge overseeing the matter ordered the company to pay attorney fees and expenses incurred by the lawyers who showed up representing the other side of the case.
“What happened to this company is unusual, but reflects a legitimate worry for law firms in particular," comments Garth Wittles, MD for Mimecast SA. “If you work in the legal profession, it doesn't take a very high percentage of false positives in the antispam world to misidentify a crucial piece of correspondence.”
Another major law firm also admitted it had missed e-mailed court notices in the past, although it had not blown court dates as a consequence. It now uses several mail filtering systems, each considered to have a low frequency of error and as a direct consequence of the above allows more spam than other businesses because of concern over this issue. The CTO of this company was quoted as saying “You test like crazy and then you pray and genuflect.”
“Closer to home is another example of a situation that had massive financial implications. The local office of an international engineering company apparently missed a tender deadline when their submission to a local utilities company was incorrectly quarantined (a false positive) and was deemed not to have ‘arrived’ on time,” adds Wittles.
“Fortunately, the engineering firm was using our software and could prove that the delivery of the e-mail and tender submission into the utility’s extended e-mail environment was on time. The submission was then included in the tender appraisal process and resulted in a R5-billion windfall. False positives often go unnoticed and are the cause of ‘lost’ or ‘delayed’ e-mails, the results of which could have potentially disastrous consequences.”
“Fortunately there is an application that can appropriately address this very important issue,” concludes Wittles. “Mimecast utilises its own proprietary next generation of anti-spam technology that is not dependent on content examination and thus provides a powerful and effective zero administration and zero false positives anti-spam system. It has proven in the field by many companies and not just legal firms, seeking to address this major issue.”