1. Carefully negotiate licensing deals. Prices will fall significantly through 2004 as the antispam market consolidates.
2. Look at various options. Consider outsourcing, appliances and open-source software in addition to commercially licensed software.
3. Choose antispam products that support multiple detection methods (such as signature-based methods, heuristics and Bayesian filtering), user management (such as whitelists, blacklists and quarantines) and granular policies.
4. Educate users on how to avoid spam.
5. Establish an e-mail address for users to report spam to IS.
6. Go slow. For the first two weeks, put the spam-filtering system in audit mode without quarantining or deleting any mail. Review audit reports to see how much mail is spam and what type of spam it is.
7. Check false positives. Use the audit results to define policies and determine how many false positives (the number of legitimate messages you block) your organization can tolerate. The more spam you block, the higher your false positive rate will be.
8. Filter spam in steps. Start by flagging suspected spam and letting users decide what to do with it. Then quarantine spam, but give users the opportunity to review their blocked messages.
Source: Maurene Caplan Grey, Gartner research director