Write it down! Send a policy on e-mail use to every employee. Define what’s appropriate to send from work. Ban the forwarding of chain e-mail.
Don’t be obvious. Avoid assigning all employees obvious e-mail addresses such as firstname.lastname@example.org. A random number in an address can trip up spammers.
Use a filter. Use a whitelist or verification filter like DigiPortal Software’s ChoiceMail, a tool for Microsoft Windows, or TMDA (tagged messenger delivery agent), an open-source tool. A whitelist filter makes sure that mail only from approved recipients makes it to the inbox. Other messages generate a challenge that is returned to sender.
Know the rules. Try rules-based spam filtering with a tool like SpamAssassin, which evaluates scores of e-mail patterns against an incoming message. If an incoming message exceeds a minimum score, it’s bounced as spam.
Be demanding. Make it policy that when an employee uses newsgroups, signs up for newsletters or makes online purchases that they use a personal e-mail address.
Keep your staff informed. Tell employees to never respond to spam?even if the e-mail asks if they want to be removed from their list. A response just confirms the accuracy of an e-mail address. Teach them to delete e-mails and attachments instead of opening or forwarding them. Tell them to never send personal information in an e-mail.
Sources: IBM, Gnosis Software, Symantec, Sophos