Resource drain on administrators to have website/maillists/etc.. be manually reviewed to make sure incoming requests and communications are legitimate. Reviewing user profiles and domain addresses for allowing and blocking.
How far up can spam filtering and website blocking begin in the infrastructure?
· Automated spam filtering service. Proofpoint?
· End User Client
· Office 365 Mail Servers
Possible Issues
· Manual configuration mistakes
· Accidentally get on the blocklist and the long process of getting off that list.
· Legitimate email being blocked
Spam@stanford.edu - was setup to forward spam to security office. However, there are hundreds of emails being sent to that account and there is not a lot of resources to manage it.
Spam is a way of life now. Consumes a lot of time to manage and it is a losing battle.
The main focus is on phishing attacks and preventing them.
