MessageLabs and SMEs
Actually, make that SEs - family businesses with less than 10 employees.
I am not having a pop at MessageLabs' credentials, but their offering is so out of kilter with what real-world small businesses can afford that an alternative (admittedly possibly less robust) workable solution is needed.
So, for any SE being bombarded by spam, this is my solution, but I welcome other suggestions and do not claim mine to be the best.
Keep in mind that it is NOT an option to simply change the email address being spammed. Too much has already been spent on marketing it (stationery/website/brochures/ads/signage etc).
Also bear in mind I am talking about computer-illiterate/phobic owner-managers (they do exist, believe me) and I want a quick, cheap and effective solution.
So here is how I go about it:
First, create a new account on the SE's domain, with a near-unguessable account name, e.g.
Second, sign-up to SpamCop and use the new [email protected] account as the forwarding address for 'clean' mail. Total cost, pennies over the year.
Third, redirect all incoming mail addressed to the spammed email account the SpamCop account.
Fourth, crank up all of the SpamCop filters for all options.
Fifth, enable auto notification of Held Mail reports.
Those are the basics, but there are tweaks to be made over the following weeks (mostly whitelist entries).
What I find most appealing about this solution is that I can sort it all out for a client from hundreds or thousands of miles away, and do not have to change anything on their system, other than walk them through adding [email protected] as a new account.
As stated, all constructive suggestions for easier/better ways to remotely solve a customer's problem invited.
The additional point I will make is that I noticed the inline and remote image techniques at the same time as the MessageLabs report identifies. To begin with they all got through. They have (for my clients anyway) since fallen back to zero, while the boys from Lagos are now back on top. We would like to think that reporting every single one as spam via the SpamCop service has, in some part, brought that about.
Disclosure: I like SpamCop; I am not a stooge or employee, and benefit not a jot if anyone else tries this method.