SI 8 SPAM PROTECTION - NIST-SP-800-53-R5/NIST-SP-800-53-R5.github.io GitHub Wiki

Control:

• a. Employ spam protection mechanisms at system entry and exit points to detect and act on unsolicited messages; and
• b. Update spam protection mechanisms when new releases are available in accordance with organizational configuration management policy and procedures.

Discussion: System entry and exit points include firewalls, remote-access servers, electronic mail servers, web servers, proxy servers, workstations, notebook computers, and mobile devices. Spam can be transported by different means, including email, email attachments, and web accesses. Spam protection mechanisms include signature definitions.

Related Controls: PL-9 , SC-5 , SC-7 , SC-38 , SI-3 , SI-4.

Control Enhancements:

• (1) SPAM PROTECTION / CENTRAL MANAGEMENT
  [Withdrawn: Incorporated into PL-9 .]

• (2) SPAM PROTECTION / AUTOMATIC UPDATES
  Automatically update spam protection mechanisms [ Assignment: organization-defined frequency ].

  Discussion: Using automated mechanisms to update spam protection mechanisms helps to ensure that updates occur on a regular basis and provide the latest content and protection capabilities.

  Related Controls: None.

• (3) SPAM PROTECTION /CONTINUOUS LEARNING CAPABILITY
  Implement spam protection mechanisms with a learning capability to more effectively identify legitimate communications traffic.

  Discussion: Learning mechanisms include Bayesian filters that respond to user inputs that identify specific traffic as spam or legitimate by updating algorithm parameters and thereby more accurately separating types of traffic.

  Related Controls: None.

References: [SP 800-45], [SP 800-177].