Overzealous Spam Filter Proves Costly for Lawyers

By
Robert McMillan
July 13, 2007, 7:38 PM ET
4 min read

— -- The trouble at Franklin D. Azar & Associates PC began with pornographic spam.

Last May the Aurora, Colorado, law firm was being bombarded with offensive messages, and enough of it was seeping through the company's spam filters that employees complained to management, and IT administrator Kevin Rea was told to do something.

What happened next, as detailed in federal court filings, shows how the fight against spammers can backfire. Spammers have been using increasingly sophisticated techniques to evade filters, so that over the past few years and despite predictions to the contrary, unsolicited e-mail continues to plague businesses worldwide.

On the morning of May 21, Rea dialed up the spam settings on the Barracuda Spam Firewall 200 Azar & Associates was using to block unwanted mail. The changes made it harder for spam to land on the desktops of company employees but they also had one unforeseen consequence: the Barracuda Networks Inc. appliance began blocking e-mail from the United States District Court for the District of Colorado, including a notice advising company lawyers of a May 30 hearing in a civil lawsuit.

Azar & Associates lawyers blew their court date and this week the judge overseeing the matter ordered the company to pay attorney fees and expenses incurred by the lawyers who showed up representing the other side of the case. Rea did not return a call seeking comment on the matter.

What happened to Azar & Associates is unusual, but reflects a legitimate worry for law firms.

"This is an IT guy's nightmare if you work in a law firm," said Matt Kesner, chief technology officer with Fenwick & West LLP, a Bay Area law firm with about 250 attorneys. "It doesn't take a very high percentage of false positives in the antispam world to misidentify a crucial piece of correspondence."

Fenwick & West has missed e-mailed court notices in the past, although it has not blown court dates as a consequence, Kesner said.

Over the past 10 years U.S. state and federal courts have increasingly done business electronically in a move to become more efficient and more environmentally friendly.

This charge has been led by the federal court system, which uses an electronic document system called Case Management/Electronic Case Filing (CM/ECF), in nearly 200 courts across the country. All federal bankruptcy and district courts use CM/ECF and soon it will be standard in the appellate courts, according to Richard Carelli, a spokesman with the Administrative Office of the U.S. Courts.

"You can be notified other ways, but by and large the business of law is carried on electronically, at least in the federal courts," Carelli said.

Putting the federal courts, which use the uscourts.gov domain, on a "whitelist" of approved senders is one way to avoid problems receiving e-mail.

In fact, the Colorado federal court judge in the Azar & Associates case criticized the law firm for not whitelisting his court's domain name. "It would have been a very simple task to whitelist the... [domain] to insure that such e-mails within this domain would always be received."

The judge's order will probably end up costing Azar & Associates several thousand dollars, said Venkat Balasubramani, principal of Balasubramani Law, who has blogged about the issue.

But despite the persistence of spammers, Balasubramani doesn't think that the CM/ECF system is really in any trouble. "I don't think the scourge of spam is going to hurt the viability of CM/ECF," he said. "I see this decision as a little bit of an aberration."

Kesner, who was a lawyer before taking over the CTO job at Fenwick & West , points out that missed appointments happen when parties are notified by postal mail as well.

He avoids whitelists because they must be manually maintained and there is the possibility for human error. But Fenwick & West IT staff uses several mail filtering systems, each considered to have a low frequency of error and they've also programmed their filters to allow more spam than other businesses because of concern over this issue.

His advice for legal IT staff? "You test like crazy," he said. "And then you pray and genuflect."