Kingfisher Bay Resort has ditched Symantec for a rival managed anti-spam solution claiming the product allowed spam to pass through its filters unchecked.

The resort is located on Queensland's Fraser Island and employs 500 staff, with about 100 users relying on e-mail for communication and customer service across the resort's remote sites.

Staff were receiving between 20 to 40 spam e-mails per day prior to the implementation, with more exposed addresses copping more than 100 a day.

Director of parent company Tourism Leisure Corporation, David Goodman, said while the company is satisfied with the Symantec corporate edition anti-virus deployed on its network, the aging spam solution was reducing productivity.

"You can imagine how much of an inconvenience it is to identify and manage all that spam; we needed to alleviate the burden of spam management so our staff could get on with it," Goodman said.

"We use Symantec's AV which works great on our network, but the older version of Symantec anti-spam wasn't up to scratch."

Goodman said it deployed MessageLabs AV and anti-spam as a managed service after assessing three local vendors including MailGuard, and a successful two-week trial.

"Even through our mail server caught something like 60 percent of spam, we had virus outbreaks [at the resort] through our mail system and [Web-based] mail," Goodman said. Kingfisher Bay Resort deployed the solution last year and is now considering outsourcing more functions.

Symantec was unwilling to comment on the claims about its older products, adding that it did not discuss customers or customer issues.

Only yesterday MessageLabs released findings from its security report for the month of May which tallies the quantity of spam, virus, and phising scams passing through the vendors' honeypots as well as documenting new variants.

While spam rates decreased overall for the month of May, the company claims it found new spam techniques which use image-hosting sites.

MessageLabs chief security analyst, Mark Sunner, said spammners are now hosting images on sites that do not require registration rather than embedding images in the body of an e-mail message.

He said the technique was used by the group responsible for the recent abuse of Imageshack. "More than 10,000 spam messages were attempted in one spam spike that lasted only 11 hours, accounting for more than 75 percent of the total messages received by the domain during the entire period," Sunner said.

He said that this attack can overload e-mail servers and defeat anti-spam systems that rely heavily on signatures created over a long period of time.

"A spike is designed to increase the amount of spam that gets through a network while a distributed denial of service (DDoS) attack disrupts connectivity, however, they can have similar effects," he said