We recently moved from a homegrown Linux box running SpamAssassin and a few other components to control the influx of spam onto our network to a commercial solution offered by Barracuda Networks. This was done for several reasons - lack of time to properly maintain the other system, problems trapping image spam and writing the rules necessary to stop the spam. Since implementing the new solution, we haven't been as successful as we were hoping for. This doesn't seem to be the plug and play solution that it was represented to us as being. How can we get things running better?
--Via the Internet

None of the commercial anti-spam solutions is as plug and play as you would be led to believe. Barracuda is a good option and with a little bit of work, you can make it really good. Start by looking at the support forum section of the Barracuda website. There you will find other users who have same goal as you do - to get the best results for the investment that they have made.

You will need to do some tweaking over time as different types of spam emerge and to take advantage of improvements that can be expected to be included as updates are released for the version of the unit that you have.

Make sure that you are set up to download spam and virus signatures on an hourly basis. It wouldn't be a bad idea if you notice that the version numbers of either are updating more than several times a day to manually do an update to take advantage of the new signatures to help keep the barbarians at the gate. If you haven't done so, at your edge router connecting your network to the Internet, I would suggest getting the latest IPV4 Address space list to find out what IP ranges are showing as reserved by IANA and shouldn't be seen as being in use and blocking those from being able to send e-mail to your company.