Choosing Anti-Spam Software

Posted on
Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

If there’s one phenomenon that all users on the Internet share, it’s the common feeling of pain and discomfort when the topic of spam comes up. According to anti-spam vendor Postini, in the past 30 days of monitoring, it’s observed that 10 of every 13 e-mail messages qualify as one form of spam or another. In percentage terms, that means nearly three-quarters, or 72.3 percent, of all e-mail messages that travel the Internet are unwanted garbage. My own experience over the past 14 months (since I started using a spam-filtering service and have access to stats from that election) is that 17 out of every 20 messages are spam, so it’s obvious (at least to me) that the problem is worse for some of us than it is for others.

It’s clear that some assistance is required to help separate the good e-mail from the bad. That’s where anti-spam technology can come to the rescue and cut down spam enormously. This creates a two-dimensional matrix of potential help. One dimension deals with where your e-mail gets screened for spam, and the other with how such screening occurs (wherever it may be applied). I’ll cover each of these dimensions in a separate section, but first will observe that multiple levels of e-mail screening can greatly reduce the amount of spam that you must screen for yourself. This approach may cost more, but when saving time helps generate more money to offset increased costs, the trade-off is invariably worth it.

Where to Catch Spam
Those seeking to catch the most spam at once can do it where e-mail (and hence, spam) congregates—at the servers that send, forward and receive messages. As an end user, there’s not much an individual can do to foster the use of or affect the choice of a server-based spam-screening tool or service, because servers are not in his or her control. That said, it’s important to observe that spam screening is nearly a requirement for server operators nowadays, simply because without filtering (and discarding) such unwanted e-mail as they can recognize, the costs for storing such data, only to have it discarded later by users, are pretty discouraging. As a smart consumer, you ask your Internet Service Provider (ISP), or whatever business entity handles your e-mail for you, what they’re doing to deal with spam, and vote with your business (and checkbook) by moving your account elsewhere if you don’t like the answers you receive to that question. Let’s call this category “server-based spam handling.” The costs for this type of spam handling aren’t usually broken out, so consider them part of what you’re paying an ISP or other service provider to do on your behalf. On the other hand, if you do operate an e-mail server, it definitely behooves you to look into server-based software (or similar services) that can automatically clean and screen the flood of spam continually aimed at your message stores. This includes products like the SurfControl E-mail filter, which runs either on a dedicated e-mail screening server or can be installed on an e-mail server directly and run in addition to whatever messaging or SMTP server software may be in use.

The next approach you can take is to invite a specialist of some kind into your inbox to help you deal with the spam that arrives there. Let’s call this category a “spam-filtering service” because it usually involves opening your inbox to their inspection and cleanup, or forwarding your inbox to their e-mail server, where they can access it locally on a regular schedule and clean things up as they arrive. Both types of services are available, and usually cost somewhere between $3 and $5 a month. Typically, they’re charged to a credit card on a monthly basis, with cheaper rates available for those willing to pay for bigger blocks of service time in a single transaction—blocks of one or two years seem pretty common, based on my ad-hoc survey in researching this story.

After these two levels have been traversed, everything else happens at your PC. Before e-mail is delivered into your inbox, you can apply all kinds of stand-alone software tools that I’ll call “personal spam blockers,” which basically intercept, inspect and handle what spam they can identify before permitting messages to take up residence in your e-mail client’s inbox or other folders. Likewise, a great many such tools work the same way, but operate as plug-ins to your e-mail client software (Microsoft Outlook, bundled as part of Microsoft Office, and Outlook Express, bundled as part of Internet Explorer, are the most commonly targeted clients for which plug-ins or add-ons are available). Such packages come in all shapes, sizes and costs, from freeware to commercial software, but seldom cost more than $40. In fact, many of these programs are bundled into well-known Internet software suites, including those from Symantec (Norton Internet Security: Norton AntiSpam), McAfee (Internet Security Suite: McAfee SpamKiller) and Trend Micro (PC-cillin Internet Security, Anti-Spam Filtering), among many others of that ilk.

The last line of spam handling or defense occurs in your e-mail client itself. Through various kinds of built-in filters, mail-handling rules or junk mail handlers—the types of anti-spam mechanisms supported vary from client to client, but are part and parcel of virtually all modern e-mail client software from Outlook to Eudora to Thunderbird and clients integrated with Web browsers—you can subject what does make it into your inbox to a final round of inspection, selection or rejection before you actually have to look at anything yourself.

Remember that in the final analysis, it’s all about making sure that what does arrive in your inbox includes the most favorable ratio possible for desirable mail versus spam. Though vendors for all levels of spam filtering routinely claim filtering rates of 98 percent or 99 percent—that is, nearly perfect—my own personal experience is that 90 percent is a pretty darn good ratio (nine desirable messages for every unwanted message) to achieve when observing what you must look at versus what you end up keeping.

Spam Handling Techniques and Technologies
Now that we’ve addressed where spam can be caught and removed from your incoming e-mail stream, it’s time to review just how it’s caught at each step along the way. Though the names for the tools and technologies used will vary widely from one vendor or developer to another, nearly all automated spam handling occurs using one or more of six message-handling techniques. (Ideally, at least two will be used because address spoofing worms make it essential that all incoming e-mail be screened for malware of any kind.) These include:



  • Pattern matching/text or content filters: By searching incoming e-mail for matches to specific patterns in message headers, subject lines, message bodies and so forth, inspection of the character data in the message itself allows a great deal of spam to be identified as such and rejected.
  • Whitelist/user verification filters: By comparing the sender of a message against a user-specified list of senders from whom incoming e-mail will be accepted, it’s possible to separate senders from whom the user is willing to accept e-mail (except when it’s infected with malware). Other senders can then be subjected to a verification test whereby they must respond to an e-mail that requires some interaction and intelligence on the recipient’s part to prove that there’s a real person on the other end of the message chain, not just a spam broadcasting program.
  • Blacklist/address or domain blocking: Numerous parties operate services that identify sender addresses (and sometimes, entire domains) where spam is known to originate. By placing such addresses or domains on a blacklist, e-mail that originates from them can be summarily blocked at any point in the path between sender and receiver. Most server-based spam-handling tools m
Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone


Posted in Archive|