News
Slam the Spam
Tired of e-mail promises to make you thinner, richer, taller, smarter, larger, safer, firmer, debt-free, and highly entertained? Nothing will stop all these unwanted messages, but here are 16 products that can help ease the bloat.
By Cade Metz PC Magazine
The Lifecycle of Spam
How They Get Your E-Mail Address
A spammer has several sneaky ways of getting your e-mail address. Here are the most prevalent:
* from your registration at unscrupulous sites (think sweepstakes)
* from your newsgroup postings
* from your chat sessions
* from spambots that crawl the Web for anything including an @ sign on a Web site
* from e-mail lists the spammer buys
* from mailing lists to which you subscribe
* by randomly generating name combinations for your domain
* by harvesting all the e-mail addresses on your company’s server.
Sending The Spam
A scalable SMTP e-mail server can send up to a million messages per hour. To hide their identities, spammers often piggyback on top of an unsuspecting third party’s mail servers and relay spam through them.
Catching Spam On The Server
Corporate spam-filtering hardware, software, or services can stop a good percentage of spam before it even gets to your PC. They check for known spamming techniques and patterns by examining the header, source, and contents of each message, to which they apply rules-based filtering and antispam algorithms. Antispam software can support collaborative altering, where recipients report on the spam they receive, and it can block messages coming from servers on blacklists. But the software may also block legitimate messages the recipient wants, known as false positives. Many products do help prevent directory harvesting and denial-of-service attacks, and they can detect traffic irregularities that spell trouble.
Catching Spam On The Client
Desktop software products can block spam after it gets to your local machine. Like the server products (and like antivirus software), they check mail against known patterns in the header, contents, and originating address. These packages also benefit from frequent updates to counter new spamming techniques.
Spam That’s Not Caught
If you’re not running any antispam software and your e-mail address is on a Web site, mailing list, or chat room, your mailbox is vulnerable to spam hell. If you respond to the bad e-mail, even in an attempt to take yourself off the mailing list, you’re only confirming that your e-mail address is real, and you can expect even more spam.
Spam, a minor nuisance two years ago, has become a bugbear of epic proportions. Nearly 40 percent of all Internet e-mail is unsolicited and unwanted—up from 8 percent in late 2001, according to Brightmail, a company that blocks spam for six of the nation’s top ten ISPs. Jupiter Research, which tracks Internet activity, claims the average e-mail user received 2,200 spam messages over the past year.
The problem is so widespread that 26 states have antispam laws, and Congress is working on legislation for the country as a whole, but this isn’t likely to solve the problem. "Laws like these do nothing but send spammers to other states or overseas," says Wayne Crews, of the Cato Institute, a Washington, D.C., public policy think tank.
Luckily, there are other solutions. As the amount of spam grows, so does the number of products to identify and block it. Some antispam vendors offer desktop antispam software for individual users. Some sell hardware and software products that block spam for ISPs and businesses. Some run services that block spam before it hits.
Here we review ten antispam products for individuals (including Apple’s built-in OS X filtering) and six for ISPs and IT departments. We also show other ways to curb spam, from disposable e-mail addresses to antispam tools built into mail servers. We even discuss spammer tools.
What Is Spam?
Supreme Court justice Potter Stewart’s description of obscenity rings just as true for Internet spam: We may have a hard time defining it, but we know it when we see it.
Industry pundits define spam as "unsolicited commercial bulk e-mail": advertisements that marketers blindly send to as many addresses as possible. Some definitions add other unsolicited messages, including those carrying chain letters, urban legends, jokes, and frivolous multimedia files. All of these definitions leave out one crucial point.
Spam isn’t just e-mail you didn’t ask for. It’s e-mail you didn’t ask for and don’t want. There may be certain kinds of unsolicited bulk e-mail you don’t consider spam. We at PC Magazine welcome unsolicited e-mail plugging computer products and services. You may not. Because the definition of Internet spam is so difficult to pin down, there’s disagreement about the size of the problem, even among experts. In December, the Pew Internet & American Life Project published a survey in which 71 percent of respondents said that very little of the e-mail they receive is spam. But most experts agree with Brightmail and Jupiter.
Spam Fatigue
Every day you spend time sorting spam from legitimate messages. Eventually, you get careless. "You start doing mass deletes based on what you see in subject lines," says Miles Austin, the president of XeroStar, a PC company in Washington state that’s dealt with enormous amounts of spam over the past year. "From time to time, you’re going to accidentally toss out an important message."
ISPs and corporate IT departments suffer too. Besides fielding complaints from users about the amounts of spam and the adult content that characterizes much of it, they’re forced to deliver and store all this unwanted e-mail. Often, however, problems have more to do with spammers’ tricks than the spam itself. Many spammers send so many messages that servers waste more time rejecting spam than they spend delivering it. "Every day we reject tens of millions of messages addressed to invalid addresses," says Ed Plaskon, product director for e-mail services at AT&T WorldNet.
Other spammers carry out so-called directory harvest attacks, endlessly querying organizations’ servers to identify valid addresses inside their domains. This too can slow mail delivery; and in the end, the spammer knows without doubt how to reach the organizations’ e-mail users.
One Desktop at a Time
Ideally, spam should be stopped by ISPs and IT departments before it reaches individual in-boxes. This kills two birds—spam and network traffic—with one stone. But if your company or your personal ISP isn’t getting the job done, you’ll have to fight spam from the desktop.
How do these products identify spam? Most use more than one method. Deersoft’s SpamAssassin, for example, checks messages against various real-time black hole lists, or RBLs—public catalogs of known spammers and open relay servers that spammers use as conduits for their messages. (The danger is that nonspammers occasionally get placed on RBLs, and removal is problematic.) SpamAssassin also looks for words or phrases typical of spam. And it examines the header of each message, looking for signs of the circuitous routing spam typically takes.
Brightmail, whose software blocks spam for such ISPs as WorldNet and EarthLink and such corporations as Cisco and Microsoft, operates a network of undisclosed e-mail accounts. Mail delivered to these accounts is by definition unsolicited. Using proprietary algorithms, Brightmail boils each piece of spam down to a specific signature, a unique way of identifying the message, and compares the signatures with customers’ mail.
Cloudmark’s SpamNet takes another approach, relying on a user community, not dummy mailboxes, to identify spam. When a user receives a community-designated spam, it’s removed from the in-box. MailFrontier and Mailshell use similar techniques.
Of course, since the definition of spam differs by person, many antispam products let you train their engines to adjust what they block. Some let you set up your own blacklist, designating specific addresses to block. In other cases, you can fine-tune the spam identification algorithms.
The Devil’s in the Details
Yet, even with training, some spam gets through. The consumer products we tested typically blocked about 75 percent of spam; the corporate products, 85 percent. Worse, these tools can block legitimate messages. Avoiding these false positives is perhaps antispam vendors’ toughest task. To block enough spam, they must be aggressive, but if they’re too aggressive, they’re likely to cause false positives. If you must continually search your quarantine folder for false positives, you might not be saving any time.
Most programs let you specifically white-list (allow mail from) senders, but this has limited effectiveness. It’s a balancing act. In fact, our Editors’ Choice for personal antispam didn’t stop the most spam, nor did it have the lowest false-positive rate; instead, it had the best balance between the two.
On our tests, the consumer products scored 1 false positive for every 22 pieces of legitimate mail; the corporate tools blocked 1 in every 500. Though they may not be perfect, these tools can help fight spam, a problem is only going to get worse. So even if you don’t think you need one of these tools today, you probably will soon.
For a review of all the products tested: http://www.pcmag.com/article2/0,4149,849436,00.asp
****************
MATR Supporters (view all)
Sorry, we couldn't find any posts. Please try a different search.