Slashdot Mirror
11 Anti-spam Products Tested
An anonymous reader writes "When we achieve world peace, that's when we'll get the perfect anti-spam solution. In the meantime, ZDNet has a comprehensive review of eleven of the latest anti-spam products including solutions from BitDefender, Clearswift, CA eTrust, GFI, IronPort, MailGuard, McAfee, MessageLabs, NetIQ, Network Box and Symantec Brightmail."
Seems like a glaring ommission.
you insensitive clod!
-Vendal Thornheart
Where are the OSS products? No Spamassassin?
Some review...
Laugh while you can, monkey-boy.
How about a sentence of summary on the results in the writeup? Geez, it's like you expect me to RTFA or something.
I wonder why they didn't mention SpamAssassin. Open Source solutions will never gain the market share they deserve if media never gives them the attention they deserve. And the media will never give them attention until they get market share. It's a deadly cycle. Note: Open Source does not inherently make a product worthy of market share.
Why not get the real ultimate power?
... unlike the other products reviewed, doesn't advertise on ZDNet.
Dahlmann tightly grips the knife, which he may have no idea how to use, and steps out into the plain.
No Giant Anti Spyware?
Between Spamassassin and Sendmail using a few blacklists, I get almost no spam. Based on my logs from the past week, I've blocked nearly 500 messages. Not bad when you consider I run a small server with few users.
You are not the customer.
postfix and a Bayesian filter called from procmail. Mine is set up as a mail gateway to keep everything but https on Exchange isolated from the Internet.
More features, better performance, better uptime, lower cost.
Why not just use thunderbird, it already has pretty good anti-spam capabilities in it to begin with and it's free and open source. I will admit I only installed it a few hours ago so I haven't been using it very long. The reason I installed it was because Eudora for OS X was very slow and for some reason was deleting my newest email every time I tried to download new email. Thunderbird is extremely fast, has better features, no popups, and is free. So far I have encountered no bugs, except some of the spam filtering features were a little unintuitive so I had to try them all out to see what did what.
Alternately, check out MailScanner for one-stop mail sanitization, virus checking, and spam filtering.
How can this list be considered even remotely complete? What about the personalized Louisville Slugger, the noble etherkiller and (for your Tier 1 types who work in volume) the 1200-bung-per-hour-rated Jarvis Sow Bung Dropper?
Oh, wait, this is a review of anti-spam products, not anti-spammer products. Never mind.
We use Xwall where I work. It's $349 and you get free lifetime support and upgrades. And with the new greylisting feature 99% of all spam is stopped.
It seems that many people these days now just look to pick up a pretty box at the store to help deal with spam. However, anyone who does this must not get important e-mail. I, for one, don't want my e-mail being filtered by some proprietary application like mcafee with limited configurability and disclosing details on how it works for "trade secret/IP" reasons. If it's an ip blocking service, I want statistics and to know how IPs get on it. If it's something statistical, I want to know exactly what it does. It is very dangerous to let your correspondence get picked apart by a "black box."
gimme your IM ID plz and i will flood your HD with GBs of crap
We use Dynacomm i:mail and achieve 99% spam blocking with very little false positives. There is also a web interface for users to manage their own blocked messages and training. Very effective with little to no administrative overhead.
Notice there are no free products listed. If you "contribute" some ad revenue to ZDnet, they'll look at/write about your product. Otherwise....
and if that does not know what to do put's it to your mailer, :)
i must say thunderbird does a good job,
but if yuor smtp server does not hold your spam.... pooor you AND me
...and serious admins aren't exposing Windows to the internet to accept mail. But that's ZDNet for you....
thats why its good antispam - cos i have to approve everyone on my list ;)
Some people just go to the last page anyway :-)
Software winner: Symantec Brightmail, for ease of installation, configuration and administration as well as an excellent user interface and detailed "live" graphical reporting it would be hard to surpass these features.
Managed Service winner: Network Box, if security is a concern then Network Box has the bases covered, if availability and redundancy are your preferred choice then a trial of either MailGuard or MessageLabs may be on the cards.
Appliance winner: IronPort, strong security, redundancy and recently developed ease of installation with the new GUI make this appliance the choice in this review. For those with a tighter budget then perhaps one of the McAfee WebShield appliances may be considered and are still very worthy contenders.
Beware: In C++, your friends can see your privates!
A few of those commercial products are based off of spam assassin. Where's the credit? Where's the source?
Regards,
Steve
SpamAssassin 3.0.1 works great for my company's email. I have about 20 users. I am doing all the scanning on a cheap Dell. We accept about 1500 messages a day... most being spam. My users will see maybe 1 or 2 unflagged spam messages in their mailbox throughout the day. We have not had any (reported) problems with false positives.
I am really excited about SpamAssassin being an Apache project now.
I run BitDefender (and resell) and SpamAssassin with Postfix. With that setup I might receive 1 message that I would consider spam a week in my Inbox. Even unwanted emails from friends is marked as spam. Can't beat that.
Sean Milheim
iDREUS Corporation
Before I moved to Gmail I used POPFile. Not only as a spam filter, but to classify mail into categories. After a week of training it almost never got anything wrong.
When being initially trialled/evaluated we would expect most anti-spam applications to run around 65 percent to 70 percent spam catch accuracy with very low to zero false positives in "default" or "out of the box" configurations. Then, once given the benefit of being "tuned" or "tweaked" and having localised white and black lists applied they should run at about 85 percent to 92 percent
I don't know about everyone else, but I'd expect a little more out of a product that costs thousands to implement. With a little research and dedication my SA 3.0.1 setup has no problem spanking those numbers.
I'm also assuming that none of these products produced extremely stellar results. The article never mentions any statistics based upon corpus runs for any of them. This is nothing more than TLA eyecandy...
huh...I dont get spam because i dont give out my email to any random person/site, etc...And if i need to give out an email, i have a couple of yahoo emails that are pretty disposable... Actually, i dont really get any mail at all...yeah... My roommate (college) gets lots of viruses. I cleaned up his comp one day and discovered a virus which had installed with his permission. It was actually in Add/Remove programs (windows). It had a readme file that said that it had installed after the user clicked OK to allow it. Yeah.. So Funny...
-- +
I run email for some high traffic email domains ... millions of emails a day being blocked by a barracuda v400 ... these things really kick butt and are CAKE to maintain... I recommend them highly and am very surprised they did not make it into the zdnet review -
www.barracudanetworks.com
you can have this with email too though. too lazy to set it up? eeeeeew...!!
Lots of free things mentioned like SpamAssasin.
My company uses mxlogic.com. $1.25 per mailbox per month. At 60 people, that's WAY cheaper than my time to administer anything. I havn't heard a peep of a complaint from users after switching. Before were using a device (eSafe by Alladin systems). It was taking up to an hour/day of my time. And it wasn't free.
Just remember to include admin time when working out 'free'.
"Please note that these decisions were not based on accuracy testing. Given the Labs' extensive anti-spam testing experience, when being initially trialled/evaluated we would expect most anti-spam applications to run around 65 percent to 70 percent spam catch accuracy with very low to zero false positives in "default" or "out of the box" configurations."
---
With both DSPAM and CRM114 (individually, not together), I had over 95% spam rejection after training with 100 or so messages. I eventually settled on CRM114 as it was easier, at least for me, to maintain. I like it, my customers like it, and it was F-R-E-E!!!
Only PHBs take their technology cues from the likes of ZDlabs.
And if you throw out your computer, you'll never have a crash, malfunction or have to upgrade.
One line blog. I hear that they're called Twitters now.
The article has a ridiculously low number of words to a page, making offline reading a hassle and having me spend more time loading pages than reading. Half of the text on a page is ad. And they don't cover SpamAssasin. In fact, it looks like the reviewed software is Windows only - though I gave up reading after a few pages.
Is this the kind of corporate crap people get in Australia? If so, I seriously feel sorry for those who live there...
Please correct me if I got my facts wrong.
I wrote the original sendmail milter interface to Brightmail that they derived their milter software from. We still run my milter because I've added additional options over time; Brightmail includes an SDK that you can use to interface to custom setups easily.
...the Barracuda Spam Firewall. It's easy to set up, and it "just works". There is also ASSP. I don't have the linkage right now though...
-"...bad old ideas look confusingly fresh when they are packaged as technology" - Jaron Lanier (Digital Maoism on Edge.o
You can do that with email, too; block everything not explicitly whitelisted.
IM has no advantage here.
"The empty vessel makes the greatest sound." -- William Shakespeare; Henry V, 4. 4
11 Anti-spammer Products Tested
This review does not actually test the ability of the software to catch spam. It is just a beauty contest.
Holy crap yo, why are you the first person to mention this little detail?? Everyone is just talking about SpamAssassin, when they should be pointing out that the entire article is garbage. This is just about the worst "review" I have ever read. Ich...
My Freakin Blog
MailScanner is a brilliant piece of work which integrates Sendmail/Postfix/Exim/whatever with SpamAssassin (plus Razor/Pyzor/DCC) and ClamAV/BitDefender/Sophos/Mcafee/etc, all driven by highly customisable rulesets. It's open source, support via the MailScanner Mailing List is second to none, and its author, Julian Field, is always improving an already excellent product. I cannot recommend it highly enough.
Product :BitDefender v1.9 for MS Exchange2003
Interoperability: 2.5 Futureproofing 3 ROI 4.5 Service 4.5 Rating 3.5
Product Clearswift MIMEsweeper for SMTP 5.0
Interoperability 3 Futureproofing 4 ROI 4 Service 2 Rating 3.5
Product CA eTrust Secure Content Manager v1.0
Interoperability 4 Futureproofing 3.5 ROI 3.5 Service 5 Rating 4
Product GFI Mail Essentials v10.1
Interoperability 3 Futureproofing 3.4 ROI 4 Service NULL Rating 3.5
Product IronPort C30
Interoperability 3 Futureproofing 4.5 ROI 3.5 Service 4 Rating 4
Product MailGuard
Interoperability 3 Futureproofing 4 ROI 4 Service 3.5 Rating 4
Product McAfee SpamKiller & WebShield
Interoperability 3 Futureproofing 3.5 ROI 3.5 Service 4 Rating 3.5
Product MessageLabs AntiSpam Service
Interoperability 3 Futureproofing 4 ROI NULL Service 3.5 Rating 4
Product NetIQ MailMarshal SMTP 6.0.3.8
Interoperability 4.5 Futureproofing 4 ROI 4 Service NULL Rating 4
Product Network Box Internet Threat Prevention System
Interoperability 3 Futureproofing 4 ROI 5.5 Service 5 Rating 4
Product Symantec BrightMail AntiSpam 6.0.1
Interoperability 4 Futureproofing 4.5 ROI 4 Service NULL Rating 4.5
It looks as though Network Box Internet Threat Prevention System did the best. Several items have NULL in a category beecause the editors did not have enough information to rate the product on in that area. This post brought to you by Centum because my average charachters per line were too low. You know how silly that is?
Philosophy.
So - exactly why would anyone waste more than two seconds on these reviews? Just so we can find out what they think of the GUIs and how easy they are to install .. without an analysis of how effective they are at blocking spam? What crap.
[ UNSIGNED NOT NULL ]
The other noteworthy point of the last page is the absolutely ridiculous statement of, "Please note that these decisions were not based on accuracy testing."
I'm sure everyone is just amazingly psyched about an "ultimate" anti-spam guide that makes no effort to determine if the products they are reviewing (let alone proclaiming as the "winner") actually stop spam.
Of course, I guess this kind of article is developed to benifit CIOs with no technical experience, who just want something to tell the IT department to install. (Thus: price and ease of installation are far more important than it actually doing what it is supposed to.)
What's a sig?
They also ignored any kind of freeware, not only Linux ones, SpamPal for example.
Also, their reviews were pretty shallow, I would expect at least to know how am I to connect to this spam filter, there are numerous ways, some better, some worse.
That is what this article is. It fails to address some of the most significant issues to be considered when selecing an anti-spam product: 1. What percentage of incoming SPAM does it catch? 2. What percentage of the messages caught were "Non-SPAM" messages? 3. What is the message volume the product can handle? Instead they gloss over catch rates and false positive rates with a "Everything does a similar job" type statement. FALSE. I just spent the past 8 months evaluating anti-spam solutions for my workplace and they are not all the same when it comes to spam catch rates. I don't really care how pretty it looks or how easy it is to install. Nor do I give a hoot about the buzzwords a particular product incorporates, give me the spam blocking accuracy and the volume it will handle. It is all fine and dandy to ignore volume when you are running a 200 user ISP, but when you get up to 50000 users with over a million messages a day it becomes slightly important. Robert H. Houston, TX
I use IRC you insensitive clod!
Every product review is like, it installs easily, and quickly. So what, are you as sysadmin or moron?
A test should give performance facts like false negative and false positive rates. This is nothing but a bunch of marketting crap and should not be posted.
Grey (Chris Lusena)
in soviet russia, spam blocks you, blah blah blah, ???? profit!!! is it open source? fucking republicans! fucking democrats! fucking libertarians! fucking french!
No reviews for the open source products.. I have a great time with Spam Assassin.
That's why I do not subscribe any more. Too much vendor influence and not enough objectivity.
/. is a much better forum as you get the good, the bad and the ugly - all products have all three. Bias does creap in but at a much lower level than a closed for comment rag (or is that mag?).
But I am biased, SpamAssassin with MimeDefang, custom milter and a few subscriptions to SpamHaus and SpamCop go along way in filtering spam.
What, no Spamassassin, SpamBayes or PureMessage?
I guess they can't have been keeping up with their 'protection' payments.
"Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
The Best anti spamguard available.... A Bullet!
My solution of choice is RedCondor paired with SpamAssassin. Only about 2-3 spam make it into my inbox per week with this...and I haven't even really tweaked SpamAssassin much.
-g.
the real point is that by not getting any email you dont get any spam - ok so i can't tell jokes but i do know the usefulness of im (and its limitations)
It's build in spam killer works simply great
This Is Not a Sig
MOD PARENT UP
http://tmda.net/
....where spambounce goes to our friend /dev/null.
and a simple rule:
BOUNCE_ENV_SENDER = "spambounce@domain.com"
You won't get an spam ever again! Then again, you probably won't be able to find a single real message that could wend its way through them all either.
I Am My Own Worst Enemy
I seriously have no idea WHY ZDNet chose not to run these products against a known corpus of spam...of which there are quite a few out on the internet. So, this "review" is based upon the pretty interfaces, and installation...but nothing to do with the ability of these products to filter out all the "BIGGER PENIS NOW" mail. ...some review. Someone mentioned that all the listed vendors advertise on ZDNet. No surprise there.
http://assp.sourceforge.net
Been using it for a little over a year now and it rocks. We receive something like 10,000 emails a day--%70 of which is spam. Of those, perhaps 20-30 spam messages actually get through, which is pretty good. Also features extremely low false positives. I'm only aware of perhaps 3 during the course of the entire year. A valid user from a valid domain should get a bounce-back message explaining that their message was rejected as spam-like with brief instructions on alternate methods of contacting us.
1.09 is the version I'm running. 1.1.0 is the latest version with 1.1.1 coming soon. They are still ironing out some stability issues in the 1.1.1 version.
CNET: "We did not perform any "official" accuracy and performance testing on the products."
This is 90% sugar and 10 % substance. Avoid the CNET twinkies or your brain will slow and possibly shrink.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Missed all of IronPort's competitors (BorderWare, Barracuda, CipherTrust).
Missed Postini, the managed Spam services leader.
I'd start with MetaGroup, Gartner or somebody like that to get a list of what the options really are ...
Well, the linked article significantly uses the adjective "enterprise", but the /. description doesn't. So I'm less surprised now. I use SpamBayes and it's been great.
Don't just grumble, do what I did and send them feedback. Send a note to zdnet sales@zdnet.com.au ads@zdnet.com.au or printsales@zdnet.com.au or abigail.baker@zdnet.com.au sally.slarke@zdnet.com.au CC the author/editor: edit@zdnet.com.au While you are at it, CC the manager of RMIT IT Test Labs who did the testing: stevet@rmit.edu.au Orif you want, post zdnet feedback to the article: http://www.zdnet.com.au/insight/software/talkback. htm?PROCESS=post&AT=39172027-39023769t-1000010 2c
6. ???
7. Profit!
sorry for the poor formatting before folks
t sales@zdnet.com.au bigail.baker@zdnet.com.au sally.slarke@zdnet.com.au
e /talkback. htm?PROCESS=post&AT=39172027-39023769t-1000010 2c
Don't just grumble, do what I did and send them feedback.
Send a note to zdnet
sales@zdnet.com.au
ads@zdnet.com.au
prin
CC the author/editor:
edit@zdnet.com.au
While you are at it, CC the manager of RMIT IT Test Labs who did the testing: stevet@rmit.edu.au
Or if you want, post zdnet feedback to the article:
http://www.zdnet.com.au/insight/softwar
From TFA:
Since then the market has literally exploded -- from four or five popular applications on the market last year to a submission of no less than 11 for this review.
It literally exploded? Wow, what a sight that must have been! I can just imagine all the software vendors sitting at booths in a flea-market sort of place, when all of the sudden-- BOOOM! The place goes up like a chinese firecracker, turning half of Symantec's marketing department into a bunch of crispy critters. Kids are orphaned, families are destroyed...
What's that? You mean it didn't actually blow up? So it didn't literally explode, then? I see.
Somebody needs to find the editor that let that article slip through and literally beat him until he's comatose.
Spampal is the best client side solution I've used for Windows anyway.
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
http://shit.slashdot.org/article.pl?sid=04/12/06/2 330204
I don't see any criteria, I don't see any hard numbers other than their subjective ratings. Without quantification, there is not really a test.
"We set the programs up in modes to test both controlled and live messages, however the results of these brief tests would just add more confusion to the mix than anything and certainly didn't show any unexpected results."
So... they all behaved identically other than the GUI? This isn't a review so much as a joint advertisement.
-judas
Another glaring omission: http://death2spam.net/. Very effective (almost 99% for me).
My stats (as of the time of this post):
... not to mention one of the best (IMO) commercial packages out there.
:-)
My office (an ISP, with about 5000 email addresses) uses a Barracuda 400.
It's a nice 1U rackmount system, dead simple to integrate into most SMTP networks (just one DNS change and you're done), works well (internally, it's basically a somewhat-tuned version of SpamAssassin), great for the end-users (integrated Web interface for adjusting settings, handling quarantined emails, etc.). And cost-effective (the 400 was under $5k from our reseller).
Ultimately, though, this is probably another instance of "they don't advertise with zdnet, so F 'em". Barracuda does occasinally advertise here, though, so if you haven't disabled ads, keep an eye out.
Why doesn't the spammers understand that spamming is NOT the way go.
It destroys the rep of your company totally! But in most cases spammers don't care.
BUT
they should understand that is quite hard to get thru, so that the victim would even bother to open it. SPAM is destroying, and eating the net alive.
One finnish professor said not so long ago, that internet will die 2006 because of spam. is he right or not, i don't know, but we are definately heading to that way!
He said that spam would exceed by that so greatly the amount of usefull information, that it would be the death of internet.
There is also some flash cartoons about this heading. Anti spam solutions are being developed all the time, so are they finding more ways to get past them.
More and more spammers are starting to find more ways to spam, ie. using poorly administrated PHPNuke websites with webmail capability to spam!
My server also had one of those, i noticed it by accident, seeing that there were tens and tens of smtpd processes, time for a halt for SMTPD and to investigate the problem: bunch of people were spamming thru an website running on my server, PHPNuke with webmail.
About the sametime, couple days before that someone tried to find which accounts at my server were there by BRUTE FORCE! yes brute force, trying account names like fsdur, isau, weivd, weiouv, woidc, tens and tens of records per second!
More against spam needs to be done at the ISP level!
Pulsed Media Seedboxes
Setting Up a Spam-Filtering Mail Gateway For Microsoft Exchange Using Fedora Core 1, Postfix 2.0.19, Amavisd-New and Razor2 http://tinyurl.com/3khzk
Humor from a Genetically Molested Mind
I've had excellent luck with DSPAM. It's fast (written in C), easy to install/administer (server-side only tho, AFAIK) and shockingly effective once it's trained (takes about 100 spams to train it from scratch).
There's the occasional false positive to sort out (1 in every 1000 messages or so), but it pretty much catches every spam.
I haven't had especially good luck with spamassassin, but then I never updated the ruleset or enabled the Bayesian feature.
The nice thing about DSPAM is that the only updates involved are for security fixes and new features (unless you count each user sending in the occasional uncaught spam or false positive).
I have killed all the spam I get... every last one.
:blackhole:)...
This is what I have done:
I put a link to spam@refrozen.com on every (every = most) page that links to one of my email addresses (except slashdot, where I change my email address all the time and forward the old one to
As soon as I get an email at spam@refrozen.com I have a program that adds that user to my spammy users list. All emails further recieved from that user on *@refrozen.com get moved to my spam folder.
It hasn't failed yet, and hasn't marked an incorrect spammer, I have used it for 3 weeks. I used to get over 100 spams a day, now I get none.
"Get out of my HEAD!!! Get outta my head!!!!" (runs away)
-Vendal Thornheart
MailScanner
MIMEDefang
SpamAssassin
surf this webpage if you have broadband to make the spammers stop
www.aa419.org/ladvampire.html
www.aa419.org/ladvampire.html
generate traffic to the spammers and scammers websites, fake banks, and more. spammers gotta pay for their bandwidth, and if everybody slashdotts their sick sites, they will go out of business.
thank you.
However, in my opinion one often overlooked problem is what to do with messages that are flagged as spam. You don't want to generate a bounce message, because 95% of the time it will go to an innocent third party (spam is forged). On the other hand, silently discarding it or putting it in some spam folder one never looks at is not a good idea either. Lately I've been just refusing to accept mail from the client if the message is identified as spam. Mail Avenger lets me do this, and it seems like a good compromise.
Where is SpamAssassin. Maybe they didnt pay enough money to ZDNET for advertising. We all know its a good solution maybe thier writer has his/her head up thier ass.
Got a question about UNIX ask it here : Unix/xBSD Forum
I'm using BayesIt! spamfilter for TheBat! for more than a year now, and i have yet to see it fail. Granted, it's still learning as i (thankfully) don't receive huge amounts of spa, but the bulk of the spam i recieve gets deleted. We're talking about 99% of the scanned mails. Sorry, but no commercial products for me (antispam, not the client).
Oh, and apparently the plugin was so popular that Ritlabs included it in the latest versions of TheBat!.
Hi All,
:-)
Love all the comments !! And despite popular belief I did not get my 2 year old son to write the review.
Reading through them it seems to me there is definitely a few misconceptions that need to be cleared up, so hopefully this may sort a few things out. Then again it may not!
Before we begin down this path I appreciate your patience in getting through this abnormally large post, but it is better to deal with the comments on a whole rather than one by one.
1. We are the RMIT Test Lab, based in Australia, we are a totally separate organization from the magazine who is one of our clients, they contract us to perform three independent technology reviews every month on products that they invite the vendors to submit. The RMIT Test Lab will have been performing independent magazine reviews for 16 years in January 2005. We have certainly produced a hell of a lot of words over that time. For more information on the RMIT Test Lab hit www.testlab.rmit.edu.au The vendors don't pay the Lab one cent to have their products tested for the magazine reviews.
2. For all you Open Source buffs out there, you know who you are! The magazine creates a list of what technologies will be tested approx. six months in advance, one and a half months before going to press the magazine issues invites to various product vendors to submit product(s) to us at the lab for testing, this is generally accompanied by a "scenario" which is set by the magazine to ensure that the vendors stick to certain criteria and submit products of a certain caliber/type and not all eight products that they may have in their inventory which fits into that review category. Therefore it is the magazine who invites the vendors, not the Test Lab nor the reviewer. Basically we have no control over which vendors are invited to submit and at the end of the day every single vendor could not possibly be reviewed, there will always be some who cant submit, wont submit, have not been invited or don't have Australia as a target market. So don't blame us for not including Spam Assassin or any of the other 100's of commercial and open source Anti-Spam solutions that are out there. Also note that a review we have recently completed and submitted "E-Mail Clients" for the next edition of the magazine contained several Open Source products, and a review we have just commenced "Internet Browsers" also contains several Open Source products too. So before pulling out the "Paid for Results" and "Advertising Driven" and "Open Source Bashing" comments think again and take a look at a few of the other reviews we have performed.
3. We are fundamentally IT engineers who design and execute testing frameworks, methodologies and create reports, we just happen to have a very very small modicum of writing ability, we are by no means trained journalists "out for the scoop" or trying to generate traditional "media hype" around varying technologies. We report things as we see them. We are also very experienced in testing these technologies; in fact the majority of the work the lab is contracted to perform is private testing for corporate clients and vendors/manufacturers/developers. Therefore we will not "test" where others try unless the test will provide valid worthwhile results that we will stand behind happily. The fact that we are not journalists means that the Magazine's editorial staff have their work cut out editing our reviews while still maintaining our individual writing styles and the basic concepts of what we are trying to deliver, sometimes it is successful sometimes less so. An example for you is that the review we submitted on Spam was 7,049 words long (25 A4 pages in Word, or Writer, with screen shots and images). And that does not even include the features table or the overview table. The space available for that edition of the magazine was less than 3000 words. Therefore 4000 words had to be lost. We don't get to see the finished product until it is published. Overall I personally feel that the review turned out
But I don't tell people about it, because it's not unbreakable, and if it ever becomes popular, the spammers will find a way around it.
This is one instance of a general phenomenon which is often discussed (vehemently ;-) on Slashdot in the context of Linux: Security Through Unpopularity.
Another example: Please don't set up a company to distribute prebuilt MythTv boxes, or the FCC will wake up and try to regulate the commercial-skipping feature.
(Remember Security Through Obsolescence?)
spamassassin is already installed on this university system providing headers for messages. How do you set up the related dot files or whatever for filtering if you do not have the mastery of computers to even understand dotfiles?...
e /Rmail.html#Rmail
I use rmail in emacs http://www.gnu.org/software/emacs/manual/html_nod
Regrettably the spamassassin web pages are written in jargon for people with greater mastery of computers.
I quite like it. I can delete spam straight off the server. It supports friend/black lists, heuristic header scans, bouncing (I don't use that one) and SpamCop reporting.
It saves one from having to actually download a bunch of spam to one's computer before it can be deleted.
for live graphical reporting use mailgraph with RRD
Grundgesetz * 23. Mai 1949 - 30. November 2007 - http://www.vorratsdatenspeicherung.de/
OK, no problem, we blame the Magazine. But at least I hope you do realize that we are talking about a very specific area in which any competent sysadmin knows that the Free Software solutions clearly beat the heck out of the proprietary ones. Thus the rage. The magazine is doing a disservice to those not very informed, who might read it and come out with the impression that anti-spam is another area of software which is well covered by the Nortons, McAfees, and the likes. Well, it is clearly not!
Don't know about the other products, but I have had first hand experience with the Network Box product. It is in fact a Linux box that runs qmail and spamassasin (amongst other things), so at least one of their recommendations has some OSS in it.
'Some' because they also bundle some commercial bits and pieces where it makes sense to do so. Like the Kaspersky AV thats also integrated into the mail service and so forth.
Well built, well supported and the managed service makes it attractive if you can't or won't be maintaining it yourself.
E.
Same setup here except I use Apache on Linux to act as a reverse proxy to Exchange. Prevents from punching a hole from the Internet to Exchange, just from the proxy to Exchange. Here's a snapshot of our httpd.confI also had to comment out the "AddDefaultCharset ISO-8859-1" from the httpd.conf file to let our french characters flow through correctly. This setup works like a charm for us. My philosophy: never put anything that's Microsoft directly on the Internet!
^D
but how come when ever I see these anti-spam showdowns, SpamAssassin is rarely, if ever, mentioned? I use it and it works very well.
"There is a way that seems right to a man, but its end is the way of death." Proverbs 16:25 (NKJV)
So how come K9 is not in the list of tested products? It is small, ultra efficient and it doesn't cost a thing. Same goes with POPFile which uses Bayes to classify not only spam from ham but also works as a smart filtering proxy.