11 Anti-spam Products Tested

An anonymous reader writes "When we achieve world peace, that's when we'll get the perfect anti-spam solution. In the meantime, ZDNet has a comprehensive review of eleven of the latest anti-spam products including solutions from BitDefender, Clearswift, CA eTrust, GFI, IronPort, MailGuard, McAfee, MessageLabs, NetIQ, Network Box and Symantec Brightmail."

SpamBayes?

[opusman]

Seems like a glaring ommission.

Re:SpamBayes?

[snorklewacker]

Er, the glaring omission would be any mention of the effectiveness of any of these products. Am I not clicking on the right links? Because I'm seeing less than a page worth of review for each product, that seems to consist of installing it, clicking around the admin interface, then going on to the next product. It doesn't appear that they actually used the products they were reviewing!

Re:SpamBayes?

[LnxAddct]

IIRC, SpamAssassin once properly trained and configured has yet to lose against any commercial or foss spam solution. DSAM is another amazing FOSS spam filter that could go up against the best of commercial products. But as another poster pointed out, FOSS doesn't advertise on their website unlike the 11 products reviewed.
Regards,
Steve

Yawn - No OSS

[OnceWas]

Where are the OSS products? No Spamassassin?

Some review...

Re:Yawn - No OSS

[EnronHaliburton2004]

Hey everyone, don't like the article? Let them know through the Talkback feature.

SpamAssassin

[AnotherFreakboy]

I wonder why they didn't mention SpamAssassin. Open Source solutions will never gain the market share they deserve if media never gives them the attention they deserve. And the media will never give them attention until they get market share. It's a deadly cycle. Note: Open Source does not inherently make a product worthy of market share.

Re:SpamAssassin

[RealAlaskan]

Open Source solutions will never gain the market share they deserve if media never gives them the attention they deserve. And the media will never give them attention until they get market share.

How about:

``Open Source solutions will never gain the market share they deserve if media never gives them the attention they deserve. And the media will never give them attention until they [the Open Source solutions] start spending big bucks advertising with the media''.

No chicken-and-egg stuff here: I would bet that ZDNet is following thier long-standing policy of reward^H^H^H^Hviewing their advertisers' products.

Re:SpamAssassin

[Mowog]

And the media will never give them attention until they [the Open Source solutions] start spending big bucks advertising with the media

That's not strictly true -- it depends on who the intended audience is. Technology & Business Magazine is (also) a print publication here in Australia, whose audience is primarily IT managers (and therefore businesses).

Most businesses want to BUY something to fix their spam problem and not try to fix it themselves. There are exceptions to that rule, but by and large IT managers are already busy enough and just want someone or something else to fix their spam.

I know this because my company (MailGuard) is one of those in the review. And no, we don't spend huge $$$ on advertising with ZDnet; we were invited to submit for the review, as I imagine were all the other vendors. Remember -- there are two worlds out there. Businesses will often recognise and implement Open Source solutions, but businesses also like to engage other businesses to handle non-core problems for them.

SpamBayes...

[John+Miles]

... unlike the other products reviewed, doesn't advertise on ZDNet.

Spamassassin+Sendmail

[Limburgher]

Between Spamassassin and Sendmail using a few blacklists, I get almost no spam. Based on my logs from the past week, I've blocked nearly 500 messages. Not bad when you consider I run a small server with few users.

you can do it yourself... for free

[jjeffries]

Let me just take a moment to say that sa-exim kicks ass. It stops your spam before SMTP accepts it, so no mail is ever deleted. Exim is about the most configurable piece of software there is, and who doesn't know about SpamAssassin?

Alternately, check out MailScanner for one-stop mail sanitization, virus checking, and spam filtering.

BOFH-grade products.

[Tackhead]

> eleven of the latest anti-spam products including solutions from BitDefender, Clearswift, CA eTrust, GFI, IronPort, MailGuard, McAfee, MessageLabs, NetIQ, Network Box and Symantec Brightmail.

How can this list be considered even remotely complete? What about the personalized Louisville Slugger, the noble etherkiller and (for your Tier 1 types who work in volume) the 1200-bung-per-hour-rated Jarvis Sow Bung Dropper?

Oh, wait, this is a review of anti-spam products, not anti-spammer products. Never mind.

Is this for real?

[JumboMessiah]

When being initially trialled/evaluated we would expect most anti-spam applications to run around 65 percent to 70 percent spam catch accuracy with very low to zero false positives in "default" or "out of the box" configurations. Then, once given the benefit of being "tuned" or "tweaked" and having localised white and black lists applied they should run at about 85 percent to 92 percent

I don't know about everyone else, but I'd expect a little more out of a product that costs thousands to implement. With a little research and dedication my SA 3.0.1 setup has no problem spanking those numbers.

I'm also assuming that none of these products produced extremely stellar results. The article never mentions any statistics based upon corpus runs for any of them. This is nothing more than TLA eyecandy...

Brightmail works great

[Burdell]

I work for an ISP, and we've been using Brightmail since before version 1. We use the MAPS DNS blocklists as a "front-line" defense and then Brightmail for spam and virus filtering. You can see our email statistics here.

I wrote the original sendmail milter interface to Brightmail that they derived their milter software from. We still run my milter because I've added additional options over time; Brightmail includes an SDK that you can use to interface to custom setups easily.

The ratings all in one place

[Umbral+Blot]

Product :BitDefender v1.9 for MS Exchange2003

Interoperability: 2.5 Futureproofing 3 ROI 4.5 Service 4.5 Rating 3.5

Product Clearswift MIMEsweeper for SMTP 5.0

Interoperability 3 Futureproofing 4 ROI 4 Service 2 Rating 3.5

Product CA eTrust Secure Content Manager v1.0

Interoperability 4 Futureproofing 3.5 ROI 3.5 Service 5 Rating 4

Product GFI Mail Essentials v10.1

Interoperability 3 Futureproofing 3.4 ROI 4 Service NULL Rating 3.5
Product IronPort C30

Interoperability 3 Futureproofing 4.5 ROI 3.5 Service 4 Rating 4
Product MailGuard

Interoperability 3 Futureproofing 4 ROI 4 Service 3.5 Rating 4
Product McAfee SpamKiller & WebShield

Interoperability 3 Futureproofing 3.5 ROI 3.5 Service 4 Rating 3.5
Product MessageLabs AntiSpam Service

Interoperability 3 Futureproofing 4 ROI NULL Service 3.5 Rating 4
Product NetIQ MailMarshal SMTP 6.0.3.8

Interoperability 4.5 Futureproofing 4 ROI 4 Service NULL Rating 4
Product Network Box Internet Threat Prevention System

Interoperability 3 Futureproofing 4 ROI 5.5 Service 5 Rating 4
Product Symantec BrightMail AntiSpam 6.0.1

Interoperability 4 Futureproofing 4.5 ROI 4 Service NULL Rating 4.5

It looks as though Network Box Internet Threat Prevention System did the best. Several items have NULL in a category beecause the editors did not have enough information to rate the product on in that area. This post brought to you by Centum because my average charachters per line were too low. You know how silly that is?

Freeware...

[vitalyb]

They also ignored any kind of freeware, not only Linux ones, SpamPal for example.

Also, their reviews were pretty shallow, I would expect at least to know how am I to connect to this spam filter, there are numerous ways, some better, some worse.

The Test Lab Response.

[Testlab]

Hi All,

Love all the comments !! And despite popular belief I did not get my 2 year old son to write the review.

Reading through them it seems to me there is definitely a few misconceptions that need to be cleared up, so hopefully this may sort a few things out. Then again it may not! :-)

Before we begin down this path I appreciate your patience in getting through this abnormally large post, but it is better to deal with the comments on a whole rather than one by one.

1. We are the RMIT Test Lab, based in Australia, we are a totally separate organization from the magazine who is one of our clients, they contract us to perform three independent technology reviews every month on products that they invite the vendors to submit. The RMIT Test Lab will have been performing independent magazine reviews for 16 years in January 2005. We have certainly produced a hell of a lot of words over that time. For more information on the RMIT Test Lab hit www.testlab.rmit.edu.au The vendors don't pay the Lab one cent to have their products tested for the magazine reviews.

2. For all you Open Source buffs out there, you know who you are! The magazine creates a list of what technologies will be tested approx. six months in advance, one and a half months before going to press the magazine issues invites to various product vendors to submit product(s) to us at the lab for testing, this is generally accompanied by a "scenario" which is set by the magazine to ensure that the vendors stick to certain criteria and submit products of a certain caliber/type and not all eight products that they may have in their inventory which fits into that review category. Therefore it is the magazine who invites the vendors, not the Test Lab nor the reviewer. Basically we have no control over which vendors are invited to submit and at the end of the day every single vendor could not possibly be reviewed, there will always be some who cant submit, wont submit, have not been invited or don't have Australia as a target market. So don't blame us for not including Spam Assassin or any of the other 100's of commercial and open source Anti-Spam solutions that are out there. Also note that a review we have recently completed and submitted "E-Mail Clients" for the next edition of the magazine contained several Open Source products, and a review we have just commenced "Internet Browsers" also contains several Open Source products too. So before pulling out the "Paid for Results" and "Advertising Driven" and "Open Source Bashing" comments think again and take a look at a few of the other reviews we have performed.

3. We are fundamentally IT engineers who design and execute testing frameworks, methodologies and create reports, we just happen to have a very very small modicum of writing ability, we are by no means trained journalists "out for the scoop" or trying to generate traditional "media hype" around varying technologies. We report things as we see them. We are also very experienced in testing these technologies; in fact the majority of the work the lab is contracted to perform is private testing for corporate clients and vendors/manufacturers/developers. Therefore we will not "test" where others try unless the test will provide valid worthwhile results that we will stand behind happily. The fact that we are not journalists means that the Magazine's editorial staff have their work cut out editing our reviews while still maintaining our individual writing styles and the basic concepts of what we are trying to deliver, sometimes it is successful sometimes less so. An example for you is that the review we submitted on Spam was 7,049 words long (25 A4 pages in Word, or Writer, with screen shots and images). And that does not even include the features table or the overview table. The space available for that edition of the magazine was less than 3000 words. Therefore 4000 words had to be lost. We don't get to see the finished product until it is published. Overall I personally feel that the review turned out