Alot of anti-spam products are on the market now, and the list is growing quickly. While the market is starting to see some large antivirus and security companies buying small anti-spam entrepreneurs, there is still room for innovation, and small players can still play a part by keeping the larger companies from getting complacent. Note that many of the products listed here have won awards from various organizations. While the kind of award won and from whom can provide some insight into the product, I never take them very seriously, and rely on independent reviews for comparison.
McAfee has taken an interesting approach to how it acquires spam-filtering technology: It’s licensing a mature open source software product called SpamAssassin. This is a host-based (loaded onto the mail server itself) solution for either Microsoft Exchange or Lotus Domino servers, which is interesting, considering that SpamAssassin was originally written for UNIX.
2.MailFrontier Gateway Server
MailFrontier is the only company I’ve seen that correctly identifies phishing as a separate category of bad e-mail from spam, and deals with it in a completely different way than it deals with regular spam. Incoming e-mail can be classified as fraud, rather than just spam, when that label applies. Combining this with integrated virus scanning and e-mail policy enforcement makes MailFrontier Gateway Server an interesting all-in-one appliance.
The Trend Micro Spam Prevention Solution is interesting in that it’s packaged as an in-house version of the software used by an all-ASP provider – Postini. From some reports, the same software Postini uses in its ASP doesn’t do quite as good of a job in this in-house version, due to local tuning versus Postini’s professional tuning based on vast spam-filtering experience. This gateway solution allows administrators to assign different spam-filtering sensitivities to specific user groups, so that groups such as IT can receive things like activation keys (which always look like spam because they are short and full of junk that doesn’t look like normal text), and other groups can remain more protected.
Trend Micro has an excellent gateway virus scanner with support for more than just Windows as a platform, which might be helpful if you are not using a strictly Windows environment. The company’s continued support for Solaris and Linux with this product means that you can integrate your spam filter with mature virus scanning software on whatever platform you are comfortable with.
4.Brightmail AntiSpam 6.0
Brightmail started out as a small company with a good idea and was recently purchased by Symantec to extend its scope of security and antivirus products to include spam filtering. One of the more interesting aspects to Brightmail AntiSpam is that Symantec maintains a network of 2 million-plus decoy e-mail addresses that are used to train and extend spam-filtering rules for Brightmail AntiSpam users. The decoy network extends over 20 countries and receives tens of millions of spam e-mails each day. Brightmail AntiSpam also has a feedback mechanism built in to allow users to submit missed spam (false negatives) back to Symantec to further improve the filters.
Brightmail AntiSpam updates the filters for you about every ten minutes (wow!), based on Symantec’s analysis of current conditions, via a secure connection to its four operations centers worldwide. In theory, this provides very current filter rules and makes it hard for spammers to defeat your protection for more than a few minutes.
For part of its spam filtering, MailGate uses a proprietary artificial intelligence technology that the company calls Intent-Based Filtering. According to Tumbleweed’s literature, this technology “recognizes spam like a human reader would.” That should work fine, until spammers start sending spam about bigger, better interfaced RAM. The other part of MailGate’s filtering is the more traditional approach, using matching based on known spam to block stuff that’s already been recognized as spam. Tumbleweed has taken time to deal with a problem that many spam filters have: classifying legitimate bulk e-mail (like newsletters that you have optedin for) as spam. MailGate allows individual users to decide how to handle bulk e-mail, and hopefully eliminate the false positives for newsletters and other opt-in bulk e-mail sources.
6.Postini Perimeter Manager
Postini is a well-established spam-filtering ASP. It offers two different solutions that interest most businesses: the Standard Edition, which is the basic inbound filtering of spam and viruses, and the Enterprise Edition, which includes outbound content and attachment and virus filtering as well. Postini is privately owned and funded, so it’s hard to look at the company’s internal resources in terms of stability or long-term viability, but the company has enjoyed steady growth since 1999 and boasts 5 million users as of first quarter 2004, processing 1 billion e-mails per week. It’s hardly a garage startup.
Postini doesn’t publish information regarding its service infrastructure, so it’s also hard to say anything about redundancy and global coverage. Any serious look at an ASP solution should include a look at how many data centers are available and how scattered around the globe they are. You don’t want a single site catastrophe to interrupt your inbound e-mail, and a highly redundant, globally dispersed infrastructure ensures this doesn’t happen.
The IronMail appliance is a pretty complete e-mail security appliance, which includes more than just filtering spam and viruses. IronMail offers “policy and content compliance,” which includes the following:
8.FrontBridge TrueProtect Message Management Suite
FrontBridge TrueProtect Message Management suite is an ASP solution with a major emphasis on stability and availability. FrontBridge has seven datacenters worldwide currently, with plans to open four more. Its service guarantees include 99.999 percent availability, with 100 percent availability to date.
TrueProtect spam filtering is based on proprietary algorithms that do blacklisting, fingerprinting (comparing current mail to known spam directly), and rules-based scoring. Like all the other ASP solutions and some of the gateway products, FrontBridge relies on information gathered from the billions of spams that it filters to block the few thousand headed for you.
To ensure that you don’t miss e-mail that’s important to your business, TrueProtect processes outbound mail, too. If you choose to send your outbound mail through FrontBridge, the solution learns that those people you are sending mail to are most likely not spammers when it sees mail coming back from them. This means your whitelists are at least partly automatically generated. FrontBridge virus scanning employs scanners from Sophos, Symantec, and Trend Micro so that it doesn’t have to worry about who has a signature for the newest virus first. Whoever wins the race that day is put in place for virus scanning.
Sophos wins the prize for the most platforms supported by an integrated solution, though for some reason its UNIX support seems slightly better than Windows. (For UNIX, I see support for personal whitelists and blacklists, but this support doesn’t appear to be available for Windows.
PureMessage handles the disposal of spam somewhat differently from most other products: It allows administrators to discard, quarantine, modify subjects, or add hidden headers based on a calculated probability that the specific message is spam. Based on this, a sophisticated internal mail system could have multiple quarantine areas: One with messages that are most likely spam Another for messages that are probably spam but that a user might want to examine for false positives from time to time.
10.Proofpoint Messaging Security Gateway