Spam filtering techniques and methods

¶ … spam filtering solution available and tries to analyze and compare the best way to fight email spam and come up with new ideas and approaches to decrease the amount of email spam received by the organizations. This is important because e-mail spam is causing the it industry billions of dollars annually and it is also interfering with legitimate e-commerce and communication. Therefore, this case study gives detailed and unbiased information on the current solutions being used by the it industry and shows the new approaches that will be used. The tactic involved in the data gathering process has been that of a collection of the largest possible number of existing information related to the spam filtering tools from articles published in various scientific journals and magazines by individual researchers, as well as, research institutions. From the data gathered, it is clear that no past studies of this magnitude on this subject have been conducted. The results indicate that whilst, numerous anti-spam products exist in the market, many diverse anti-spam methods and procedures are being used by these products to filter spam. Some of the most widely used techniques found in these products have been summarized and newer ideas and recommendations are also given so that comprehensive steps can be taken to eliminate the phenomenon of spam.

CHAPTER I

INTRODUCTION

Statement of the problem

The thesis takes a look at the current spam filtering solution available and tries to analyze and compare the best way to fight email spam and come up with new ideas and approaches to decrease the amount of email spam received by the organizations.

Significance of the Study

E-mail Spam is causing the it industry billions of dollars annually and it is also interfering with legitimate e-commerce and communication.

Purpose of the Study

In my thesis I will give detailed unbiased information of the current solution used by the it industry and show the new approaches that will be used.

Introduction

Spam has become a nuisance for all email users because the element of privacy is compromised and also valuable time and money is at stake. Michael J. Blotzer (2002) highlights the difficulties related to spam. Besides attacking the secrecy and discretion of individuals and wasting valuable time, spam costs valuable money to the organizations. He writes, "Spam arrives at significant cost to the consumer. Spam typically makes up 10% to 30% of e-mail traffic and accounts for as much as 50% of all traffic at some Internet service providers (ISPs). The added expense of bandwidth, servers and engineering support to accommodate spam can cost an ISP millions of dollars per year. One telecommunication company estimates that each spam e-mail costs $1 in lost productivity. You can bet those costs are reflected in subscribers' monthly bills (Michael J. Blotzer, 2002)."

Spam causes financial losses to businesses through the traffic it generates, the time taken to delete these emails. The present environment presents significant threat to the businesses through increased competition and globalization and the last thing businesses want is for their employees to waste valuable and congested Internet traffic. Peter Piazza (2003) reveals the economic and financial problems related to spam: "What can be done to halt the onslaught of spam? The problem is reaching ever-higher proportions, both for corporations and users. On the corporate side, the concern is the rising cost of the traffic (more than $10 billion for American businesses this year, according to a recent report by technology research firm Ferris Research), while for Web surfers, the concern is time and convenience; for example, deleting offensive or annoying messages takes 10-20 minutes per day, according to antivirus firm Symantec. And according to a 2001 study for the European Commission, simply receiving spam cost users $10 billion euros a year worldwide. One pioneer has an idea that he believes may stem the tide: charging spammers for their messages (Peter Piazza, 2003)."

Eric Krapf (2003) explains that email has transformed the lives of ordinary people, business executives and organizations because of the extraordinary usefulness and efficiency of this tool. However, the application of this tool is being endangered by unsolicited commercial advertisements (also known as spam) because businesses are loosing valuable assets because of uncalled-for commercial advertisements. Over the years spam has become a global problem and it has become impossible for any individual nation to act individually to solve this problem. These complications have made businesses use other alternatives, which for now are less problematical, such as "instant messaging." (Eric Krapf, 2003).

Eric Krapf (2003) disagrees with this development and notes, "As if the spammers won't be able to figure out a way to reach us through IM (instant messaging). Right now, chat rooms and enterprise systems make up a universe that's narrow enough that protecting your privacy may not be too difficult. But if and when IM becomes the common mode of electronic communication, don't expect to keep your contact information private. Technology can't defeat a problem when the perpetrators are determined to use technology to further their own ends. The overwhelming popularity of the anti-telemarketing 'do not call' list shows that people want public networks to be used for the public good. it's time for 'do not spam' legislation with teeth (Eric Krapf, 2003)."

It has been revealed, in one latest study, that spam is more destructive and harmful that hackers and global viruses. While many studies have revealed that there has been a noteworthy decline is spamming, the costs of this menace are still staggering.

Tim Lemke (2003) writes, "London-based computer-security firm mi2G said in a report on Thursday that computer outages and lost productivity because of spam led to $10.4 billion in worldwide economic losses in October. Meanwhile, the company said viruses and worms - also known as malware - caused $8.4 billion in losses, while hackers contributed to $1 billion in financial damage worldwide (Tim Lemke, 2003)."

The war being waged against spam has become a household battle as Internet users, throughout the world, have been subscribing to spam filtering software companies. This is because the percentage of spam in the total quantity of emails is very high. William Powell (2003) reveals, "Gartner Research estimates that spam accounts for half of all corporate email. Surprising, isn't it? Spain filters keep much of it from reaching your in-box, but what slips through creates an increasing drain on productivity. Ferris Research estimates that drain will cost corporations U.S.$10 billion in 2003. Brightmail reports that nearly 40% of all email is spam. That figure is up 32% from late 2001 (William Powell, 2003)."

The future outlook of spamming is also not very encouraging because as the number of Internet users and businesses are increasing rapidly so are the figures of unsolicited commercial advertisements. As William Powell, 2003 notes, "Some people actually buy the products that spam advertises. Estimates for follow-ups run 0.1 to 1%. That may sound insignificant, but consider that eMarketer estimates that 76 billion messages are sent out annually through legitimate opt-in email marketing campaigns and that, all told, 2.3 billion spam messages are sent daily. Even at a 0.1% return, the dollars start adding up. Jupiter Media Metrix expects expenditures on legitimate email marketing alone to reach U.S.$9.4 billion by 2006 (William Powell, 2003)."

Spam affects more than one area as revealed by the elevated costs of damage and devastation done through spam. Celia Wren, (2003) writes, "That $9-billion figure takes into account variables like 'consumption of bandwidth' and 'loss of worker productivity' (the average worker, according to Ferris's analysts, wastes 4.5 seconds on each morsel of spam). What these figures do not measure or explain, of course, is the subjective dimension -- the pent-up fury experienced by the helpless spam recipient (Celia Wren, 2003)."

Fred S. Knight (2004) downplays the role technology may play in solving the menace of spam. He writes, "I'm sure that the spammers will find ways to fight and delay the deployment of new technology, and they will do everything they can to keep carriers from locking down the public network. Spam is one of those issues where technology's ability to solve the problem is limited by the public's will (Fred S. Knight, 2004)."

It is clear that spam is a significant threat to the it industry and it has become imperative that an in-depth study of the present spam filtering solutions available are examined and analyzed so that the best way to fight email spam can be discovered and new ideas and approaches to decrease the amount of email spam received by the organizations are also determined.

CHAPTER II

REVIEW of RELATED LITERATURE

This section examines the past studies conducted on this subject. From the data gathered, it is clear that no study of this magnitude on this subject has been conducted. This is because researchers in the 1990s and early 2000s had been dubious about any considerable part for spam in the financial costs of the organizations. This is quite surprising considering the number of spam filtering solutions being offered by the corporations. However, cursory studies that have been conducted are either biased because they seem to present a biased review of certain products or are insufficient because of their limitations and shallowness. Those studies that have been considered to be useful are mentioned below.

Robert D. Boerner, Joanne Bourquard, Pam Greenberg (2000) comprehensively elaborates the legal aspect of spam. He provides an in-depth review of the present laws in actions and the future of legislation against spam. He concludes his study by revealing, "Most of the laws target spammers who misrepresent, falsify or forge the point of origin or the routing information of messages. Several states also prohibit the sale or distribution of software that is primarily designed for this type of falsification (Robert D. Boerner, Joanne Bourquard, Pam Greenberg, 2000)." Also, "Most states have specified that the laws apply only to spam that is sent to or generated from locations within the state." However, it is important to note that the menace of spam is a global phenomenon and even United States, with all it powers, cannot solve the problems associated with spamming.

Many other studies also examine the legal efforts and endeavors of United States and European Union to combat spam. For instance, Peter Piazza (2004) highlights the efforts made by the European Union to wage the war on spam. Furthermore, Mark Kellner (2002) provides a very shallow and limited review of some of latest measures being used by the Internet users to stop spam. The most commonly used techniques are purchasing and consistently upgrading spam filtering software and making the email addresses invisible (Mark Kellner 2002).

Lisa Phifer and David M. Piscitello (2002) provide a thorough analysis of the present security situation relating to the use of Internet. They conclude their study by summarizing and suggesting the 10 most valuable practices successfully adopted by organizations to combat the evils associated with ecommerce, which includes spam. These 10 most valuable practices are:

1). Physical security. Think beyond the obvious measures usually taken to secure company offices; (2). Secure perimeters. Internet firewalls meet the 90-percent rule: Properly configured, they block the noisy, low-level inbound attacks; (3). Authentication. it's high time to get rid of weak username/password authentication. Use two-factor authentication, based on tokens, digital certificates or biometrics, alone or in combination; (4). Content inspection. Complement desktop anti-virus measures with gateway software and firewall application proxies that can block malicious code; (5). System and server integrity. Many exploits allow attackers to gain administrative control of operating systems and access file systems; (6). Information integrity. Use file system encryption to protect stored data, especially on laptops and PDAs; (7). Availability. Identify mission-critical servers, security systems and network connections, and determine where you need high availability, redundancy, mirroring and diversity; (8). Access Controls. Access controls enforce security and acceptable use policies; (9). Intrusion prevention, detection and rejection. While intrusion detection provides a valuable security service, consider building your networks to be immune to attacks and (10). Auditing and Logging. Log, log, log.., then log some more. Logging and auditing are like blood tests, x-rays and MRIs. They tell you what's happening in your network (Lisa Phifer and David M. Piscitello 2002)."

Robin L. Wakefield (2004) highlights the importance of information security by analyzing the present threats and methods adopted by the organizations to counter those threats. He believes that the best tool to fight spam is the content-filtering software. He reveals, "Content security involves using electronic means to monitor the transmission and storage of data over a company's network. Content- filtering software can stop spam, scan attachments for inappropriate language, block dangerous attachments, stop intellectual property breaches, quarantine questionable messages or embedded images, and notify systems managers when policies are violated. (Robin L. Wakefield, 2004)."

Michael J. Blotzer (2002) analysis the various spam-filtering softwares presently being used. He reveals the operating methods of these softwares: "Spam filtering software screens e-mail before it's downloaded by your email software. The spam filter scans email waiting on your e-mail server and looks for signs that a message is spam based on a set of defined rules. The rules can include known spam e-mail addresses, spam IP addresses, suspicious e-mail addresses and key words in the subject or body of an e-mail... The spam filter then presents a list of all waiting e-mail, flagging the potential spam. A quick review, followed by a click of a button, deletes the flagged spam at the server, before it is downloaded to your computer (Michael J. Blotzer, 2002)."

Lastly, after analyzing all the present solutions the industry has to offer, he discloses his favorite spam-filtering software, "In my evaluation, Novasoft's SpamKiller stood head and shoulders above the rest. SpamKiller came pre-configured with an extensive set of known spammers and e-mail cues. In addition, SpamKiller can be set to accept all mail from an email list. With other programs, I spent so much time establishing filtering criteria that it was easier to manually trash my spam (Michael J. Blotzer, 2002)."

Peter Piazza (2002) examines the usefulness of spam filtering tools presently being used. He reveals that while corporate gateways are useful against blocking viruses, they are useless against blocking spam. However, he writes, "Filters can also be used to block mail from particular senders, although that's less useful, and content filters (which can be configured by the end-user or the system administrator) can block attachments that don't have a valid business purpose, such as [MP.sub.3] files."

Furthermore, Peter Piazza (2004) discusses the success of two companies in the battle against spam. These companies have used spam filters, which, "attempt to identify the characteristics common to spam and then customize filters to block those identifiers; they look for technical clues in a message indicating that it is probably spam; and they block addresses believed to be used by spammers (Peter Piazza, 2004)."

Rebecca Wetzel (2004) discusses various initiatives being taken to discourage spam. These include consistently upgrading technology and adding payment structures for spammers in order to discourage them Rebecca Wetzel primarily discusses two forms of spam filter tools, (1) content-based filtering and (2) sender-based filtering. While explaining content-based filters, she writes, "Content-based filters draw on a variety of spam identification methods ranging from pattern recognition to recipient complaint systems to Bayesian filtering, a technique that uses words or character strings to identify email as spam, and learns to identify new spam the more incoming email it analyzes (Rebecca Wetzel 2004)." And while classifying sender-based filters, she reveals, "Sender-based filtering blocks based on a sender's reputation -- with filtering decisions made using information in 'black lists' or 'white lists'. Email from senders of ill repute is filtered, whereas email from 'white-listed' senders is always allowed through (Rebecca Wetzel 2004)."

Despite the fact that spam filtering tools are very helpful in blocking unwanted emails, Rebecca reveals some of the disadvantages about these filters. "Filtering can effectively reduce spam on the network and/or at the desktop, but it can have drawbacks. The higher the spam capture rate, the greater the chance of blocking wanted email. No matter how low the risk, undelivered email can hurt business (Rebecca Wetzel 2004)."

Jason Catlett (1998) discusses the present laws related to spamming and also briefly touches upon the subject of spam filtering tools. She critically evaluates the present spam blocking tools being used by ISPs and reveals the challenges and disappointments associated with the use of spam filtering tools. She writes, "The people and companies who provide Internet access to millions of consumers bear the brunt of complaints about spam, and every day they fight hundreds of unseen battles to stem its flow. A highly sophisticated arms race of blocking and filtering software is being waged, and administrators are starting to gain the upper hand, with updates of blacklists being propagated before spammers can switch to their next target. The problem is that such action requires constant vigilance and is very expensive to maintain because of the high level of expertise required to adapt filters continuously to new spamming tactics. Like intelligence agencies, their failures are trumpeted while their victories go unnoticed. Large companies are finding that they have to use similar measures to prevent their employees' time being wasted by spam (Jason Catlett, 1998)."

While concluding her study she writes, "There is no simple solution to junk e-mail. It was born of the freedom and affluence brought by the Internet, and, as long as we enjoy those qualities, we all can expect to have to struggle against junk (Jason Catlett, 1998)."

Lastly, Jason Levitt (2003) discusses the present concepts and tools related to spam filtering solutions, such as, blacklists, white lists, content filtering and machine learning. On the subject of blacklists and white lists, he writes, "Several third-party organizations maintain blacklists, sometimes called real-time black-hole lists, or RBLs, or block-lists, which are lists of IP addresses or domain names that are known to be originators of spam. Businesses can decrease the amount of spam they receive by subscribing to blacklists and blocking any E-mail traffic originating from the IP addresses or domain names listed on the blacklists (Jason Levitt, 2003)," and while writing on the subject of content filtering and machine learning, he discloses, "Content filtering, the filtering of E-mail based on the contents of the header and body of the E-mail message, has been around almost as long as there has been E-mail, but newer techniques involving rule-based reasoning have greatly improved the use of filtering as a defense against spam (Jason Levitt, 2003)."

From the information presented above, it is clear that most of the studies conducted on the occurrence of spam fighting tools originate from very shallow and limited aims and do not include the full spectrum of spam filtering tools. All through the 1990s, for unknown reasons, the most frequently established approximations of the general occurrence of spam had been underestimated. However, the new millennium brought with it the realization that concrete efforts had to be made to counter this ever-increasing threat. This move is not surprising because as the data collected shows that the occurrence of spam has almost certainly increased most of the latest assumptions about the augmenting costs associated with it.

Over the past decade, the issue of spam has surfaced as a key security and financial concern in the ecommerce industry. Even though this menace had been known since the beginning of Internet, it had been thought to be relatively rare. At the present, on the other hand, it has been recognized that spam comprises much broader repercussions than previously thought. Lately, there has been much conjecture that the fundamental danger of the menace, in all its developments, will be augmenting with time. Unquestionably, more and more organizations have been on the lookout for spam filtering services to assist them in tackling the frightening challenges of spam. All this comes at a time when there is sustained bewilderment about the best possible spam filtering tools and software solutions available in the market. Therefore, in this thesis we take a look at the current spam filtering solutions available and try to analyze and compare the best way to fight email spam and come up with new ideas and approaches to decrease the amount of email spam received by the organizations.

CHAPTER III

METHODOLOGY

This dissertation is a case study that takes a look at the current spam filtering solutions available and tries to analyze and compare the best way to fight email spam and comes up with new ideas and approaches to decrease the amount of email spam received by the organizations.

Collection of Data

The tactic involved in this process has been that of a collection of the largest possible number of existing information related to the spam filtering tools from articles published in various scientific journals and magazines by individual researchers, as well as, research institutions.

Data analysis and Search tactics

The data analysis and search tactic depended on manifold means so as to guarantee the most advantageous totality of facts and statistics available. At the outset, a comprehensive literature exploration had been performed by means of internet, as well as, university and public library. In this manner the bulk of published information relating to the spam filtering tools had been distinguished and compiled.

The analytical strategy employed in this paper has firstly identified the gravity of the situation at hand relating to the phenomenon of spamming and its affects on the global ecommerce industry. Appropriate theories and facts have been given to prove not only the seriousness of the situation but also the validity of the arguments. Subsequently, an in-depth overview is given of the spam filtering solutions presently being offered it companies in the ecommerce market by evaluating the strengths and weaknesses of these products and the opportunities and threats in the ecommerce environment. In the conclusion, not only a thorough analysis of the most suitable tools has been provided so that the ecommerce industry can eventually decrease the costs related to spam and increase productivity, but also new ideas and approaches have been given to recommend unique ways to decrease the amount of email spam received by the organizations.

Limitations

It is imperative to analytically assess the outcome and the entire case study. This is because this case study has some limitations that should be observed when taking into consideration the importance of the case study and its assistance. This case study has concentrated on a subject that has been an extremely large and leading one, that is, the best spam filtering tools available presently. Undoubtedly, this characterizes an extremely difficult assignment for research in spite of the more precise interests that the case study might have. This wide-ranging and difficult subject has been analyzed from a somewhat limited experimental perception. The choice of the single case study design obviously draws out numerous limitations in so far as the simplification of the outcome of the case study is involved. Consequently, the case study setting can simply be termed as a sort of direct framework of the ecommerce market procedures.

One more limitation of this case study has been the viewpoint assumed. Rather than attempting to thoroughly comprehending the past, present and futuristic market trends related to the phenomenon of spamming, this case study has been primarily limited to the best spam filtering tools presently available. Even though the case study has also considered additional observations related to newer ideas and approaches along the hypothetical strategic recommendations, the most important point-of-view from which results have been sketched is that of the spam filtering solutions presently being offered to it companies in the ecommerce market.

CHAPTER IV

RESULTS

To cope with the rising spam dilemma, it companies have been making great strides to discover newer methods and tools to block spam, at the same time making certain that genuine e-mails are not delayed or deleted. Despite the fact that there are numerous it companies providing real time solutions for jamming spam, only the leading it companies and their most favored solutions are considered for this study. This is important because in order to successfully understand, discuss and compare the methods being used to fight spam and give new solutions and recommendation, it is imperative that we review the salient features of the best and the most used spam filtering products. Following is a brief description of the main features of the spam filtering solutions being offered by the leading it companies:

BrightMail

Brightmail is considered to be leading the market of spam filtering solution by consistently delivering products that have an edge over the other products available in the market. The basic features of Brightmail's spam filtering products are:

Source: filtering based on where the spam is coming from, identifying and blocking IP addresses that generate spam (PR Newswire, 7/21/2003);"

Content: filtering based on the messages themselves and what their content is (PR Newswire, 7/21/2003);"

Call-to-Action: filtering based on the sites where spammers want to take you to (PR Newswire, 7/21/2003)."

The success of Brightmail can be gauged from the fact that a number of world's leading businesses are using their products to tackle the spam menace. Some of these companies include, Avaya, eBay, Booz Allen Hamilton, Cypress Semiconductors, Deutsche Bank, Lucent Technologies and Terra Lycos. Brightmail also provides spam protection for the leading Internet service providers, including at&T WorldNet, EarthLink, MSN, and Verizon Online (PR Newswire, 7/21/2003). Brightmail consistently upgrades its products to stay ahead of the spammers and the features newly added in the Brightmail's latest spam filtering product are highlighted below:

Improved Effectiveness-blocks more spam with no additional administrator effort (PR Newswire, 7/21/2003)."

Improved Custom Rules-blocks spam based on an administrator's definition of spam (PR Newswire, 7/21/2003)."

Improved Administration -- even easier to install, administer and upgrade (PR Newswire, 7/21/2003)."

Improved Submissions-end users now have more control in fighting spam (PR Newswire, 7/21/2003)."

Improved System Support-support for Windows 2003 and Exchange 2003 (PR Newswire, 7/21/2003)."

NEMX's Intelligent Message Filter (IMF)

In 1994, Nemx Software Corporation had been founded with the primary objective to offer flexible security tools to the Microsoft Exchange environment. The company has been extremely successful in achieving its objective. (PR Newswire; 10/18/2004). The latest spam filtering product offered by Nemx has been widely used by companies all over the world. Some of the basic features of the product are: "The IMF complimentary functionality of Power Tools 5.0 offers it administrators more flexibility over their Exchange security responses. The new product enables better control over Spam Confidence Level (SCL) handling and offers a wider selection of filtering actions than are available through the standard filtering options provided by Microsoft. With the easy-to-use Power Tools 5.0, it administrators can define and control SCL thresholds at various levels within their Exchange organization including servers, groups, and mailboxes, and assign different reactions to each level. For instance, in a K12 school environment, staff receiving spam may have the offending message automatically moved to a subfolder, while the same message to a student would be deleted (PR Newswire; 10/18/2004)."

The McAfee Spam Killer

While many spam filtering solutions require manual training, which can be very difficult for novice users, the McAfee spam filtering products are completely automated providing the users ease of use and relief (PR Newswire, 4/12/2004). Furthermore, McAfee provides its users a comprehensive solution be analyzing every email message from six different tools. These tools include (PR Newswire, 4/12/2004):

Bayesian Filtering -- the McAfee SpamAssassin engine Bayesian filtering comes pre-configured with an out-of-the-box filtering database, and features an innovative auto-learning system which will adapt to the users' particular email stream."

Integrity Analysis -- Examines the header, layout and organization of every incoming email message and applies thousands of algorithms to determine if the email is spam."

Heuristic Detection -- With a set of automated rules based on known spam characteristics, McAfee SpamKiller works proactively to secure the network against spam."

Content Filtering -- the administrator-defined set of words and phrases helps further identify unwanted email and inappropriate content."

Personalized Black and White Lists -- a set of standards defined by the administrator and users utilizing white and black lists to determine both acceptable senders of email, as well as unwanted and unacceptable senders of email."

Self-tuning -- With the ability to learn the characteristics of email received at the desktop, McAfee SpamKiller powered by McAfee."

Spam-Assassin is able to adjust the overall spam score for messages received from known senders. This functionality is provided in McAfee."

With regards to the mail servers, "DNS-Blocklist Support -- the McAfee SpamKiller appliances are able to integrate with Internet-based DNS blocklists to ensure that email sent by known 'spammers' is automatically blocked."

SurfControl

SurfControl is another company that has provided the it industry with superior products to combat spam. The latest spam filtering product being offered by the company has added several new features so that the users can maintain and secure the information they obtain, whilst avoiding all the junk mails to save time and valuable resources. The major new features of SurfControl spam filter comprise:

Virtual Learning Agent (VLA): SurfControl now offers this optional intelligent tool that ensures content is understood in context for each organization (PR Newswire; 4/29/2002)."

Header Modification: SurfControl now strips the IP address and all routing information from e-mail messages before they reach their destination to offer additional security protection against spammers and hackers (PR Newswire; 4/29/2002)."

File Attachment Compression: SurfControl now saves more time, bandwidth and storage. Large file attachments are automatically compressed to minimize the file size when sent over the server. The process is completely transparent to the user (PR Newswire; 4/29/2002)."

Infocrossing, Inc.

Infocrossing, Inc. is another it company that introduced several successful products related to information and data security. Its clients include many fortune 500 companies, as well as, many small businesses, showing diversity in the application of its products. Its most successful product is called MailWatch (TM), which has been upgraded several times. The latest version, MailWatch (TM) 5.0, has several layers of anti-spam protection and discourages spam by using multiple techniques. The main features of MailWatch (TM) 5.0 are:

Enhanced Spam Protection. MailWatch (TM) 5.0 incorporates Infocrossing's innovative Threat Throttling feature and Symantec's Brightmail Anti-Spam (TM) to effectively and accurately block spam. Threat Throttling discourages attacks by using proprietary scanning and correlation techniques to present spammers with randomized patterns 'acceptance', and congests their networks to prohibit them from quickly sending more messages through the MailWatch (TM) system. Symantec's Brightmail Anti-Spam (TM) has been deployed as the initial spam verdict engine in the multi-layered MailWatch (TM) spam filtering architecture (PR Newswire; 4/11/2005)."

The consumers who are not aware of the technical details associated with email servers can also successfully manage the MailWatch (TM) 5.0. "Tailored Administration. With MailWatch (TM) 5.0, companies can choose the level of administration and control best suited to their business. The Professional Edition is ideal for companies of any size that want an effective email security solution that can be managed by a non-technical administrator or department manager. The Enterprise Edition was designed for companies with a security administrator that wants full control to monitor and enforce compliance policies down to the end-user level, create custom reports and guard against spam and viruses (PR Newswire; 4/11/2005)."

Symantec

Many organizations and domestic Internet users have been tired of using products that serve single purposes. In this light Symantec has introduced its latest beta version of Norton Internet Security 2005. Norton Internet Security 2005 AntiSpyware Edition is being built with multiple scanning levels to provide extensive protection against spyware risks. Unlike most standalone antispyware products that can't fully detect spyware and adware in real time, Norton Internet Security 2005 AntiSpyware Edition identifies spyware at the point of entry, leveraging Symantecs highly effective mechanisms already in use to block viruses today (M2 Presswire; 4/19/2005).

This latest version has been upgraded to counter the challenges posed from spyware along with spam, viruses, worms and hacker attacks. This single product with multiple benefits has won many awards and its latest version has already created an innate sensation amongst organizations and Internet users. This is because, "Norton Internet Security 2005 AntiSpyware Edition is being built with multiple scanning levels to provide extensive protection against spyware risks. Unlike most standalone antispyware products that can't fully detect spyware and adware in real time, Norton Internet Security 2005 AntiSpyware Edition identifies spyware at the point of entry, leveraging Symantecs highly effective mechanisms already in use to block viruses today (M2 Presswire; 4/19/2005)."

This latest version has also been upgraded to produce a lot more accurate results. The spamming and spyware tools used in this latest edition have been structured to accurately produce the desired results. "Another advantage of Norton Internet Security 2005 AntiSpyware Edition will be its ability to accurately differentiate between actual spyware risks and legitimate software applications. The potential for false positives with Norton Internet Security 2005 AntiSpyware Edition will be significantly reduced because real-time detection will be based on known signatures that are posted by Symantec Security Response and deployed via Automatic LiveUpdate rather than on the rudimentary system monitoring typically associated with other standalone spyware solutions. (M2 Presswire; 4/19/2005)."

Trend Micro

Trend Micro has been producing products that have been protecting valuable information flowing from email servers, Internet gateways, and file servers. This method of stopping spam at the main server allows the workforce of organizations to focus on their work. An email content filter to block email based on certain keywords or phrases, enabling administrators to stop potentially infected email messages from being delivered to unsuspecting users and to prevent distribution of confidential or inappropriate information into or out of the enterprise. Filter profiles are based on keyword lists, Boolean ("not") keyword lists and synonyms. Blocked email can be deleted, quarantined or archived (Business Wire; 11/13/2000).

InterScan eManager allows the mangers to control the content of the message, as well as, block file attachments, and filter spam. This is achieved through Intelligent Message Filtering (IMF) tools featured in the latest version of their product. Its main features include, "A file attachment blocking feature that allows administrators to block incoming files by file name, type, etc., while still permitting other non-threatening email to pass through." Also, "A rule-based spam filter to block junk mail before it reaches a company's mail server. The spam filter includes both a self-updating list of common spam sources and a customizable list of sources. The filter checks message headers (to, from, cc and subject fields) for routing domain, in-bound/out-bound status and message size, and checks the message body for designated keywords and phrases (Business Wire; 11/13/2000)."

ProofPoint

The Server (TM) produced by Proofpoint checks all email messages, whether they are incoming or outgoing, in three separate parts; (1) Spam Detection, (2) Content Compliance and (3) Virus Scanning. With the rising demand of customized email examination, Proofpoint Server (TM) has been upgraded to meet the specific demands of individual companies. The three different procedures for spam checking can be briefly described as:

Spam Detection analyzes attributes of incoming email messages in real-time. The attribute extraction process inspects all aspects of incoming messages, from the network connection-layer to message envelope, headers and structure, as well as unstructured content in each message. (PR Newswire; 7/21/2003)."

Content Compliance works in conjunction with an organization's established corporate policies and training programs to ensure that compliance is enforced throughout a company's email infrastructure. This limits an organization's exposure to costly liability and mitigates email risk. (PR Newswire; 7/21/2003)."

Messages are scanned for viruses in parallel with spam and content inspection, and administrators are presented with a unified interface for email protection, resulting in the most efficient processing and management (PR Newswire; 7/21/2003)."

MailFrontier

While numerous different methods exist to tackle the growing threat of spam, very few companies have been able to produce the right combination of tools to tackle the problem effectively. Many organizations believe that MailFrontier is one such company. This is because it protects the time and resources of the organizations by successfully stopping all spam at the gateway. "MailFrontier Anti-Spam Gateway creates a dynamic eProfile -- a distinct blocking profile based on the nature of a corporation's communication. The eProfile is constantly updated, automatically tuning its spam blocking capabilities in order to optimize effectiveness specifically based on the mail characteristics of the corporation (PR Newswire; 2/17/2003). "

Furthermore, the fact that many large and small businesses have opted for spam filtering solutions provided by MailFrontier, it goes to show that the products being offered are not only relatively cost-effective and successful but also flexible enough to meet the unique requirements of different organizations. "MailFrontier Anti-Spam Gateway offers flexible deployment options, including per-user spam management capabilities for power users and gateway configurations for centralized it control (PR Newswire; 2/17/2003)."

Spammers have been consistently looking for newer ways and means to overcome the latest technology it companies have to offer to combat spam. Many have been successful in their endeavors; therefore it is imperative for it companies to consistently upgrade their products to confront the spammers head on. Up-grading spam filtering products is one area where MailFrontier has been very successful. Their latest version includes many new tools and features. "MailFrontier Anti-Spam Gateway has the most comprehensive spam blocking available -- using proven techniques such as blacklists and content filters as well as innovative dynamic whitelists (automatically-generated lists of approved senders whose email always gets through) and a collaborative global spam reporting network. First generation spam products have shown that products offering only one blocking technique are not effective against the increasing sophistication of spam. MailFrontier is the first company to offer the most comprehensive set of spam blocking techniques integrated into an enterprise gateway solution (PR Newswire; 2/17/2003)."

Vircom

The major distinction between the spam filtering solutions offered by Vircom and other spam gateway products is that Vircom allows a lot more flexibility and control to its customers so that the customers can design their mail servers to match their specific needs. This move has allowed the company to sell additional products associated with spam filters. "The difference with VOP modusGate is it re-introduces the concept that customers should be in control of their corporate communications. VOP modusGate features a built-in compiler to create customized scripts and, if desired, to submit them to Vircom for validation and distribution to all customers. The response from the ISP community has been immediate. More clients are not only sharing Sieve scripts but are also joining Vircom's new VOP Anti-Spam Coalition (VASC) to obtain full open access to scripts to design even better and more intelligent anti-spam filters. Sieve scripts are made available in different categories including financial, pornographic, medical, educational, and gambling spam emails (Business Wire; 6/6/2002)."

Furthermore, the Intelligence Message Filters offered by Vircom are no ordinary gateway filters because they have utilized the latest and the most unique technology to detect and delete all unwanted emails. "Layered with intelligence, VOP modusGate is the first Windows-based gateway to be user-aware, meaning it can first determine whether an enterprise employee actually exists on the company mail server before scanning for spam and viruses. If not, VOP modusGate simply rejects the message. Before scanning, VOP modusGate simulates a connection to the mail server to verify if the user exists with the results cached for greater performance. This is an effective method to prevent spammers from flooding email systems and to save system resources (Business Wire; 6/6/2002)."

Bayesian Spam Filtering

Many critics believe that Bayesian spam filtering can be developed into the world's most prolific and dynamic anti-spam tool covering all the features of other tools currently being used to counter the threat of spam. However, this is only a theory and practical steps have to be taken so that the true potential of this tool can be utilized. Bayesian filters are designed to handle these shades of gray, dealing in probabilities rather than definite rules. They're named after Bayes' Theorem, the equation they use to calculate the likelihood that a message is spam. Unlike a filter, this calculation takes into account both the factors that mark a message as spam and the factors that mark it as legitimate e-mail, thus ensuring that evidence is weighed fairly (Andy Dornan, 2004).

The process used by the Bayesian filters is also very unique. However, many critics believe that the process needs to be upgraded so that more accurate results can be obtained from this tool. It is worth noting here that this technology is in its infancy and a lot of work needs to done to propel the true potential of this tool. "When a Bayesian filter receives an e-mail message, it scans for particular tokens-strings of characters that are likely to be significant in determining whether or not a message is spam. A token is usually a word, but it doesn't have to be: The best Bayesian filters scan message headers as well as bodies, in which case tokens are likely to be IP addresses or domain names for every token, the Bayesian filter's database contains a probability value that measures how likely it is to appear in spam vs. regular e-mail. The clever part is that these probabilities are themselves continuously recalculated, based on the e-mail and spam that a particular user receives. This means they quickly adapt to new spammer tricks and are automatically customized to fit each user's definition of spam. Users don't have to understand probability theory or fiddle with filter settings. All they have to do is train the filter by marking which incoming messages they want to receive and which they don't (Andy Dornan, 2004)."

Mirapoint

Mirapoint is another company that has been very successful in producing products that stop spam and other security threats at the network gateway so that the workforce of any organization can channelize their energies on productive work and leave the battle against spam to be fought by the Mirapoint servers. "Designed to complement an existing email server, the Mirapoint Message Director provides multi-layered security protection at the network edge to block hackers, spam, and virus threats, as well as provide advanced management of message traffic through policy enforcement tools, content filters, and detailed reporting. For small- to medium-sized businesses or for highly distributed organizations, Mirapoint also offers the RazorGate line of email security appliances that employ the same industrial-strength technology as the Message Director and can be deployed to secure and protect any existing email server (M2 Presswire; 5/25/2004)."

Not only is the Mirapoint Server dedicated to adapt to the specifications of the organizations but also provide a multi-layered security services to protect the network from unwanted emails. "The Mirapoint Message Server is the industry's only dedicated appliance that integrates email routing, storage, access and management with Mirapoint's comprehensive, multi-layered Full-Spectrum email security technology. The Message Server is designed to support any enterprise, service provider, government or education customer trying to deliver email to a broad base of users that demand anytime, anywhere access to carrier-grade email services (M2 Presswire; 5/25/2004)."

Tumbleweed

Founded in 1993 and headquartered in California, the company has made huge strides in providing a variety of security solutions to a number of private and public organizations. These include, Bank of America Securities, ABN Amro, JP Morgan Chase & Co., Catholic Healthcare West, the Regence Group (Blue Cross/Blue Shield), St. Luke's Episcopal Healthcare System, the U.S. Food and Drug Administration, and the U.S. Navy and Marine Corps. Spam filtering servers provided by Tumbleweed are considered to be the most effective in business today. "Tumbleweed Email Firewall has been recognized as having the best email security product functionality by META Group, and was rated the #1 enterprise software solution for fighting spam, according to Network World (http://www.nwfusion.com/reviews/2003/0915spam.html).Tumbleweed Email Firewall protects, filters and secures email traffic at the Internet gateway with an integrated set of anti-spam, anti-virus, anti-hacker, content filtering, email relay and encrypted messaging capabilities -- minimizing email communications risks and reducing email management costs. Tumbleweed Email Firewall is used by more than 400 of the world's largest, most demanding messaging infrastructures, and is available in both appliance and software editions (Business Wire; 12/15/2004)."

Sybari

Sybari is another widely used tool to fight spam at the network gateway so that the administrators can successfully reduce the influence of spam emails on their local networks. Sybari gives a great deal of flexibility and control to the administrators so that they can convert and adapt the email servers to their specific requirements. "Administrators are able to filter messages and apply designated actions through multiple methods: Real-Time Black Hole List (RBL) lookup, DNS Lookup, Sender/Domain Filtering, Rules-based Message Body Scanning, and Subject line content-filtering. The module identifies Spam, offensive language and confidential information based on pre-packaged filters and customized configuration information. Identified messages can be purged to further reduce the amount of unsolicited employee e-mail traffic entering a messaging infrastructure. The Sybari Spam Manager also enables companies to set and enforce policy regarding content of e-mail destined for e-mail addresses outside the organization (Business Wire; 6/2/2003)."

Sunbelt Software

Sunbelt provides both the end-users and the administrators to deal with the menace of spam. This flexible approach has been a major factor in their success. Furthermore, the consumers can easily install the software because the company has simplified the process of installation and setup. Some of the most dynamic features of Sunbelt email servers (known as iHatespam) are as follows: "The constantly updated anti-spam engine uses built-in content-based filters that utilize approximate pattern matching, forged header analysis, rule-based filtering and internal lists of known spammer email addresses and domains. The spam engine also uses spam mutation detection, which looks for variations in junk email as spammers attempt to bypass detection engines."