Server utilities apprehend junk mail at the mail server, lessening spam’s impact on a user’s bandwidth and storage. If you don’t want to control spam with an e-mail client or a desktop utility, one of the following products might appeal to you. The next time you shop for an ISP, ask whether it offers a server-side spam stomper with its e-mail accounts.
Just keep in mind that filtering at the server has its downsides. It’s rarely possible for you to see (or choose) the thousands of criteria that server utilities use to block spam. Similarly, server-side utilities might not tell you that a message has been blocked.
The open-source SpamAssassin uses a huge number of points-based rules that are constantly updated. SpamAssassin can either delete messages that have more than a certain number of points, or give messages tags that indicate how many points they received; you can then use an e-mail program’s traditional Boolean filtering to organize incoming mail according to that spam score. SpamAssassin supports some DNS blacklists, as well as Vipul’s Razor, a spam-fingerprinting system (http://razor.sf.net).
We tested SpamAssassin with 5,000 legitimate e-mail messages and 5,000 spam messages. It correctly identified 76 percent of the junk messages as having a spam score of 5 or higher, a typical number chosen by SpamAssassin users. Unfortunately, SpamAssassin also gave a whopping 23 percent of the legitimate e-mail messages a spam score of 5 or higher.
Although rules (and the number of points they assign) can be modified, only the person who administrates SpamAssassin at the server level can make those changes — you have no control.
Filter Method: Points-based.
Accuracy Poor: correctly identified 76 percent of spam; misidentified 23 percent of legitimate mail.
Bandwidth and Storage: Good if rejecting spam; fair if merely inserting ratings.
Ideal Users: Experienced e-mail user able to filter by ratings or unconcerned with false positives; server administrators.
With server-wide points-based filtering based on thousands of rules, as well as features that allow individuals and groups to customize rules and preferences, Postini (from Postini Incorporated) does not delete potential spam. Instead, suspect mail is shunted to a Web-accessible quarantine area (typically for two weeks). You can view the quarantined mail and choose to delete it or have it delivered normally.
In our testing, with 4,000 legitimate messages and 4,000 spam messages, Postini correctly identified 81 percent of spam, while 19 percent of legitimate mail was wrongly classified as spam. Adding some custom settings brought false positives down to about 13 percent. Mysteriously, some of our custom settings vanished after testing. We also saw items disappear from Postini’s quarantine area well ahead of schedule.
Filter Method: Points-based.
Accuracy Fair: 81 percent of spam identified, but 13 to 19 percent of legitimate mail also classified as spam.
Bandwidth and Storage: Good — Postini keeps quarantined mail on the server; you download only legitimate mail.
Ideal Users: Non-technical users with moderate amounts of e-mail who are willing to check a Web page regularly for filtering errors.
Most visible as the power behind Earthlink’s much-touted Spaminator service (spaminator.earthlink.net), Brightmail maintains a large network of addresses that exist for no other purpose than to be targeted by spammers. The company seeds these addresses far and wide, analyzes the spam it receives, creates new antispam rules based on that spamming activity, and then distributes those rules to its servers. Brightmail can respond quickly to spam attacks, but you can’t find out what triggers a Brightmail filter, and neither of the Brightmail-based systems we tested offered any option for user-defined rules. Messages identified as spam are shunted to a folder, which you can access via a Web browser (typically for 10 days); from there, you can choose to deliver false positives normally and delete true spam. Brightmail shows you why it thought a message was spam, but its explanations are often cryptic.
Brightmail’s accuracy was good in our tests: it correctly identified 82 percent of 1,000 spam messages; of 1,000 legitimate e-mail messages, 18 percent were misidentified as spam.
Filter Method: Points-based rules.
Accuracy Good: 82 percent of spam correctly identified, but 18 percent of legitimate mail misclassified as spam.
Bandwidth and Storage: Good messages identified as spam aren’t downloaded.
Ideal Users: People with limited e-mail needs or dedicated e-mail addresses.
To benefit from the spam filters in IC Group’s Pobox, you have to sign up for a Pobox account. You can then use that account’s address for situations in which spam is likely — for example, in some Web site forms. Pobox automatically forwards your Pobox mail to your primary account. Pobox’s antispam service uses a points-based filter system; although you can’t add custom rules, you can adjust the sensitivity of the filters Pobox applies to incoming mail. You can block messages that have spam scores above a certain level; at the same time, you can modify the subject lines of the remaining messages to indicate the spam score Pobox gave them. You can then apply traditional Boolean filtering to those messages via your e-mail client. Typically, you will delete messages with very high spam scores and change the subject lines of messages with lower scores.
In our testing, with 1,000 spam messages, Pobox correctly labeled over 91 percent with a spam score, although only 62 percent of those scores were high enough that we’d consider automatic blocking. Pobox did better with 1,000 legitimate mail messages, tagging only 13 percent with a spam score and only 17 messages with unusually high spam scores.
Filter Method: Points-based.
Accuracy Good: 60 to 90 percent accuracy in labeling; fairly low rate of false positives.
Bandwidth and Storage: Fair — bandwidth is saved only if you ask Pobox to delete messages with high spam scores.
Ideal Users: Anyone who needs a new e-mail address with reasonable spam protection or excellent spam labeling.
Julian Haight’s SpamCop maintains a DNS blacklist of sites that users accuse of distributing spam. SpamCop removes most erroneous entries, but many server administrators’ first interactions with SpamCop are not positive.
You can check SpamCop’s Held Mail folder via a Web browser. Messages identified as spam are held there for two weeks; if a held message isn’t spam, you can receive the mail normally and tell the system to always accept mail from that sender. No other user-configuration options are available.
In our testing, with 1,000 legitimate e-mail messages and 1,000 spam messages, SpamCop flagged almost 25 percent of the valid mail as spam, and it correctly identified only 49 percent of the junk mail. However, since SpamCop’s methodology is so different from other services, our test isn’t as appropriate a gauge of the service’s accuracy. Our sample spam messages span three-and-a-half years; machines used to transmit that spam may have been secured or transferred to new, innocent owners.
Filter Method: Boolean (DNS blacklist).
Accuracy Poor: less than 50 percent of spam was correctly identified; nearly 25 percent of legitimate mail was flagged as spam. However, the test may not be representative.
Bandwidth and Storage: Good — messages identified as possible spam are not downloaded.
Ideal User: Relatively technical e-mail user familiar with SpamCop’s blacklist methods.