Anyone who has launched an e-mail client to discover a glut of offers for dubious nostrums, bogus diplomas, and indelicate physical congress is well aware that spam —the junk mail that fills our inboxes in ever increasing amounts—is a huge problem.
The U.S. federal and state governments have made some efforts to curb the proliferation of spam, but these have been diluted by competing interests concerned with preserving and promoting free speech and allowing marketers to reach potential customers. Even the toughest antispam laws do little to stem the tide of spam—particularly spam that originates overseas, where American law holds no sway. Internet Service Providers (ISPs) have also stepped up efforts to snare the spam that slithers through their gateways, but these efforts are ineffective in most cases.
We looked at seven spam utilities:
We examined each utility’s interface, ease of use, and mode of operation, and made some general judgments about its comparative effectiveness at eliminating spam—we say “general” because good spam filters get better with time and adapt to spam’s changing nature. We then fed each program the same bucket of junk, to see how it dealt with some egregious forms of spam, right out of the box. In addition, we considered the following key questions:
Technology and techniques
These utilities interact with your e-mail client in different ways and use a variety of techniques for separating good messages from spam.
EmailCRX, MailWasher Pro, Spamfire, and SpamSweep download your incoming messages (or enough of each message to judge its content) and then filter and rate them. Once you’ve verified your mail, these utilities can delete the spam from the server and send the good messages to your e-mail client. EmailCRX and Spamfire act as proxy servers for your e-mail client; this means that when you ask your e-mail client to download your mail, it passes that task along to the spam catcher—which retrieves your good messages and passes them along—rather than going to your ISP’s POP server.
While Personal Antispam X4 and SpamSieve are each full-fledged programs, they’re integrated into your e-mail program. All your messages are delivered to your e-mail client; as they arrive, these utilities sort them into your inbox or into a spam folder, depending on their contents.
SpamX can allegedly either act as a proxy server or deal with your POP server as any e-mail client would. Regrettably, the proxy-server setup doesn’t work with Apple Mail or the latest version of Microsoft Entourage.
Each of these utilities uses a variety of common techniques to filter spam. Nearly all include blacklists, whitelists, and a variety of statistical-learning filtering schemes. Some also have a “revenge” feature that lets you report spam to antispam agencies or to what the program believes is the spammer’s ISP. (For definitions of some important spam-fighting terms, see How Do Spam Busters Work?.)
Designed for ease of use, SpamSweep—which installs an IP and domain-name blacklist, builds a whitelist of your approved senders, and offers Bayesian filtering—is the least configurable of the lot. The program provides no access to its blacklist, its spam corpus (the collection of words the Bayesian filter uses to identify spam), or its filters. Like other utilities that include Bayesian filters, it learns as it goes. Other than correcting it when it wrongly identifies messages as spam, you have no options for adjusting its behavior.
Personal Antispam X4 gives you a little more control. You can view the contents of its spam corpus (called the Lexical Dictionary in this program) and delete individual entries or the entire contents of the corpus (to reset it, for example). You can add, edit, and remove blacklist and whitelist entries. Likewise, you can edit the list of attachment types that cause a message to be identified as spam (the program filters messages with .bat, .cpl, .pif, and .scr attachments by default). The program also uses URLs to decide whether a message is spam—Intego updates a database of spammy URLs once a month. After 12 months of ownership, Intego asks that you pay $30 to renew your subscription for another year.
Spamfire offers editable blacklists and whitelists as part of its Senders preference, as well as Bayesian filters (the corpus of which can be reset but not edited), and it includes a renewable 12-month subscription ($13) to updates to its URL database. Additionally, you can create conditional rules much like the rules in Mail and Entourage: If Body Text Contains Cialis Mark As Spam, for example. Spamfire also includes a revenge feature that lets you report spam and phishing schemes to SpamCrime (a Web-based service where you can report spam), the spammer’s ISP, the Federal Trade Commission, PayPal, and eBay (you can add additional reporting authorities).
SpamSieve has a blacklist (called a blocklist in the program) and a whitelist as well—mark a message as spam, and the sender is sent to the blocklist. Entries in your OS X Address Book or your Qualcomm Eudora or Entourage address book are automatically entered in the whitelist, as are the senders of mail you accept. You can delete and edit these lists’ entries and add new entries, as well as create rules within the lists. SpamSieve uses a form of Bayesian filtering and can use the Habeas SafeList—a list of senders who agree to send only legitimate e-mail. You can train SpamSieve with groups of selected spam and good messages. If you’ve got a few hundred spam messages and good messages archived in your e-mail client, you can make SpamSieve acceptably accurate within a matter of minutes rather than the days it can take to train other programs. Personal Antispam X4 works the same way.
EmailCRX doesn’t use statistical learning filters. Instead it relies on blacklist and whitelist entries of user-defined phrases, a whitelist of friends (you can import your OS X Address Book contacts), country filters that allow you to reject e-mail from specified countries, an optional challenge-response system that requires that correspondents verify their identity, and a reverse-DNS system that looks for valid entries in message headers. EmailCRX also has a Report Abuse feature that attempts to contact the spammer’s ISP. Satisfying as it may be to rat out spammers, doing so means that you could get a lot of return messages either acknowledging the report or bounced back to you as undeliverable.
MailWasher Pro has a Friends List that includes contacts you’ve added (you can add a contact directly to the list or add many contacts at once by choosing a group of messages and selecting E-mail: Add To Friends List), a blacklist derived from messages you’ve deemed spam, a Bayesian filter, a feature that blocks e-mail from known spam DNS servers, customizable rules, and a unique feature that checks your mail against messages that other MailWasher Pro users have added to the company’s spam database. You can opt to report spam to SpamCop, a spam-reporting service.
SpamX’s mode of operation is something of an intentional mystery. The program’s developer doesn’t want to reveal how SpamX goes about its business—because he believes that doing so will help spammers defeat the program’s protection. It consults real-time black-hole lists (collections of the IP addresses of known spammers), and you can import and add contacts to a whitelist. The program also focuses on reporting spam. As with EmailCRX’s abuse reports, sending these things can result in confirmation and undeliverable-mail messages.
Checking Content: EmailCRX’s preview pane makes it easy to view a message’s content.Configuration and interface
Of the seven utilities, the easiest to install and configure are Personal Antispam X4, Spamfire, and SpamSweep. Personal Antispam X4 asks whether you’d like to use it with Apple Mail or Entourage or both (it doesn’t support other e-mail clients). The program works within your e-mail client, adding a menu item that you use to invoke the commands for labeling messages as good or spam. It supports POP and IMAP accounts.
Spamfire 2.3 is a separate program that filters your e-mail, lets you make corrections, deletes junk mail from the server, and sends good messages to your e-mail client via proxy. When you first launch the program, a setup assistant lets you choose your e-mail client (Eudora, Bare Bones Software’s Mailsmith, Entourage, Mozilla, Apple Mail, CTM Development’s PowerMail, or Other) and import addresses from a text file if you like (Spamfire automatically adds contacts in Address Book to its whitelist). Then it presents you with a list of e-mail accounts to choose from (it checks Mail’s and Entourage’s preferences for these accounts). It can automatically import your POP and IMAP e-mail settings from these programs. Spamfire can separate your likely spam messages into Definite, Probable, and Borderline folders, making it easier to locate both spam and misidentified good messages.
SpamSweep also has a setup assistant that lets you choose your e-mail client (Apple Mail, Eudora, GyazSquare’s GyazMail, Mailsmith, Entourage, PowerMail, or Mozilla’s Thunderbird) and provides an area for entering your e-mail account information. SpamSweep downloads the first 100K of every e-mail message, filters it, provides options for making corrections, and deletes messages that you’ve labeled as spam from the server. You download the good messages that remain on the server when you connect to your e-mail client. Unlike Spamfire, it offers no proxy setting for directly transferring your e-mail between programs. It currently supports only POP accounts.
SpamSieve, which works within a variety of e-mail clients (including Apple Mail, Entourage, Eudora, Gyaz-Mail, Mailsmith, and PowerMail), requires a bit more configuration. Although the SpamSieve menu includes commands for installing Mail, Entourage, and Eudora plug-ins, you must also configure your e-mail client’s rules so that they can access the AppleScripts that help SpamSieve do its job. SpamSieve’s manual includes easy-to-follow instructions for doing this. Once SpamSieve is installed, its training commands appear either in an AppleScript menu (Entourage) or in a program menu (Mail). It, too, can manage both POP and IMAP accounts. By default, SpamSieve will color-code messages in Mail to indicate their level of spamminess, thus making it easier to identify borderline messages.
MailWasher Pro installs easily enough, and it offers a basic setup assistant for entering account information. But once you leave that assistant, you’re left to traverse Spam Tools and Options windows (most of which include numerous tabs) on your own to get things set up. Adding to the complexity is the fact that MailWasher Pro won’t pull account configurations from your e-mail client and instead requires manual configura-tion. Like the other self-contained programs, MailWasher Pro downloads only a portion of each e-mail message—you can adjust how much. Also like these other tools, it will delete identified spam from your server, allowing your e-mail client to download only good messages.
EmailCRX is another self-contained utility that’s a challenge to set up without instruction. It offers scads of options, and you must configure your POP account manually (the program doesn’t support IMAP accounts), as well as choose from a variety of filter settings. Because EmailCRX sends your good messages to you via a proxy server, you must also configure your e-mail client to download its mail from EmailCRX, rather than from your ISP’s POP server. The developer understands that configuration can be tricky and provides a detailed and easy-to-follow installation guide.
While having a degree in computer science isn’t absolutely necessary to use SpamX, it certainly wouldn’t hurt. You configure this Java-based program through a single SpamX Configuration window that includes eight menus (and looks much like Windows software). The program’s Help menu isn’t very helpful—invoking it takes you to the SpamX Web site, which offers the barest of instruction on how to set up the program. SpamX doesn’t support IMAP accounts.
Use and performance
Once they’re trained, most of these utilities do a decent job of effectively removing spam from your inbox. The combination of populated blacklists, whitelists, and trained filters should make anyone’s spam problem manageable. For most people, the perfect spam fighter balances ease of use, configurability, safety, and effectiveness.
By those standards, SpamSieve is the top choice. Because it’s largely built into your e-mail client, you rarely need to muck with a separate program and risk losing e-mail in transit between spam catcher and e-mail utility. SpamSieve is easy to train with good and bad messages, and if you want to go beyond the basics and configure your own filters or edit your blacklists and whitelists, you can do so without a lot of bother. After a couple of days, it’s nearly transparent and very effective.
Personal Antispam X4 provides similar ease of use and safety, thanks to its built-in nature, but it’s not as extensively configurable as SpamSieve. While the utility’s suspect-URL database is a great feature, it’s regrettable that you have to pay an annual subscription fee to keep the database up-to-date.
SpamSweep is a reasonable choice if you prefer an effective filter that doesn’t require much in the way of setup or maintenance. It’s not a good choice, however, if you want to configure your spam utility’s lists and filters.
Spamfire’s ability to filter mail into subcategories, separating the borderline messages from the definitely good or bad ones, is a nice touch. But the program seems a little unstable. More than a couple of times, it did nothing while supposedly retrieving mail.
MailWasher Pro is complicated and looks like something ported from Windows software. There are a dizzying variety of options, and if you don’t know how to set them up (or worse, can’t find them), you’re not getting your money’s worth out of the program. There’s no option for adding contacts from your address book—you must add contacts one at a time or they are automatically added as you mark a message as good. The user database is a nice resource to draw from, but it’s not terribly helpful if you’ve received the first wave of a new variety of spam before it has been reported and added to the database.
While more Mac-like than MailWasher Pro, EmailCRX likewise has the smell of a Windows port. For example, when the message-viewing window is open, menu items are grayed out. The windows behave like dialog boxes. You have to close them before you can do anything else with the program. Given that EmailCRX doesn’t use statistical learning filters—relying instead on spotting legitimate information in message headers—it’s a little surprising that the utility isn’t more accurate out of the box. Its Countries filter does quickly identify a fair amount of spam, and once we’d identified a few hundred messages (and thus beefed up its blacklists and whitelists), it caught much of our test spam.
While the developer’s desire to pull the plug on spammers via the program’s reporting features is admirable, SpamX is far more difficult to use than any spam utility should be. A good manual and a decent interface would go a long way toward making SpamX an acceptable option for Mac users.
Macworld’s buying advice
The name SpamSieve should be on the lips of any Mac user serious about ridding his or her computer of junk mail. It’s affordable, effective, easy to use, and configurable. While other spam utilities may filter your mail nearly as well, none performs the job as transparently as C-Command’s SpamSieve 2.6.1.
Why It’s Spam: Spamfire’s Filter Results tab can tell you how it reached its conclusions.The many faces of spam
The term spam comes from the famous 1970 Monty Python sketch in which a café customer is told that it’s impossible to order anything that doesn’t include Hormel’s canned meat product Spam. During the sketch, a chorus of Vikings repeatedly chants the word Spam, eventually drowning out the conversation. In the 1980s, the term was applied to attacks on electronic bulletin boards and in chat rooms, in which a user or a group of users attempted to drown out others by posting long strings of text (this text sometimes included material from the original Spam sketch).
Commercial e-mail spamming began in the mid-1990s, as people flocked to e-mail and the Web, and its reach and volume have been growing ever since. In 1994, the first large-scale spam was sent to 6,000 newsgroups, thus reaching millions of people who accessed those newsgroups. In June 2005, 30 billion pieces of spam per day were sent via e-mail. It’s estimated that this number had tripled by February 2007. It’s also estimated that approximately 85 percent of the e-mail sent today is spam. Typically, over half of the e-mail you receive is spam.
E-mail spam comes in a variety of forms and formats.
Advertising Spam The most common forms of advertising spam are come-ons for pornography Web sites, prescription drugs, sexual-enhancement potions, printer ink cartridges, counterfeit items (including name-brand watches and popular software titles), mortgage offers, phony diplomas, and penny stocks.
Advance-Fee Fraud Typified by the infamous Nigerian scam, advance-fee spam is purportedly sent from a foreign government minister or a relative of a wealthy person, for instance, and offers a percentage of a large sum of money if only you’d pass along the kind of private information that results in your bank account being cleaned out.
Phishing Messages that claim to be from sources you trust—a bank, your broker, or an online service, for example—are phishing scams. These messages ask that you go to an authentic-looking Web site and submit a password, an account number, a credit card number, or some other bit of private information in order to continue using the service or to update your account. The information you give to these sites is most often used for the purposes of identity theft and for accessing your bank accounts and credit card accounts.
Virus Spam Messages that contain Windows viruses as attachments are often sent by infected PCs without the knowledge of the computer’s owner. Some of these viruses turn unwilling PCs into zombies —computers that are later used to relay spam or conduct denial-of-service attacks (in which masses of data are directed at an Internet domain with the intent of overwhelming its servers and shutting it down). While the viruses contained in these messages won’t affect your Mac directly (unless you receive one while running Windows), they can clutter up your inbox just like any other junk mail, and they can damage Windows computers if you forward messages containing them to Windows users.
Web Bugs Spammers began creating HTML spam, in part, to include Web bugs—invisible HTML image tags that report that a message has been read (this also confirms that a message has reached a viable e-mail address, which can be sold to other spammers). Spam messages may be formatted as plain text, Rich Text (text that supports more-extensive formatting than plain text), HTML, and attached graphics files. Moving to more graphic forms of spam is not done to make the messages visually appealing. Image spam is now used to thwart antispam utilities that search for text but not graphics within the body of an e-mail message.
How to avoid spam
Spammers have countless ways to obtain e-mail addresses, including scouring corporate directories, pulling e-mail addresses from the address books of virus-infected PCs, and obtaining addresses from supposedly private databases. In some cases, they simply make addresses up, hoping to hit a small percentage of viable ones. It costs spammers very little to send millions of copies of a message. If the majority of those messages go to invalid addresses, it’s no skin off a spammer’s nose. As long as spammers get the low yield they need to make money (in other words, suckers who respond to their pitches) they’re satisfied.
Given this onslaught of spam, what should we do to protect ourselves? Start by swearing to never, ever reply to a message that includes an unsolicited advertisement. Also ignore removal instructions in spam messages. This is simply a trick to help spammers learn that your address is active. Additionally, refrain from clicking on links that take you to Web sites that seek personal information.
You can also use some of the features built into your e-mail client. For example, all e-mail clients include rules or filters that let you sort your messages by sender. Specifically, if a message’s sender is not in your address book, the message can be deemed junk and sent to a folder you’ve reserved for spam. This kind of whitelist filtering is effective if you receive e-mail from a select group of people. You can also configure your e-mail client to filter specific kinds of attachments—files that end with .scr and .pif, for example, which are invariably attached to spam. And to protect against Web bugs, you can turn off the automatic display of images in HTML messages.
You can also let your e-mail client take a swing at your mail with its own built-in spam filter. While its tools can certainly help reduce the amount of spam you receive, they don’t do as good a job as some third-party programs designed specifically to destroy spam.
[ Senior Editor Christopher Breen is the author of The iPod and iTunes Pocket Guide, second edition (Peachpit Press, 2007). ]
Statistics Window: SpamSieve mostly hides in the background, but you can check its work by pulling up its Statistics window.