Most antispam technologies get failing grade |
 |
By Robert Westervelt, News Editor
26 Jul 2007 | SearchSecurity.com |
|
|
Users of challenge-response technology reported the most satisfaction making it the most effective method to fight annoying spam, according to an independent study.
In fact most antispam technologies are getting a failing grade from some very frustrated users.
|
|
|
|
|
Business is ever more dependent on email and our anti-spam technologies are trying hard to fight the scourge that is spam, but they're not doing a very good job.
Peter Brockmann,
president and research director, Brockmann & Company
|
|
|
|
|
|
|
|
|
|
The study, by Northborough, Mass.-based IT consultants Brockmann & Company showed that challenge-response did better than appliances, hosted spam filters and commercial filters.
Brockmann surveyed more than 500 businesses, with 40% of the respondents having IT responsibilities. The independently funded study was conducted in June and resulted in the creation of a spam index to measure how satisfied workers were with their spam technologies.
The latest challenge-response technologies allow end users to send a "challenge" email to an unknown sender asking them to verify that the message is legitimate. The method is less sophisticated than filtering technology sold by antispam and antivirus vendors, but challenge-response was twice as effective as hosted services for spam prevention.
According to the survey, 67% of challenge-response users specified that they are very satisfied with their email experience as compared to next highest technology, hosted services, in which 42% reported that they were very satisfied.
Commercial software filters, such as those produced by McAfee, Symantec and Trend Micro, satisfied only 22% of respondents, the report found.
The author of the report, Peter Brockmann, president and research director of Brockmann & Company, said survey respondents were frustrated with their current technologies. The report found that 36% of organizations surveyed lost business because of legitimate emails getting caught in spam filters, Brockmann said.
"Business is ever more dependent on email and our antispam technologies are trying hard to fight the scourge that is spam, but they're not doing a very good job," he said.
|
| Anti-spam: |
Reputation systems gaining credibility in fight against spam: Now that nearly all organizations are employing some sort of anti-spam technology, spammers know their only hope for success lies with outwitting spam-detection strategies.
Is the CAN-SPAM Act a help or a hindrance? Security expert Joel Dubin examines the effectiveness of the regulation. |
|
|
|
|
Brockmann said more businesses are beginning to investigate challenge-response technologies, such as those offered by Irvine, Calif-based Sendio and Seattle-based SpamArrest. But the industry was built on filtering technologies that take less aggressive approach by defending against spam rather than verifying message senders, he said.
"To a large respect the whole industry has harped around a performance metric of getting more of the nasty messages out of people's inboxes," Brockmann said. "To a large extent, unless we change something, it's not going to get any better."
Enterprises are finding challenge-response a viable option, Brockmann said. The latest challenge-response technologies use grey lists and other features to avoid sending a challenge email to unknown senders.
Brockmann's spam index is calculated based on the amount of spam emails they get, the number of trapped messages, the amount of time users had to deal with spam, and an estimated number of resend requests.
Brockmann said email hosting providers, from vendors such as AppRiver, MessageLabs and MXLogic also underperformed based on the index. Filtering appliances vendors, which integrate software with a hardware appliance, such as Barracuda, Borderware and McAfee performed poorly. And reputation-based systems known as "real-time black lists" that block out known spammer IP addresses from vendors such as Commtouch, IronPort and Spamhaus, also failed to satisfy users.
The worst performing technology was filter-based ISP solutions, which provides some form of antivirus and antispam filtering for hosted domains. The service is offered by most email hosting service providers.
|
|
|
|
