Feeds

Report: Feeble spam filters catch less junk mail

Weaker products or EVIL GENIUS malware-flingers?

High performance access to file storage

Enterprise spam filters are blocking less junk mail, according to independent tests from Virus Bulletin.

During a comparative of 20 corporate email filtering products, several missed more than twice as much spam as in previous editions of the VBSpam tests. Virus Bulletin reckons the drop in performance might be down to improved tactics by spammers rather than a dip in the capabilities in the filtering products it put through their paces.

"This is a worrying trend," says VB's anti-spam test director Martijn Grooten. "There have been many news stories highlighting a global decline in spam in recent months, but if spam filter performances decline too, the situation for the end-user doesn't improve at all."

"It is hard to say what exactly caused filters to miss more spam, but it looks like spammers are doing a better job at avoiding IP- and domain-based blacklists. It may be a sign that they are increasingly using compromised legitimate systems to send their messages," he added.

The best performance in the March 2012 anti-spam comparative review came from Libra Esva, which blocked 99.97 per cent of all spam messages without blocking any legitimate mail, making it the only product to obtain the new 'VBSpam+' award.

Other products with a good spam capture rate of better than 99 per cent included Kaspersky Anti-Spam, GFI, McAfee, Symantec, Sophos and others. BitDefender caught 98.94 per cent of spam but it avoided any false positives. McAfee SaaS caught 99.93 per cent of junk mail but it binned a significant proportion of legitimate messages, 0.21 per cent (the worst performance among the tested products).

Most products still blocked more than 99 out of 100 spam emails, and no product incorrectly marked more than 1 in 470 legitimate emails as spam.

Taken in isolation such figures might be seen as pretty good, however, since both the spam-catching rates and false detection rates both got worse this month Virus Bulletin is in no mood to pop any champagne corks.

"More spam means more time wasted dealing with it, a greater chance of falling for scams, and a greater chance of accidentally deleting legitimate emails," it notes.

Virus Bulletin has put together a chart that shows spam-catch rate against false positive mistakes. The best-performing products are those that hit the top-right quadrant of the Virus Bulletin's graph. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Bad PUPPY: Undead Windows XP deposits fresh scamware on lawn
Installing random interwebs shiz will bork your zombie box
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.