Feeds

Report: Feeble spam filters catch less junk mail

Weaker products or EVIL GENIUS malware-flingers?

Choosing a cloud hosting partner with confidence

Enterprise spam filters are blocking less junk mail, according to independent tests from Virus Bulletin.

During a comparative of 20 corporate email filtering products, several missed more than twice as much spam as in previous editions of the VBSpam tests. Virus Bulletin reckons the drop in performance might be down to improved tactics by spammers rather than a dip in the capabilities in the filtering products it put through their paces.

"This is a worrying trend," says VB's anti-spam test director Martijn Grooten. "There have been many news stories highlighting a global decline in spam in recent months, but if spam filter performances decline too, the situation for the end-user doesn't improve at all."

"It is hard to say what exactly caused filters to miss more spam, but it looks like spammers are doing a better job at avoiding IP- and domain-based blacklists. It may be a sign that they are increasingly using compromised legitimate systems to send their messages," he added.

The best performance in the March 2012 anti-spam comparative review came from Libra Esva, which blocked 99.97 per cent of all spam messages without blocking any legitimate mail, making it the only product to obtain the new 'VBSpam+' award.

Other products with a good spam capture rate of better than 99 per cent included Kaspersky Anti-Spam, GFI, McAfee, Symantec, Sophos and others. BitDefender caught 98.94 per cent of spam but it avoided any false positives. McAfee SaaS caught 99.93 per cent of junk mail but it binned a significant proportion of legitimate messages, 0.21 per cent (the worst performance among the tested products).

Most products still blocked more than 99 out of 100 spam emails, and no product incorrectly marked more than 1 in 470 legitimate emails as spam.

Taken in isolation such figures might be seen as pretty good, however, since both the spam-catching rates and false detection rates both got worse this month Virus Bulletin is in no mood to pop any champagne corks.

"More spam means more time wasted dealing with it, a greater chance of falling for scams, and a greater chance of accidentally deleting legitimate emails," it notes.

Virus Bulletin has put together a chart that shows spam-catch rate against false positive mistakes. The best-performing products are those that hit the top-right quadrant of the Virus Bulletin's graph. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.