Antispam Software for OE

Topic

New Reply

Hi,

A friend has asked me of a “good” (and ) antispam software for Outlook Express. I use Outlook and am comfortable with SpamBayes, but it won’t integrate with OE. A quick search yielded some like SpamFighter; however, I’d like to hear suggestions from those who have tried antispam soft for OE.

Thank you in advance

Reply | Quote

Replies

Generally speaking, there are two options:

The first is a proxy that works like your antivirus proxy. You set up the proxy on your computer, and Outlook Express requests mail from the proxy, while passing the proxy information about how to get the mail from your actual server. You would notice in OE’s account settings that the server address changed to 127.0.0.1 (or localhost, your computer’s self-referential “loopback” addresses) and the username often will have the real server name added on (e.g., username:pop.server.com). A proxy solution usually works with any mail program, including Outlook Express, but will not display convenient training buttons on the mail program’s toolbar, like SpamBayes. Training it thus may take more effort.

The second is a program such as MailWasher that periodically checks the server and acts on spam before Outlook Express downloads it. I haven’t used MailWasher, but you can find threads on it all over the Lounge.

That said, what to choose? There were some threads further down the boad on anti-spam software ratings sites. Maybe those will help?

Reply | Quote

Hi, Jefferson.

I’m sorry I couldn’t reply sooner. Thanks for your suggestions.

I’m close to feeling ashamed to say that I don’t know what a proxy is. I thought I had a vague idea, but what you say about a proxy as an antispam solution really confused me. Not to mention the possibility to train it!!

I’ve used Mailwasher a some time ago, but what I don’t like is that it requires action on my part. The good side of it is that you don’t actually download spam msgs, but have MW (optionally reply as bounced and) delete them while they still are in the mail server.
On the contrary, SpamBayes-like software requires less action from the user (spotting unfiltered spam messages and training the soft with them), but its weak point is that you must download the msgs before the program determines which are spam and which aren’t.

I don’t know if ever spammers get discouraged by receiving bounced mails, but if so, this is another good reason for my reconsidering MW.

Overall, I prefer the second kind of antispam software. But maybe I’ll have another look at MailWasher.

As for my friend, I think he’ll agree with me too (he’s way lazier than me) and prefer some soft that integrates with OE and does everything without requiring him to tap a single key. Anyone had an experience with these?

Thank you

Reply | Quote

Diego,
—————————————–
I don’t know if ever spammers get discouraged by receiving bounced mails,
——————————————
Most spammers don’t ever “see” the bounce because they are machine generated, no reply, phony addresses to begin with.

Reply | Quote

Hi Viking,

Yes, I knew that, but forgot for a moment. Thanks for the reminder

Reply | Quote

Hi Viking,

Yes, I knew that, but forgot for a moment. Thanks for the reminder

Reply | Quote

Diego,
—————————————–
I don’t know if ever spammers get discouraged by receiving bounced mails,
——————————————
Most spammers don’t ever “see” the bounce because they are machine generated, no reply, phony addresses to begin with.

Reply | Quote

I should have defined my terms.

A proxy is a “go between”; for example, a company may set up a proxy server to provide access to the Internet: the browser thinks the proxy is the real server, the real server thinks the proxy is the browser. By this trick, the proxy can filter all of the traffic before forwarding it on.

Antivirus and antispam proxies work similarly, but run on your own system. You point your mail client at the proxy (which impersonates a POP3 mail server by listening on port 110 for mail requests), and point the proxy at the mail server, and no one is the wiser.

Reply | Quote

I’ve been using MailWasher Pro for some time now and really like it. It can be set up to work fully automatically, but I don’t do that that. It does automatically tag email it identifies as spam based on several filtering options, including “Learning Filters” (Bayesian Filters). The learning filters “learn” from your interaction with the program. Even though I have not had a false positive in months, I do not feel comfortable letting any program delete my mail without me approving that action. So my setup does require user intervention.

MWP does use black and white lists – however, I have found the blacklist option is nearly worthless for spam. This is nothing against MWP, it is due to badguys only use a particular email address once or twice and then switch to another address – so why add an address to the blacklist when that email will never be seen again? The filters normally tag those emails as spam and mark them for deletion anyway.

Note that most spam cannot be easily traced back to the origin as the return email address is spoofed, forged or just plain fake anyway. Therefore, even though Firetrust (the MW authors) tout “bouncing” as a valuable feature, a check at the official MWP forum on Castlecops.com will show that the experts agree that bouncing is a waste of time and bandwidth. In fact, it usually makes things worse in two ways; (1) since the return address is usually invalid, a bounce will create a new bounce, adding to network traffic and causing a worthless undeliverable message to come back to you. (2) IF by some chance the return address is valid, sending a bounce merely informs the spammer it reached a valid address (yours) and continues to send you more spam and may even sell your address to other spammers!

Finally, and most importantly, IMHO, MWP’s greatest asset, and one that makes it stand above the others (flame suit on) is that, as mentioned above, it analyzes the email on the email server. This is most important. Most programs download the entire email – including any viruses, worms, infected attachments, and other malware – and dump them on to your system somewhere. MWP analyses on the server and deletes as necessary directly off the server before touching your system. Once processed, MWP can call up your email program and download only the mail you wish to keep.

Even though the anti-spam programs claim the have these unprocessed emails sufficiently contained, and maybe they do – for now – that to me, is letting the bad guy in the front door.

Many argue that their anti-virus programs scans these emails first and that is true. However, 10-12 new viruses/worms are discovered every day. But most AV programs are not configured to check daily for new signature/definition files daily (and why not, I wonder? – different issue) – most check weekly and even the great free AVG defaults to a ridiculous every 14 day check! Assuming Norton’s weekly check is the norm, that means the potential for 70 – 80 new viruses may come your defenseless way!

Something to think about.

Bill (AFE7Ret)
Freedom isn't free!

Reply | Quote

How do you review mail tagged as spam? I assume MW has its own interface (in other words, you don’t have to set up a separate IMAP connection to your mailbox).

Reply | Quote

MW has a “message window” that lists the emails on the server – and yes you have to tell MW your account(s) name and password, servers, etc. It works with POP3, Hotmail, IMAP, and AOL accounts. The message window shows the To, From, Subject, Date/Time sent and arrived, size, if an attachment is with it. The message windows also shows if the filters or black/white lists have identified the emails as Friend, Blacklisted by SpamCop, ORDB or VISi, the Learning Filters or user defined filters. You can check or uncheck as needed. Then when you “Process Mail” it deletes the mail marked for deletion (if so configured in the filter parameters – each user configurable) directly off your ISP’s server.
Mail identified as Friend or not marked for deletion remains on the server.

The default set up calls up your Email client after “processing”. If your email client is set to download email upon opening, then in comes your email.

Admittedly, it is not as easy to use as other spam filters but I attribute that to its flexibility. It lets your run it your way. However, once set up (and it has pretty good wizards to help you – and it also will pull some account data from Outlook and OE and maybe a couple others) it is easy.

I accept that it is a bit harder to use than some – the price to pay for peace of mind.

It has a fault that at times is frustrating until you get the hang of it. It is possible for an unprocessed email to sneak in between the time you process in MW and the time your email program polls your email server. However, it is rare. Future releases of MW are suppose to include proxy support which will eliminate that too.

Bill (AFE7Ret)
Freedom isn't free!

Reply | Quote

> Future releases of MW are suppose to include proxy support which will eliminate that too.

That does sound like the logical evolution: check mail through MailWasher so that suspected junk is simply left behind on the server.

Reply | Quote

> Future releases of MW are suppose to include proxy support which will eliminate that too.

That does sound like the logical evolution: check mail through MailWasher so that suspected junk is simply left behind on the server.

Reply | Quote

MW has a “message window” that lists the emails on the server – and yes you have to tell MW your account(s) name and password, servers, etc. It works with POP3, Hotmail, IMAP, and AOL accounts. The message window shows the To, From, Subject, Date/Time sent and arrived, size, if an attachment is with it. The message windows also shows if the filters or black/white lists have identified the emails as Friend, Blacklisted by SpamCop, ORDB or VISi, the Learning Filters or user defined filters. You can check or uncheck as needed. Then when you “Process Mail” it deletes the mail marked for deletion (if so configured in the filter parameters – each user configurable) directly off your ISP’s server.
Mail identified as Friend or not marked for deletion remains on the server.

The default set up calls up your Email client after “processing”. If your email client is set to download email upon opening, then in comes your email.

Admittedly, it is not as easy to use as other spam filters but I attribute that to its flexibility. It lets your run it your way. However, once set up (and it has pretty good wizards to help you – and it also will pull some account data from Outlook and OE and maybe a couple others) it is easy.

I accept that it is a bit harder to use than some – the price to pay for peace of mind.

It has a fault that at times is frustrating until you get the hang of it. It is possible for an unprocessed email to sneak in between the time you process in MW and the time your email program polls your email server. However, it is rare. Future releases of MW are suppose to include proxy support which will eliminate that too.

Bill (AFE7Ret)
Freedom isn't free!

Reply | Quote

How do you review mail tagged as spam? I assume MW has its own interface (in other words, you don’t have to set up a separate IMAP connection to your mailbox).

Reply | Quote

I’ve been using MailWasher Pro for some time now and really like it. It can be set up to work fully automatically, but I don’t do that that. It does automatically tag email it identifies as spam based on several filtering options, including “Learning Filters” (Bayesian Filters). The learning filters “learn” from your interaction with the program. Even though I have not had a false positive in months, I do not feel comfortable letting any program delete my mail without me approving that action. So my setup does require user intervention.

MWP does use black and white lists – however, I have found the blacklist option is nearly worthless for spam. This is nothing against MWP, it is due to badguys only use a particular email address once or twice and then switch to another address – so why add an address to the blacklist when that email will never be seen again? The filters normally tag those emails as spam and mark them for deletion anyway.

Note that most spam cannot be easily traced back to the origin as the return email address is spoofed, forged or just plain fake anyway. Therefore, even though Firetrust (the MW authors) tout “bouncing” as a valuable feature, a check at the official MWP forum on Castlecops.com will show that the experts agree that bouncing is a waste of time and bandwidth. In fact, it usually makes things worse in two ways; (1) since the return address is usually invalid, a bounce will create a new bounce, adding to network traffic and causing a worthless undeliverable message to come back to you. (2) IF by some chance the return address is valid, sending a bounce merely informs the spammer it reached a valid address (yours) and continues to send you more spam and may even sell your address to other spammers!

Finally, and most importantly, IMHO, MWP’s greatest asset, and one that makes it stand above the others (flame suit on) is that, as mentioned above, it analyzes the email on the email server. This is most important. Most programs download the entire email – including any viruses, worms, infected attachments, and other malware – and dump them on to your system somewhere. MWP analyses on the server and deletes as necessary directly off the server before touching your system. Once processed, MWP can call up your email program and download only the mail you wish to keep.

Even though the anti-spam programs claim the have these unprocessed emails sufficiently contained, and maybe they do – for now – that to me, is letting the bad guy in the front door.

Many argue that their anti-virus programs scans these emails first and that is true. However, 10-12 new viruses/worms are discovered every day. But most AV programs are not configured to check daily for new signature/definition files daily (and why not, I wonder? – different issue) – most check weekly and even the great free AVG defaults to a ridiculous every 14 day check! Assuming Norton’s weekly check is the norm, that means the potential for 70 – 80 new viruses may come your defenseless way!

Something to think about.

Bill (AFE7Ret)
Freedom isn't free!

Reply | Quote

Hello Jefferson,

Thank you for your explanation of “proxy”. I think I got the idea. Besides, this week I had to configure IE to use a proxy server in order to access a virtual library, which helped to better understand what a proxy is.

Reply | Quote

Hello Jefferson,

Thank you for your explanation of “proxy”. I think I got the idea. Besides, this week I had to configure IE to use a proxy server in order to access a virtual library, which helped to better understand what a proxy is.

Reply | Quote

I should have defined my terms.

A proxy is a “go between”; for example, a company may set up a proxy server to provide access to the Internet: the browser thinks the proxy is the real server, the real server thinks the proxy is the browser. By this trick, the proxy can filter all of the traffic before forwarding it on.

Antivirus and antispam proxies work similarly, but run on your own system. You point your mail client at the proxy (which impersonates a POP3 mail server by listening on port 110 for mail requests), and point the proxy at the mail server, and no one is the wiser.

Reply | Quote

Hi, Jefferson.

I’m sorry I couldn’t reply sooner. Thanks for your suggestions.

I’m close to feeling ashamed to say that I don’t know what a proxy is. I thought I had a vague idea, but what you say about a proxy as an antispam solution really confused me. Not to mention the possibility to train it!!

I’ve used Mailwasher a some time ago, but what I don’t like is that it requires action on my part. The good side of it is that you don’t actually download spam msgs, but have MW (optionally reply as bounced and) delete them while they still are in the mail server.
On the contrary, SpamBayes-like software requires less action from the user (spotting unfiltered spam messages and training the soft with them), but its weak point is that you must download the msgs before the program determines which are spam and which aren’t.

I don’t know if ever spammers get discouraged by receiving bounced mails, but if so, this is another good reason for my reconsidering MW.

Overall, I prefer the second kind of antispam software. But maybe I’ll have another look at MailWasher.

As for my friend, I think he’ll agree with me too (he’s way lazier than me) and prefer some soft that integrates with OE and does everything without requiring him to tap a single key. Anyone had an experience with these?

Thank you

Reply | Quote

Hi Diegol

FWIW, I use a somewhat simplistic approach, with a local proxy like Jefferson mentions. It’s called VMail and pops up an alert when mail arrives (optional). I can then look at just the headers and decide for myself whether to delete or not – it doesn’t have any blacklists or learning or fancy stuff like that.

BUT the big advantage I see with it is that it can view HTML messages via its very basic internal rendering engine, quite independent of OE/IE. It’s not “clever” enough to run scripts, activeX etc. so there’s no possibility of malmail doing any damage, or trying to pull any funny stunts. Its (arguable) disadvantage is that I have to decide for myself what to keep (after previewing or simply from known “trusted” headers) and what to delete directly off the server(s). Personally, I like it this way, but then again I don’t get mountains of mail or much spam.

This is now $$ware, but I do have a URL to the last ware version, if you’re interested.

Alan

Reply | Quote

Hello Alan,

Your description of VMail sounds pretty much like Mail Washer, with the aggregate of a proxy functionality (wich according to Bill’s post is about to be included in MW very soon). Thanks for sharing the info. If I (we) decide for a MW-like kind of program I’ll ask you for the link to the free download.

Reply | Quote

Hello Alan,

Your description of VMail sounds pretty much like Mail Washer, with the aggregate of a proxy functionality (wich according to Bill’s post is about to be included in MW very soon). Thanks for sharing the info. If I (we) decide for a MW-like kind of program I’ll ask you for the link to the free download.

Reply | Quote

Hi Diegol

FWIW, I use a somewhat simplistic approach, with a local proxy like Jefferson mentions. It’s called VMail and pops up an alert when mail arrives (optional). I can then look at just the headers and decide for myself whether to delete or not – it doesn’t have any blacklists or learning or fancy stuff like that.

BUT the big advantage I see with it is that it can view HTML messages via its very basic internal rendering engine, quite independent of OE/IE. It’s not “clever” enough to run scripts, activeX etc. so there’s no possibility of malmail doing any damage, or trying to pull any funny stunts. Its (arguable) disadvantage is that I have to decide for myself what to keep (after previewing or simply from known “trusted” headers) and what to delete directly off the server(s). Personally, I like it this way, but then again I don’t get mountains of mail or much spam.

This is now $$ware, but I do have a URL to the last ware version, if you’re interested.

Alan

Reply | Quote