VB calls for collaboration amongst anti-spam vendors

Posted by   Virus Bulletin on   Nov 30, 2009

VB finds that, when it comes to spam filtering, a combined effort outperforms individual products.

Virus Bulletin has discovered that running several spam filters in combination could be key to getting the best performance out of them.

Following the last VBSpam comparative review of anti-spam products, the VB test team established that if the efforts of several filters were to be combined, the performance would be significantly better than that of any of the products on their own.

In the test, almost 200,000 emails were sent to 14 different anti-spam solutions which were required to classify them as either ham or spam. The test revealed that no legitimate mail was blocked by more than four products. After the test, VB's anti-spam team decided to look into this further and considered a hypothetical filter that marked an email as spam if at least five of the 14 products did so.

Unlike any of the individual products, the hypothetical filter generated no false positives at all, and combined this 0% false positive rate with an impressive overall spam catch rate of 99.89% (higher than any of the individual products VB has tested).

VB's Anti-Spam Test Director, Martijn Grooten said: 'Anyone who has ever worked with an anti-spam solution will know that some spam emails are notoriously hard to filter, while some legitimate messages end up being marked as spam. It's therefore no surprise that no spam filter is faultless. However, the results of VB's test demonstrate that what is easy to filter for one product may cause trouble for another and vice versa.'

Grooten continued, 'For end-users this means that if spam filtering is business-critical, the use of more than one spam filter may be a good option. The anti-spam industry, meanwhile, should consider the benefits of collaboration and information sharing - and might be better able to protect our inboxes as a result.'

The next VBSpam test will be run in December, with the results to be published in January.

Posted on 30 November 2009 by Virus Bulletin

 Tags

virus bulletin spam vbspam vb
twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VB2019 paper: Static analysis methods for detection of Microsoft Office exploits

Today we publish the VB2019 paper and presentation by McAfee researcher Chintan Shah in which he described static analysis methods for the detection of Microsoft Office exploits.

New paper: LokiBot: dissecting the C&C panel deployments

First advertised as an information stealer and keylogger when it appeared in underground forums in 2015, LokiBot has added various capabilities over the years and has affected many users worldwide. In a new paper researcher Aditya Sood analyses the…

VB2019 presentation: Building secure sharing systems that treat humans as features not bugs

In a presentation at VB2019 in London, Virtru's Andrea Limbago described how, by exploring data sharing challenges through a socio-technical lens, it is possible to make significant gains toward the secure sharing systems and processes that are vital…

VB2019 presentation: Attor: spy platform with curious GSM fingerprinting

Attor is a newly discovered cyber-espionage platform, use of which dates back to at least 2014 and which focuses on diplomatic missions and governmental institutions. Details of Attor were presented at VB2019 in London by ESET researcher Zuzana…

Why we encourage newcomers and seasoned presenters alike to submit a paper for VB2020

With the call for papers for VB2020 currently open, we explain why, whether you've never presented before or you're a conference circuit veteran, if you have some interesting research to share with the community we want to hear from you!

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.