VB calls for collaboration amongst anti-spam vendors

Posted by   Virus Bulletin on   Nov 30, 2009

VB finds that, when it comes to spam filtering, a combined effort outperforms individual products.

Virus Bulletin has discovered that running several spam filters in combination could be key to getting the best performance out of them.

Following the last VBSpam comparative review of anti-spam products, the VB test team established that if the efforts of several filters were to be combined, the performance would be significantly better than that of any of the products on their own.

In the test, almost 200,000 emails were sent to 14 different anti-spam solutions which were required to classify them as either ham or spam. The test revealed that no legitimate mail was blocked by more than four products. After the test, VB's anti-spam team decided to look into this further and considered a hypothetical filter that marked an email as spam if at least five of the 14 products did so.

Unlike any of the individual products, the hypothetical filter generated no false positives at all, and combined this 0% false positive rate with an impressive overall spam catch rate of 99.89% (higher than any of the individual products VB has tested).

VB's Anti-Spam Test Director, Martijn Grooten said: 'Anyone who has ever worked with an anti-spam solution will know that some spam emails are notoriously hard to filter, while some legitimate messages end up being marked as spam. It's therefore no surprise that no spam filter is faultless. However, the results of VB's test demonstrate that what is easy to filter for one product may cause trouble for another and vice versa.'

Grooten continued, 'For end-users this means that if spam filtering is business-critical, the use of more than one spam filter may be a good option. The anti-spam industry, meanwhile, should consider the benefits of collaboration and information sharing - and might be better able to protect our inboxes as a result.'

The next VBSpam test will be run in December, with the results to be published in January.

Posted on 30 November 2009 by Virus Bulletin



Latest posts:

VBSpam tests to be executed under the AMTSO framework

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.