Why are people still trying to use content filters and authentication to fight spam?
Six years ago I co-founded an anti-spam company that didn't use content filtering. It looked for "lies" in the headers. We grew it into a an end-user service called MessageFire, and we started on a corporate service ala Postini. Then we sold the company to an up-and-coming email-compliance vendor called MessageGate. I stayed there for almost two years before the commute between Boston and Seattle, among other things, just got to be too much. Sadly, although they still are around, their attempt to start selling to the Fortune 100 and work their way down, just didn't work. And MessageFire's technology, a small part of their system, has languished.
How do I know that MessageFire's technology would still work? After all, I left the company several years ago, and the characteristics of spam have changed quite a bit since then. Very simple. The software is still filtering my personal email. And as the owner of somewhere.com, I get a lot of spam. Here are the stats on the accounts I am currently filtering.
Messages processed for Kee Hinckley in the past week.
| Account | Junk | Misfiled | |
|---|---|---|---|
| xxx | 93 (23.2%) | 307 (76.8%) | 0/ 0 (0.0%) |
| xxx | 69 (21.0%) | 259 (79.0%) | 0/ 0 (0.0%) |
| xxx | 52 (32.3%) | 109 (67.7%) | 0/ 0 (0.0%) |
| xxx | 482 (6.6%) | 6,774 (93.4%) | 0/ 0 (0.0%) |
| Total | 696 (8.5%) | 7,449 (91.5%) | 0/ 0 (0.0%) |
| System Total | 31,882 (20.3%) | 125,484 (79.7%) | 134/ 28 (0.1%) |
So in the past week, my personal mail accounts got 696 legitimate messages and 7,449 pieces of spam. Overall (in the same week) the system received 31,882 valid messages and 125,484 pieces of spam. The recorded error rate was 0.1%. (The yearly system totals are 1.6m legit messages and 6.2m pieces of spam.)
So that's not bad. But here's what's really impressive.
Your typical anti-spam system, as run by Google, Postini, MessageLabs or others, has a room full of people, working 24/7, identifying new pieces of spam and adding them to the filters.
The MessageFire anti-spam system is still running the same software, with the same rules, that it was running over two years ago when I left. In those two years spammers have vastly increased their use of dark IP addresses, pwnd machines, new image and PDF attachments, and other techniques. Every content-filter vendor out there has had to scramble to deal with the problem. But the MessageFire system is still running old, un-updated code. Not because it couldn't be improved (it definitely could be), but because it's sitting on MessageGate's shelf waiting for someone to come along and buy it. Yet it works as well, if not better, than any of those systems.
It's frustrating to write software that never gets used, even in the best of circumstances. To see MessageFire's technology sitting there filtering less than a hundred accounts, is enough to drive me to drink.
Technorati Tags: email, messagefire, messagegate, spam, zdnet
TrackBack URL for this entry: http://www.marrowbones.com/cgi-bin/mt4/mt-tb.cgi/35
0 TrackBacks
Listed below are links to blogs that reference this entry: Why are people still trying to use content filters and authentication to fight spam?.
Leave a comment