By Cameron Sturdevant  |  Posted 2004-06-28 Print this article Print

Digiportal Software Inc.s ChoiceMail Enterprise 2.5 anti-spam software is one too many steps ahead of the effort to block junk e-mail using sender identity.
ChoiceMail 2.5, which shipped last month priced at $350 per server with five user licenses, is one of the first enterprise challenge/response offerings eWEEK Labs has seen. In our tests, ChoiceMail 2.5 did a yeomans job of blocking junk e-mail from our in-boxes.

However, most organizations will likely avoid ChoiceMail 2.5 because of the extensive configuration and intensive user training required to implement the tool effectively.

In addition, problems in SMTP, the fundamental e-mail protocol, make it far too easy for spammers to circumvent the ChoiceMail spam blocker.

Paradoxically, we believe DigiPortal is right to concentrate on developing effective tools to challenge e-mail by using identity, even though identity is the least reliable aspect of the current e-mail world.

ChoiceMail 2.5 is loaded with well-thought-out tools to sort good e-mail from bad, and we could easily create policies that applied global acceptance rules for e-mail. We could also set up basic rules that always blocked e-mail from domains that are known bad senders while always allowing e-mail from customer domains.

When authentication systems get up to speed, this kind of capability will be an asset to e-mail recipients. Now, however, global "accept" lists are a weakness because domain and sender information is so easily forged.

Another potentially large problem we encountered during tests was social acceptance of challenge/response, especially for organizations that routinely send and receive mail from new sources. Unknown senders, such as new customers responding to a marketing campaign, get a challenge message unless special rules are crafted.

Judging by the everchanging tricks and dodges spammers use to evade anti-spam tools, we think its only a matter of time before a keyword list is built that will evade ChoiceMail 2.5s challenge mechanism.

Click here to read eWEEK Labs eValuation of six spam fighters. During tests, when unknown senders posted e-mail to our in-box, ChoiceMail generated and sent an e-mail message to them asking them to confirm they had sent us an e-mail. When a response was received, the original e-mail was placed in the in-box, and any further communication from the senders was automatically passed into the in-box.

Although challenge/ response is a well-known method of handling other kinds of interactions—for example, a knock on the door that elicits a "Whos there?" which is followed by "Its me, Cameron"—this is new territory for e-mail. We think there is currently a high risk that the challenge/response test may create a barrier that a significant number of legitimate senders might not be motivated to overcome.

Social problems aside, we think ChoiceMail 2.5 is a big step in the right direction for identity-based anti-spam systems. We hope future versions of the product handle some of the authentication without involving the people who are sending and receiving e-mail messages. For example, ChoiceMail integration with domain authentication tools, which are likely to appear during the coming year, will enable more hands-off authentication.

We advise IT managers not to write off identity-based anti-spam tools. In the not-too-distant future, these products will likely be the best option for preventing spam from clogging in-boxes. Just not today.

Senior Analyst Cameron Sturdevant can be reached at cameron_sturdevant@ziffdavis.com.

Check out eWEEK.coms Messaging & Collaboration Center at http://messaging.eweek.com for more on IM and other collaboration technologies.

Be sure to add our eWEEK.com messaging and collaboration news feed to your RSS newsreader or My Yahoo page

Cameron Sturdevant Cameron Sturdevant has been with the Labs since 1997, and before that paid his IT management dues at a software publishing firm working with several Fortune 100 companies. Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility, with a focus on Android in the enterprise. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his reviews and analysis are grounded in real-world concern. Cameron is a regular speaker at Ziff-Davis Enterprise online and face-to-face events. Follow Cameron on Twitter at csturdevant, or reach him by email at csturdevant@eweek.com.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel