Review: Brightmail Anti-Spam Enterprise Edition
Brightmail Anti-Spam Enterprise Edition Version 5.0 is a high-profile spam blocker that uses a wide range of effective spam identification technologies, including proprietary blacklists, signatures and URL identification technology.
Like nearly all the vendors that answered our request for proposal, Brightmail claims to be 95 to 96 percent effective at blocking spam, and our experience at WiscNet seems to bear out that claim.
In fact, Brightmail borders on obsessive in its quest to maintain an extremely low level of false positives (legitimate e-mail that is mistakenly filtered). The company openly states that it would rather reduce the blocking rate than lose its claimed 1-in-a-million false-positive filter rate.
Brightmail uses a probe network that collects an undisclosed number of spam messages every day to constantly fine-tune the tools it uses to ferret out spam.
The platform uses six processing components, including signatures of spam messages, regular expressions and URLs embedded in spam that separate good mail from bad. The URL filter, which extracts the "call to action" URL address embedded in the mail message, was introduced this summer. Because the call to action is currently the hardest spam characteristic to hide, we think URL identification will put a serious dent in spamming efforts. We encourage IT managers to put this ability high on their anti-spam evaluation checklists.
Brightmail shoulders the burden of identifying spam based on its probe network. Because new rules and spam signatures are sent out securely from Brightmail to all customers every 10 minutes, we think IT managers will find the product effective at eliminating spam from user in-boxes.
The flip side of Brightmails management approach is that administrators lose a great deal of control, something the WiscNet judges were wary of.
Brightmails administrative control is likely more than sufficient for most organizations. Brightmail Anti-Spam allowed us to take the same action on all mail being filtered or to take different actions on two (and only two) domains. For example, K12.dane.wisc. edu could delete spam, while a.university.wisc.edu could place spam in quarantine.
Senior Analyst Cameron Sturdevant can be reached at cameron_sturdevant@ ziffdavis.com.