Extras – Review of SPAMEATER

M. Sean Fosmire is with the Michigan law firm of Garan Lucow Miller, P.C.

SPAMEATER, a product of High Mountain Software, is an excellent way to tame the spam monster. Spam messages have proliferated enormously in the last year, and a large number of them are graphic sexual ads which are personally offensive to most people and which clearly do not belong in the workplace.

SpamEater works by scanning e-mail messages as they are queued on the POP3 server, applying a series of defined filters, before the mail is downloaded. As the user directs, the matching messages may be deleted or downloaded to the hard drive for separate inspection. Downloading them is highly recommended, for reasons that will be mentioned below.

The user must first identify all valid e-mail addresses for his or her system, either full addresses or domain names, and any message sent to a user name not matching a valid address will be rejected. After those addresses are checked, SpamEater checks each message against its list of filters. Currently, at least 50 filters are included. They include:

  • To and From headers match
  • Missing To header
  • Currency or income references in subject line
  • Three or more exclamation points in subject line
  • All caps ALERT found in subject

The filters are constantly being updated by High Mountain, and an “update filters” button allows the updates to be quickly included in the filter database.

The user can choose which of the filters will apply and which will not. The Filter “From address ends in numbers” will reject many users from AOL, for instance, and is unchecked on my system. The user can create his own filters, in addition to those provided by SpamEater.

An “approved senders” list, again using either full e-mail addresses or domain names, is processed first, and SpamEater will leave these undisturbed, and thus allow the mail client to download them, even if the message would otherwise fit any of the filters.

SpamEater can recognize and neutralize a small number of Trojans and Worms, although relying on it for this purpose is something like relying on a Baggie for protection against sexually transmitted diseases. (As my father always said, use the right tool for the job.)

One significant feature of the Pro version is that it will process many e-mail accounts on separate POP3 servers. (It will only work on POP3 servers.) The user could thus set it up to process both home and work accounts, if desired, from one computer.

It takes a few days of tweaking the filter settings to get this product humming. If the messages matching the filters are downloaded to SpamEater’s special folder, they can be view using a “message archive” feature. In the early stages, the user will find a significant number of “false positives”, messages that have been quarantined as spam but which are in fact legitimate messages. With the addition of domain names to the Approved Senders list, and some judicious unselecting of some of the filters, the accuracy rate will go up significantly after a week or two of use. After that time, SpamEater can be 90-95% accurate.

A message in SpamEater’s quarantine folder can be replied to without using the e-mail setting. Supposedly, it can also be “requeued”, sent back to the mailbox via SMTP and getting through the second time, but I have never gotten that feature to work.

False negatives, spam messages that still get through, will sometimes occur. One reason, of course, is timing. If SpamEater is set to “check and eat” spam every half hour, a message that was both received by the POP3 server and retrieved with the e-mail client before the half hour mark will still get through.

At one point, for one of my accounts, SpamEater seemed to be catching almost nothing. Close inspection found that the mail client and SpamEater were both set to check the server every 20 minutes. The mail client was doing its check shortly before SpamEater, it seems, with the result that each time there was nothing left for SpamEater to process. Two steps that should be taken are (1) start SpamEater on system startup, before the e-mail client, and (2) set a different schedule for each. On an always-on system, having SpamEater check mail every 10 minutes and setting the e-mail client to check every 30 minutes will result in a much higher catch rate.

SpamEater supports external blacklists (published lists of known spammers) and SpamCop, a feature which allows the user to report an offending sender to his ISP.

There are a couple of wrinkles which still need to be ironed out, but they are only minor irritants. If you change the default name of the icon in the Startup group under Programs on the Windows Start button from “Shortcut to SEP.EXE” to “Spameater”, the program will create another icon with the original name, and the program will run twice. The solution: leave the name as is when the program installs. This may be a quirk of my system.

There are a number of precautions which can be used to avoid having your e-mail address harvested by spammer robots (click on my name on the credits to see one), but even careful precautions will not always work. SpamEater provides a flexible and useful weapon to keep the monster at bay before these messages reach the e-mail client.

SpamEater is freeware, with limited features, while SpamEater Pro costs $24.95. Contact High Mountain Software.

Posted in: Email, Email Security, Extras