CA Anti-Spam 2007 - About as Relevant as Meat in a Can

CA Anti-Spam 2007 - About as Relevant as Meat in a Can
Page content

Introduction

Moore’s Law states that (paraphrased) advances in technology will double every 18 months. This law has held true in email security over the past three to four years. While email itself hasn’t seen anything terribly new or innovative, the battle against spam and viruses has been an arduous one and the main innovation in online communication has been in this space. CA’s Anti-Spam, while a solid product, seems to be behind the curve and may have died the death of irrelevance about a year ago.

CA Anti-Spam Plus CA Web Inspector 2008 does its job well. It’s actually a very modest program with no bells or whistles and nothing I’d call innovative. It includes an email search feature as a value-add, as well as a phishing filter. But most modern email clients and web browsers include both and function as well or better than CA’s offering.

Perhaps the biggest irrelevancy factor plaguing CA’s Anti-Spam is HTML mail. The product does not work with HTML-based email like Hotmail, Gmail, or Yahoo mail. These products are mainly accessed via web interfaces and include virus and spam filters already. While the product may work for Outlook corporate mail accounts, the target audience is the home user, many of whom will use  either their web client, or Outlook Express, or some analogue. So it seems Anti-Spam, while solid, is hard to justify if you’re not getting it for free.

The best way to view Anti-Spam is that of a bench player. A spam filter like this one may not see a whole lot of action but no security company worth the name would go to market without one.

Price to Value (2 out of 5)

What’s Not:
Anti-Spam is not a bad product. The reason for the rating is that it’s not a great product, in the sense that it doesn’t do anything groundbreaking or innovative that isn’t already being offered natively in many email programs. Given that it doesn’t operate against HTTP (web-based) email, its usefulness is questionable. Unless you get it for free, there’s not much here that makes it worth the ($50 retail) price tag.

Performance (4 out of 5)

What’s Hot:
I noticed no degradation in performance in Outlook Express with Anti-Spam running. Searching through the Anti-Spam interface was very fast and sending and receiving email operated normally, from what I could tell. One caveat: the only non-HTML email account I use has very little mail in it, so I didn’t test the product with hundreds or thousands of messages. If you use email for storage as well as communication, I’d recommend trying the product first with your larger accounts to ensure there are no performance issues.

The Website Inspector operated well also. I noticed a slight performance hit while the service inspected the site, but no performance problems with the link pop-ups.

Installation & Setup (4 out of 5)

What’s Hot:

The product installed without issue and required little attention. The user is asked to accept two license agreements (one is CA’s and the other is a GPL license) and is given the option to install two items: the antispam software and another product called Web Inspector, which is CA’s phishing filter.
[caspam_install_webinspector.jpg]

There was no registration option in my installation, perhaps because I purchased it direct from CA. I was, however, prompted to install the Yahoo toolbar and to make Yahoo my default search engine. The check boxes need to be manually cleared on this screen, so if you don’t want to Yahoo, pay attention to the (installation) wizard.

The installer wrote about 48 MB to the hard disk and created 576 registry keys. The uninstaller cleaned the hard disk very well, but while it deleted all but one registry value, it left most of the registry keys behind, removing only 69.

Product Features: Search (3 out of 5)

What’s Hot:
The search feature is adequate and seemed faster than the native search built into Outlook Express. Anti-Spam search is indexed, which will tend to improve both speed and accuracy. For Outlook Express users, the Anti-Spam search is a bit easier to use, in my opinion, because it uses a single search query entry box to search all parts of the message (also, a search box is available from the toolbar so users don’t have to open up a separate dialog box). In Outlook Express, to search the message, criteria has to be entered in a separate input box from the criteria you’d use to search the subject line.
[caspam_features_searchbox.JPG]

Results differed between the searches as well. I searched for the word “hoping” using both search engines. The native search in Outlook Express returned five hits. Anti-Spam returned 36. I discovered that the discrepancy was because Anti-Spam found derivatives and roots of the word “hoping” like “hope.” This could be a plus or a minus, depending on your needs. Enclosing the word in quotes didn’t change the results.

What’s Not:
At the end of the day, the search feature just doesn’t compare with the latest desktop offerings by Google, Yahoo, and Microsoft. These engines will not only search your mail but provide in-context snippets of the location of the search word so you can easily find what you’re looking for. Anti-Spam’s search engine is definitely a generation behind.

Features: Website Inspector (4 out of 5)

What’s Hot:

The Website Inspector integrates with the web browser cleanly and worked effectively. It functions as a phishing filter, checking each site you visit for validity. It did a good job of warning me when a site’s credentials weren’t up to par, though performance was a bit sluggish, which could have been due to the fact that the filters of both IE7 and Anti-Spam were running.

The most interesting feature of Website Inspector is the link pop-ups, which evaluate links on a page for validity. By hovering over a link, you engage the Website Inspector, which will display a small information box with site information. The feature will provide feedback using color and text depending on the validity of the link’s target site. I thought that the feature would get annoying after some use, but actually I found it unobtrusive and quite helpful. So many times, words are hotlinked and hovering over the link just provides the URL in the toolbar but not much information about the target. This feature gives instant information about the target site and actually enhanced the browsing experience.
[caspam_websiteinsp_linkpopup.JPG]

User Interface (3 out of 5)

What’s Hot:

The UI for Anti-Spam is entirely accessed through the email program you’re using. In my testing, I used Anti-Spam through Outlook Express (OE) on Windows XP. The application integrated very cleanly with Outlook Express and actually looked and behaved as if it were a part of the application. The dialog boxes and behaviors, while separate from OE, operated consistently with the application. Of course, with Anti-Spam installed, I now had two separate search providers. But CA did a good job of keeping its search feature separate enough from OE’s that they didn’t overlap or conflict with each other from a usability standpoint. Given the way search works in Outlook, I’m not sure the same would be true if I used Anti-Spam though that application.

Anti-Spam uses client-based HTML help (it will open in your browser but doesn’t require Internet access). The help system seemed adequate to the application. It wasn’t excessive (which I think is a good thing when it comes to help systems), but it provided basic tutorial and support information.
[caspam_help.JPG]

The Website Inspector interface is a toolbar that is available in the toolbar section of the browser (I tested this on Internet Explorer 7). When you visit a site, a green box will tell you if the site is verified by CA as a safe site. Another box to the right will provide information about the site such as name, address of the site owner (if available), and the country where the server the site sits on is located. Finally, the toolbar also provides a button that enables you to report the site as malicious or verified. This information is used by CA to build their verification database. Clicking the CA button allows you to set options, such as password and personal data management, enabling or disabling sounds, managing the suspected countries list, and managing approved sites.
[caspam_websiteinsp_toolbar.JPG]

Clicking the verification box opens another dialog box with more information about why the site is verified. Particulars include that the ownership has been identified (or not identified), that the site is active or inactive, that the site is or is not located in a country that is not suspect of abusing spam and that the site is or is not on a blacklist.
[caspam_websiteinsp_verifyinfo.JPG]

The interface integrated unobtrusively with IE7’s phishing feature. In a real-world scenario, I wouldn’t have both running as it undoubtedly affected performance. But for the sake of my testing, I thought IE7 and Anti-Spam’s filters complemented each other.

Overall, the interface items are clear, uncluttered, and do the job they’re supposed to do well.

What’s Not:

There certainly is nothing groundbreaking about the Anti-Spam’s interface. Like OE, most of the interface is very basic and functional to the point of being average. As I alluded to in the Features section of this review, the search provider is fairly uninteresting, particularly when compared with the products being produced by Google and Yahoo. The Anti-Spam functionality didn’t appear to integrate into the OE status bar, which would have been a plus.

I did notice that there weren’t confirmation dialogs where I expected them. For example, clicking the Clean Current Folder option in the toolbar immediately launched the cleaner and the application began working through the email in my inbox. I expected a confirmation box asking me if I was sure I wanted to clean my folder (which, it seems to me, is a fairly invasive operation).

The Security Center interface doesn’t do much at all (other than telling you which apps you haven’t purchased yet). The only functional role it plays is to provide an additional interface to enable and disable Anti-Spam.

Product Features (3 out of 5)

What’s Hot:

CA Anti-Spam is a component of CA’s flagship home offering, CA Internet Security (which is also reviewed here on BrightHub). When you install Anti-Spam, The installer will actually include CA’s Security Center. Since the package only includes Anti-Spam, the Security Center shows most of the applications as “not installed.” The only issue here is that the red circle with the “X” in it makes it look like there’s a problem and that could be misleading.
[caspam_features_securitycenter.JPG]

CA Anti-Spam includes a mail search feature in addition to spam management. When you first launch your mail program after installing Anti-Spam, you are guided through a wizard that enables you to set up which mail program you want to use, search options, and indexing.
[caspam_features_spamwizard1.jpg]

Anti-Spam installs a toolbar into your email application that can be used to instantly and in real time block or approve mail, search mail, and set options.
[caspam_features.toolbar.jpg]

The spam filter operates on a model where senders are first untrusted and the user must explicitly trust senders in order for them not to be filtered. The mail is put in a protected “quarantined” folder where the user must explicitly trust the senders. When I first set up my POP3 account with the spam filter running, all the mail was immediately filtered (it could have been because I didn’t have any addresses in my address book).

Once senders are trusted or blocked, they can be managed using utilities available from the toolbar. The Approved Senders utility lists all senders you’ve explicitly approved and allows you to delete users from the list and even change properties like the listed name or the email address. You can add new names and addresses from this dialog box as well. The utility includes a useful tool that scans any specified folder for approved senders. If you point the tool to a specific folder that contains mail, the tool will grab the addresses from that mail and add them to your approved list. From this utility, you can also export and import approved addresses and search for names or addresses.
[caspam_features_approve_senders.JPG]

From the Options menu, you can modify how Anti-Spam warns you of issues, set a scheduled for reminders, modify search options, and turn features off and on.
[caspam_features_options.JPG]

The level of control seems appropriate for an application of this type. One interesting option that CA included is a spam-scoring utility. This allows you to “train” Anti-Spam to assign a number to incoming messages that is the relative probability that the message is spam. You can then tell Anti-Spam to automatically block messages with a certain score and above and automatically approve messages with a certain score and below. Training involves pointing Anti-Spam to a specific folder or folders with known spam and pressing the Train button. Anti-Spam then uses internal algorithms to determine how to rate incoming mail.
[caspam_features_spamscore.JPG]

The Web Inspector’s link evaluator is interesting and probably the most innovative feature in the package.

What’s Not:
I found one minor drawback with the Approved Senders utility. If you delete users from the “approved” list, they are not added to the “blocked” list. While I’m not sure I’d want Anti-Spam to automatically make this decision for me, it do think that an option box would be in order so that you could choose whether to block the names you’re deleting from the list. Similarly, deleting a name from the blocked senders list doesn’t add it to the approved senders list.

Unfortunately, Anti-Spam doesn’t work with HTTP mail through Outlook Express. This seems like a big oversight particularly given the audience. Still, since most web mail is  already spam filtered at the server, perhaps the usefulness of a client-side spam filter is attenuated.

The biggest deficiency I see with the product is the lack of an attachment manager. All attachments, even those in mail marked as spam, are active and “clickable.” Other modern virus and spam programs will deactivate attachments and embedded images for a number of reasons. Images in an email, for example, can be used as a beacon for spammers informing them that an email account is active. When a user clicks on an HTML email with embedded images, even to preview it, the email application has to go out to the source server to retrieve the images (just like a web page has to do). Spammers can use this round trip to detect the source email address and log that as an active account to which it can send more spam.

Images

Approve senders

Options box

Search box

Security Center

Spam score

Spam wizard

Toolbar

Help

Install Yahoo!

Web Inspector

Link Inspector

Web Inspector toolbar

Verify info

Suggested Features

I’d like to see:

  • An attachment manager.
  • Support for web mail accounts.
  • In-context search results.

Conclusion

If you’re looking for a solid spam filter for a non-HTML mail account and aren’t using an enterprise-class mail client like Outlook, Anti-Spam may be attractive if you can get it for less than the retail price. A solid performer, the product lacks some of the important innovations found in many modern email search and anti-spam offerings. Its lack of HTML mail support and attachment management make it a generation or two behind its peers.

Microsoft One Care, McAfee Spam Killer, Google Desktop