Advertisment

McAfee SpamKiller 2.0

author-image
CIOL Bureau
Updated On
New Update

McAfee SpamKiller 2.0 for MS Exchange Small Business can serve a maximum of 500 mailboxes. It requires Exchange server with SP 2 running on Win2K server with SP 2 or above, Microsoft .Net framework and MDAC 2.7. It also needs at least 512 MB RAM to run efficiently. An existing user-account on Exchange will be given administrative rights.

Advertisment

Once installed, SpamKiller creates a User Group by the same name in your Windows 2000 server's Active Directory. You then have to manually add to it, all users whose mailboxes have to be watched by SpamKiller. These users can then create their own blacklist and white lists of email ids using SpamKiller's web interface.

Here, the good thing is that you can use wildcards with email domains like *@pcquest.com. This would block or allow all emails coming from this domain, a feature useful to prevent newsletters from getting blocked. These lists override the global settings for that specific user.

SpamKiller automatically adds each user's address book contacts present on the Exchange server to their white lists, and keeps them synchronized.

Advertisment

SpamKiller has many pre-configured rules and it uses heuristics to score each message targeted at the users' mailboxes. The rules are regular expressions written in Perl that help trap cleverly disguised and variations of the same spam messages like one with 'F!R!E!E!', and another with F.R.E.E. Each rule has a score associated with it, positive or negative, depending on its headers, content and the system/user's blacklists and white lists.

Heuristic analysis involves internal tests the software performs to check the likelihood of spam mail. This also reduces the occurrence of false positives.

Once a message exceeds a threshold score (by default it is 5, can be changed, max supported 100), a Junk folder is created in the user's mailbox and the message is transferred there.

Advertisment

No messages are deleted. There's also a System Junk Folder where messages with a default spam score of 15 (you can change this as well) go. The administrator user can view and manage both the System Junk Folder and the users' junk folder.

The company currently supports only Outlook as the mail client as that is well integrated with Exchange. Which means, you won't see Junk Folders in other mail clients like Outlook Express, Eudora etc.

However, you can choose to tag spam mails with ***Spam*** or whatever else you want and advise other mail client users to create filters that would transfer spam-tagged messages into a user-created junk folder.

Advertisment

You can't modify existing rules, but can add your own rules. There is some help available with the software to frame the rules correctly based on Perl regular expressions, but McAfee does not offer support for user-defined rules.

This is apparently because rule-creation requires a fair level of proficiency in Perl and custom-rules can adversely affect the software's performance if not written properly. The rules are self-tuning and adjust rating for messages coming from known senders.

The version we reviewed does not support upgrades to the software, though as per vendor-response, new versions expected by the end of the year will support upgrades. In our tests, we found the software trapping about 80% of the spam and improved in performance over time.

Advertisment

The spam messages can have additional x-spam-report headers attached that are helpful in understanding how the software has scored the message. Though detailed, this report is available as part of the Internet Headers visible through Outlook and has to be checked for each message individually.

SNAPSHOT

Price : Rs

1500 for up to 26-50 nodes 
Key

Specs
: Heuristic

spam detection, self-tuning rules database
Cons : Supports

only Outlook with Junk Folders, no upgrades for this version
Contact : Network

Associates, Mumbai.
E-mail : annette_castelino@nai.com 

A good product, which learns the kind of spam your organization gets, and

improves its performance over time. One crib is the lack of upgrades for the

product.Â