- A new version of Symantec's gateway anti-virus product adds features that will block spam email messages, according to the company.
The new antispam features are included in Version 3.1 of the AntiVirus for SMTP Gateways, an email security product targeted at large enterprises that relies on a multilayered approach to fighting the spam problem, Symantec says.
The new anti-spam features are a heuristic scanning engine that uses neural-network technology to spot spam email messages, support for checking against multiple real-time blacklists of known spam sources, customised spam "whitelists" for authorised sources, and subject line filtering.
The combination of blacklists with heuristics is the key to the new software, Symantec says.
While anti-spam software that relies on blacklists, or "signatures," often react too slowly to rapidly changing spam formats, those that rely purely on content analysis using heuristics can produce high numbers of false positives or false negatives, Symantec says.
Messages that are flagged by the product will be forwarded to a predetermined administrative email account, but the product does not offer mailbox or server level quarantines for suspected spam, the company says.
The combination of blacklists and heuristics, along with more traditional strategies like subject line filtering should help companies stem the tide of unsolicited email messages that arrive at their email gateways each day, Symantec says.
The new product allowed Ferguson Enterprises of Newport News, Virginia, to ratchet up how it deals with spam, says Brett Roquemore, senior LAN administrator at Ferguson.
Ferguson, which is the world's largest supplier of plumbing products, has been using the updated version of AntiVirus for SMTP Gateways product for about six months.
Deployed on a Microsoft Windows 2000 server, the Symantec product handles all of Ferguson's incoming SMTP (Simple Mail Transfer Protocol) traffic and replaced an ad hoc antispam system based on subject line blocking and firewall rules to stop messages from known spam subnets.
During that time, the company has moved from stopping a couple hundred spam email messages each day to stopping 5000 or more spam messages, Roquemore says.
In addition to the heuristics engine, Ferguson filters incoming messages through three public DNS (Domain Name System) blacklists using the RBL feature, including the Spamhaus blacklist, Roquemore says.
Two other DNS databases provide cover for as many sources of spam traffic as possible. Information on those DNS blacklists and others were obtained for free online, Roquemore says.
Tight integration between anti-virus and anti-spam features in the new Symantec version make it attractive, especially compared with the cost and complexity of implementing competing products that require separate servers for scanning email for virus protection and for spam, Roquemore says.
Still, the company would like to see some new features in the product.
Among other things, Roquemore would like the ability to automatically take action on email messages that cross a certain threshold. For example, dropping messages that are tagged as 100% matches for spam, while forwarding lower percentage matches for review.
Symantec AntiVirus for SMTP Gateway 3.1 is available immediately.
For networks of 10 to 24 workstations, Symantec AntiVirus for SMTP Gateways is available for $1US5.30 per seat. For networks of 100 to 249 workstations, the product costs $US13.10 per seat. Networks of 2000 or more workstations are charged $US10 per seat, according to a Symantec spokeswoman.