• United States

Cloudmark’s community of interest

Mar 04, 20043 mins

* Why Cloudmark is cool

I don’t often endorse a product, but I am so impressed by the anti-spam product I’ve been using for the last three months that I’m going to tell you about it.

Cloudmark SpamNet is an interesting approach to fighting spam for users of Outlook and Outlook Express. Because spammers, the lousy [expletives deleted], keep modifying their junk to evade automated filters, most anti-spam products have a relatively poor power-of-test. The power of a test is the ability to detect a phenomenon with low rates of false positives (in this case, incorrectly tagging ordinary e-mail as spam) and low rates of false negatives (i.e., incorrectly missing real spam and letting it pollute our in-boxes).

Systems that rely on a centralized source of information about the characteristics of spam must necessarily miss the newest types of spam. Delays in sending out updates of signatures or in updating the heuristic algorithms that can spot such new techniques result in false negatives – we see the spam. Overly restrictive rules annoy users by blocking legitimate traffic. In both cases, there is little that the user can do about the problems; most anti-spam systems are not set up to receive feedback from their users.

Enter Cloudmark. These folks, based in San Francisco, have harnessed the power of the peer-to-peer paradigm for good instead of for breaches of intellectual property. When one uses the SpamNet client software, one joins about 800,000 members of a worldwide community of users who can (and do) communicate in real time when they encounter a new false negative (a spam message that got through the filter) or a new false positive (something that got shunted to the spam folder but is actually not spam). If one unblocks two messages from the same user twice, the product politely asks if it should add that e-mail address to a whitelist (authorized senders whose mail will never be blocked). If a junk message gets through by mistake, then clicking on the “block” button sends information to the Cloudmark servers which can evaluate the input and use it to update all the other users immediately.

To prevent foolish or nasty people from corrupting the information base, the system keeps track of how reliable each user’s input is over the long run. If someone consistently marks messages as spam when they are in fact from, say, legitimate mailing lists to which they subscribed, their credibility rating is lowered. Future “block” messages are given less weight than normal. On the other hand, the more often someone is an early notifier of a new real spam message, the higher that person’s credibility score rises.

Now for the testimonial (begin crescendo on the pedal organ, please). First of all, Cloudmark lets you try the full production version of SpamNet free for 30 days. It took me only two weeks to scrap my previous anti-spam product, which simply didn’t do the job adequately, and subscribe to SpamNet. Secondly, the company claims 95% success rates; they’re being modest. In three months, it has checked 5,584 e-mail messages, stopped 2,017 spam messages and missed 93. That’s a 1.7% false negative rate. Now, those figures are counted by SpamNet; however, it doesn’t keep track of unblocking. My guess is that SpamNet has incorrectly blocked around 10 messages in all this time – around 0.2% false positive rate. Finally, it costs $4 a month.

As far as I’m concerned, it’s worth every penny.

Disclosure: I have no financial interest whatsoever in Cloudmark – I’m just a user.