We've all seen spam in one form or the other. If a recent study is to be believed, spam costs companies over $10 bn a month worldwide in system downtime and employee time lost that could have been utilized productively.
While we manually handle spam using the 'delete and move to next mail' approach, it becomes difficult to do so in many cases and one or more tools are often necessary to keep this menace in check. The job of handling spam can be done either at the server or the client end. While the former approach monitors and runs scripts on the server for all/several mailboxes/users that can be done by the system administrator, the latter is something that can be done by individual users for their own mailbox.
Let's look at some desktop spam-filtering tools for how they stack up against each other. But before that, let's understand some of the key concepts associated with this and the various techniques that these tools use to classify a mail as spam (or otherwise).
How tools classify spam
One way to classify mail is to have a central server to store information about known spam sending e-mail/IP addresses. The headers of the mail are checked against the data obtained from this server and if it matches, the mail is marked as spam. The server can be contacted every time the mail is checked, else you can configure software to download information about known offenders from the central server, say, once a week and keep a local copy for reference-similar to the virus definitions model. These lists are called 'blacklists', wherein the software knows that the moment a match occurs with one of these addresses, the mail can be classified as spam.
There are other software that need to be trained to classify them as spam. To begin with, they have no blacklist to match the mail against. You have to mark junk mail in your inbox as spam so that the software learns and then extracts information from such mail-like the sender ID and IP address to add to its blacklist. You can also tell the software explicitly what information to use from that e-mail, like blacklist this e-mail address, this IP address and this domain.