outlook express spam filter

I can’t open my e-mail inbox these days without being greeted by some racy subject lines peddling manhood enhancement programmes, manhood assistance drugs, promises of millions of US dollars to be transferred to my bank account from some persecuted high-ranking government official from a Third World country, promises of ready and willing college-going girls who would perform unmentionable acts via a Web cam, and news that I’ve become the winner of some lottery I never knew existed—now please send them a cheque. And that is with a spam filter in place. I can’t imagine what my inbox would look like without one, and I wonder if I could possibly get through a day’s worth of junk mail without going insane. Spam is a modern-day scourge, a blight on the face of the corporate landscape, and a disease we cannot hope to eradicate without resorting to brute force. While tackling spam has become our daily (and time-consuming) ritual, we found some spare time to be productive with our e-mail—and collaborated with Ferris Research, a US-based market and technology research firm specialising in messaging and collaboration, to investigate anti-spam technology used by Asian companies. Run by David Ferris and his merry team of 18 employees spread between San Francisco and London, the firm has worked with our sister publications in the US to conduct similar research on topics related to security and messaging. Messaging managers and IT staff responsible for running anti-spam systems in their organisations completed the survey, and Ferris Research posed a subset of the questions to those who identified themselves as end-users of anti-spam systems. The focus was kept on organisations in Asia-Pacific, most of which were in Hong Kong, Malaysia, and Singapore. While the anti-spam survey responses are undergoing intense scrutiny, (a big “thank you” to those who persevered through the questionnaire—hope you won that Apple Shuffle), the hard part has just begun: making sense of raw data. The team at Ferris Research will be making available the finished report exclusively to Network Computing Asia, and we hope to publish it as a feature story soon. Meanwhile, they have graciously consented to an early peek at very preliminary observations: 1. Anti-spam share by number of mailboxes: Trend Micro dominates this market, but is weaker in the small enterprise sector, which is led by Symantec and McAfee. 2. Trend Micro’s strength is clearly in large-to-medium organisations. Larger organisations are more comfortable with running the open source code, SpamAssassin. While this is a respected way to filter spam, it is usually harder to manage and to keep updated than many commercial products. (Note that many commercial products have SpamAssassin or elements of it at their core. Some vendors freely admit to this, others treat it as a “dirty little secret.”) 3. Overall Satisfaction/Reputation: When asked for their overall satisfaction, Sophos users were happiest, followed by users of Tumbleweed, McAfee, and Trend Micro. Users relying on Microsoft Outlook to filter their spam were least satisfied. 4. The vast majority of users experience no more than one false positive per day. 5. A typical false negative rate is five per day (i.e. a typical user has to manually delete five spam messages per day that were missed by the filter). 6. The larger the organisation, the more accurate the spam filter seems to be. 7. The most important customer criteria are: spam catch rate, vendor update speed and update quality. With that to whet your appetite, I hope it has given you a taste of what’s to come, and that you’re reasonably enthused by this. I understand that the analysts at Ferris Research are grappling with over 90 charts and tables (and counting), and valiantly coping with the unenviable task of cross-tabulation and so on. I wish them luck. As stated earlier, the above findings are preliminary, and Ferris’ final observations will hopefully delve deeper into what has been outlined. We’ll just have to be patient and wait. In the meantime, kindly excuse me while I return to my daily ritual: deleting spam.

How safe is your e-mail inbox?
Most Internet service providers are now offering protection against spam. E-mail programs such as Microsoft Outlook and Eudora include junk mail filters. But let's face it, none of them do a decent job of keeping these invasive e-mails from getting to us.
Even when we add the "iron-clad protection" provided by products such as Zone Alarm and Symantec's various products, some of the stuff still gets through.
Enter stage left Choice-mail ($39.95) from DigiPortal and Mail Manager ($29.95) from Chrysanth. Both of these products are designed to flag offensive e-mails and let you eliminate them with a single keystroke.
Choice-mail is similar to the e-mail protection offered by ISPs, such as Earthink. Simply put, you set up a "white list" of correspondents you want to allow into your mailbox. All others are "challenged" and receive an e-mail telling them to ask for permission to send you mail.
This gives you control over what gets through and what becomes stranded in cyberspace.
Other features of the program include:
_ It will work with virtually any e-mail program.
_ It doesn't set up a spam folder in your inbox, because the offensive stuff doesn't get through.
_ The registration process is "hack resistant."
_ It's easy to use, install and configure.
_ Suspected spam is put into a Junkbox so that you can review it. You can also set a limit on how long the mail stays there before it's eliminated.
Now, I wouldn't disillusion you and say every bit of spam is eliminated from your inbox, but Choice-mail does filter out a high percentage of it.
Mail Manager works a bit differently. With this product, spam never gets past your ISP because it seeks out and destroys the offensive e-mails on your server.
The process is simple: Mail Manager analyzes the e-mail, highlights the spam and you get to eliminate it before it's downloaded. It will also seek out and destroy e-mail that sometimes gets through because the spammer uses weird characters.
Among its other features are:
_ It alerts you when you have new e-mail with a "You've got mail" sound.
_ It alerts you when you have spam to review.
_ You can set it up to delete all forms of spam without having to review it.
_ You can view you e-mail before downloading it from the server.
_ It gives you control over what your e-mail program downloads, eliminating timeouts or your inbox repeatedly trying to download large files

Most users of ZoneAlarm Security Suite got an update notification this morning. Many probably went ahead and installed version 5.5.094.000. The problem? This version, like the earlier 5.5.062.011 update, spontaneously turns on the product's antispam filter. The main control panel still shows "Junk E-mail Filter" set to Off, but the filter is actually sending some messages to the Zone Alarm Junk Mail folder. ADVERTISEMENT
Like many antispam products, the filter gets better at distinguishing spam from valid mail after you've used it for a while. If you normally rely on a corporate filter or another antispam product, the ZASuite filter hasn't had any opportunity to learn. When it's turned on unexpectedly, with no training, you may find that important messages are getting flagged as junk mail. On one system we found that it had diverted four PC Magazine newsletters and two important messages from individuals at Microsoft before we noticed what was happening.
We reported this problem to ZoneLabs when it happened before, in February. Fortunately the workaround ZoneLabs supplied at that time still works: If you find that ZASuite is suddenly filtering your e-mail, here's what to do. Open ZoneAlarm's main control panel and turn the Junk E-mail Filter option On. Restart Outlook, turn the filter Off, and restart Outlook again. That should restore things to normal.

Unfortunately, in 2004, we saw increased collaboration among cybercriminals through organized crime rings and collusion between virus writers and spammers," said Gregg Mastoras, senior security analyst at Sophos Inc. "In 2004, we also saw financial motivation become the driving force behind spam and viruses. In response, legislators and the software community both increased attention on the problem. As the criminals use their ingenuity to get past our safeguards, we as a community must use ours to improve technology, increase user awareness and reduce the profitability of their ventures." Sophos's worldwide network of virus and spam labs have identified a number of new trends in 2004. The Virus Landscape -- Sophos researchers have identified 10,724 new viruses so far in 2004, a 51.8% increase in the number of new viruses, bringing the total viruses in existence to 97,535. Of these, Netsky variants accounted for 41.6% of all viruses reported to Sophos, capturing an unprecedented five of the top ten slots on this year's Top Ten round-up. The top ten viruses of the year are as follows: Name Percentage First seen 1. W32/Netsky-P 22.6% MARCH 2004 2. W32/Zafi-B 18.8% JUNE 2004 3. W32/Sasser 14.2% MAY 2004 4. W32/Netsky-B 7.4% FEBRUARY 2004 5. W32/Netsky-D 6.1% MARCH 2004 6. W32/Netsky-Z 3.7% APRIL 2004 7. W32/MyDoom-A 2.4% JANUARY 2004 8. W32/Sober-I 1.9% NOVEMBER 2004 9. W32/Netsky-C 1.8% MAY 2004 10. W32/Bagle-AA 1.6% APRIL 2004 Others 19.5% -- German teenager Sven Jaschan, who wrote both the Netsky and Sasser worms, is responsible for more than 55% of all virus reports in 2004. Jaschan was apprehended and confessed to his involvement in May 2004, but his worms continue to spread. In November 2004, eight months since its original discovery in March, Jaschan's Netsky-P worm was still the world's most widely reported virus. -- Mobile viruses continue to pose minimal threat to the enterprise, despite an increase in "proof-of-concept" experiments. 2004 Spam World -- The United States continues to lead the world in spam, accounting for more than two of every five spam emails. Despite CAN-SPAM legislation and the Operation Web Snare crackdown in August, where the Department of Justice arrested over 150 people in connection with online computer crimes, US computers originated over 42% of all spam, more than three times the amount from the second largest spamming country, South Korea. The top ten spamming countries are as follows: Country Percentage 1. United States 42.1% 2. South Korea 13.4% 3. China (& Hong Kong) 8.4% 4. Canada 5.7% 5. Brazil 3.3% 6. Japan 2.6% 7. France 1.4% 8. Spain 1.2% 9. United Kingdom 1.1% 10. Germany 1.0% Others 19.7% -- Spammers on average change their domain every two days now, as compared to every week three months ago. In 2004, spammers became more inventive using new obfuscation techniques, rotating domain names and hiding their domain owner information. In the past 12 months, the speed at which they use new techniques has gone from weeks and days to hours and minutes - soon it will be seconds. This accelerated spam activity now requires constant spam operations with analysis and research at every hour of the day. -- A number of new spam campaigns made their debut in 2004, widening the content beyond the typical prescription drug and mortgage application emails. According to the Anti-Phishing Working Group, in October alone, phishing campaigns hijacked more than 44 brands worldwide. New 2004 spam campaigns included: -- Work from home/prepare to succeed -- Training courses and well-paid jobs in financial sectors -- Rolex and other counterfeit products -- Religious spam that urges users to convert Changing Universe: Combined Threats * Cybercriminals are involving innocent users in a wider variety of scams Unprotected users are at risk at unknowingly abetting crimes through remote control and use of their computers. Over 40% of spam comes from PCs that have been hijacked by viruses. Some worms have used armies of zombie computers to launch distributed denial of service attacks against websites such as SCO, Microsoft, Kazaa, 10 Downing Street, the Pakistani government, RIAA, online betting websites, anti-virus and anti-spam companies. In addition, phishers are recruiting mules in complex money-laundering schemes through legitimate seeming requests. -- A new generation of phishing was identified, which used Trojans to steal personal information from users visiting legitimate sites. From phishing emails that warn consumers of phishing to money laundering rings, phishing scams have become both more elaborate and more graphically realistic in 2004. Most worrisome, however, are a new generation of phishing attacks that wait for users to visit real banking websites before surreptitiously monitoring and secretly recording the login process through Trojan horses. -- Despite an increase in law enforcement, the volume of threats, such as viruses and spam, continues to rise. 2004 heralded a significant increase in arrests in both the virus and spam communities. Well-publicized arrests include Jaschan and the US Department of Justice's "Operation Web Snare" in August, where more than 150 people were either arrested or convicted in connection with online computer crimes. Unfortunately, this is but a small fraction of the perpetrators in existence, and some criminals, such as Jaschun and 29A virus-writing gang member Marek Strihavka, are being rewarded by security companies who employ them after their arrests. Worryingly, Sophos also reports a continuing need for a formal framework allowing disgruntled computer users to report virus infections or spam easily. Despite legislation, no government has the resources or the infrastructure to effectively and efficiently process public complaints and warnings. "In looking back at 2004, users and security professionals might become overwhelmed with the sheer volume and insidiousness of this year's threat analysis," warned Mastoras. "But we all need to remember: with proactive protection through user education, anti-spam and anti-virus technologies, as well as constant vigilance, we can mitigate the impact of these threats. In 2005, organizations will not only need to strengthen their corporate policies to achieve this proactive protection, but also to take advantage of technology to ensure the enforcement of such policies." Continued Mastoras, "In 2005, we're going to see more mass-mailing worms like Netsky and Bagle. Spammers will keep on spamming. All of these criminals will continue to collude and create inventive attacks. But by working together, the security industry, the government, the business world and the public at large can all find ways to make these attacks less profitable and less impactful, thus lessening the draw for these criminals."

Friends can help friends block spam -- or at least their computers can. So says a University of Florida computer engineer who has pioneered a new approach to zapping the junk e-mail that slows productivity and poses an increasing security threat to computer users worldwide. With colleagues at the University of California-Los Angeles, Oscar Boykin, a UF assistant professor of electrical and computer engineering, has simulated a system that taps a user’s "social network" of friends and colleagues to root out spam. Current antispam software blocks incoming spam by matching keywords or images with previously identified spam. A computer outfitted with the proposed system would first check incoming messages with its own anti-spam software -- then, if no match were found, automatically check it against the software on the "trusted" computers among a user's circle of regular contacts.
“Your software would classify the message when it could, but when it couldn’t, it would query your ‘network of trust,’ in effect asking ‘do you know if this message is spam or not?’” Boykin said. Boykin and Vwani Roychowdhury, an electrical engineering professor at UCLA, have co-authored two articles related to the proposal in recent months. The first appeared in April in the journal Computer, published by the Institute of Electrical and Electronics Engineers. The second, also co-authored by UCLA doctoral student Joseph Kong and available now at http://www.arxiv.org, is slated for presentation at the Second Conference on Email and Anti-Spam at Stanford University this summer. Spam constitutes more than two-thirds of all e-mail, accounting for billions of messages daily. An increasingly annoying and expensive time-waster, spam has also become more threatening in recent years with the advent of “phishing” -- when criminals use false e-mail to dupe people into revealing personal financial data. Such crimes accounted for $2.4 billion in fraud affecting nearly 2 million people in 2003-04, according to a 2004 survey by the research firm Gartner Inc. Boykin said he got the idea for the social approach from an insight that his e-mail records contain consistent patterns that can distinguish friends and colleagues from spammers. For example, unlike spammers, normal users usually e-mail one or maybe several people, not hundreds or thousands, and they typically receive e-mails in reply. “There is a very striking difference in the parts of the e-mail network that were associated with spam versus those that were just normal communication,” he said. He and Roychowdhury realized that software could be developed that takes a page from peer-to-peer networks to exploit these already established networks of friends and acquaintances. Unlike client-server models, in which a central computer serves a community of users, peer-to-peer networks link users directly with one another. Instead of sharing music -- perhaps the most well-known peer-to-peer activity -- the proposed software would silently share information with its “friends” on the network. “Rather than searching for music, your software would send queries across the network in search of other trusted computers that have already identified a message as spam,” he said. He and Roychowdhury created mathematical models and a computer simulation of the system. They found that the more users the system included, the more spam e-mail it could detect. Boykin said that points to the system’s main challenge: To be effective, it would have to be widely used, which would require extensive marketing and high public confidence. Developing the software to make the system a reality, on the other hand, is not a difficult challenge, Boykin said. Bill Yerazunis, a senior research scientist at Mitsubishi Electronics Research Laboratories in Cambridge, Mass., and an expert on spam, said the UF/UCLA research is “well-founded” and that there is a “good chance” the system would work well. He said a potential shortcoming is that sharing information about incoming e-mail might present a security problem. “You have to trust your circle of friends’ computers to see your incoming mail stream but not compromise the possibly highly personal e-mail you get,” he said.

IBM today introduced new anti-spam technology to help companies reduce the cost and security risks associated with spam and make existing spam filtering solutions more effective. Dealing with spam is costing businesses a significant amount of time, money and system resources. In addition to loss of workforce productivity, spam has become a vehicle for identity theft and propagating viruses and worms that can be devastating to company reputations and IT systems.
Developed by IBM and dubbed FairUCE ("Fair use of Unsolicited Commercial Email"), the new technology helps filter and block spam by analyzing the domain identity of an email -- using built-in identity management capabilities at the network level. FairUCE is able to establish the legitimacy of an e-mail message by linking it back to its origin -- thereby establishing a relationship between an e-mail domain, e-mail address and the computer from which is was sent. Since IP addresses are fixed and cannot be changed, FairUCE can identify if the messages are arriving from a zombie computer, bot device or legitimate email server. Unlike spam filters, which identify spam by scanning the content of every email message entering the network, FairUCE blocks and eliminates spam from spammers who assume false identities to hide who they really are. The new solution effectively minimizes the growing threats of phishing and spoofing - tactics used to trick people into disclosing information that can lead to identity theft. Content filtering also heavily taxes IT systems, siphoning off bandwidth used for business needs. IBM's new FairUCE spam technology can help customers identify potentially harmful traffic much earlier -- before it affects their networks. The February IBM Global Business Security Index -- the monthly report that measures the global security threat landscape -- found that spam has actually decreased from 83.11 percent in January to 76.3 percent in February -- a decrease of seven percent.(1) Despite the decrease, spam continues to be a major headache and tax on IT staffs worldwide. "Spam has become a high priority security issue for businesses today," said Stuart McIrvine, director of corporate security strategy, IBM. "By creating a multi-layered defense that proactively repels spam at its source, companies can get ahead of spammers and malicious hackers who are always looking for new ways of penetrating IT systems through email." Highlights from IBM's Global Business Security Index report for February 2005: -- Spam -- during February, IBM Security Intelligence Services found that 1 in every 1.3 (or 76.0 per cent) emails was identified and intercepted as spam, and 1 in every 46.1 (or 2.2 per cent) emails was stopped for carrying a virus, trojan or other malicious content. -- Microsoft vulnerabilities -- on February 8, Microsoft announced a number of vulnerabilities in Windows, Internet Explorer, and other applications. One of the most serious vulnerabilities announced was in the Server Message Block (SMB) protocol used by most Windows systems. To exploit the vulnerability, an attacker could trick the user into visiting a malicious URL or could also send malicious SMB traffic to vulnerable systems. IBM recommends businesses use patches to fix the vulnerabilities. -- Malware outbreaks -- in February, a new variant of MyDoom and a new strain of malware -- Poxdar -- appeared. MyDoom spreads via email, while Poxdar seeks to exploit a number of Microsoft Windows vulnerabilities. IBM recommends that businesses update antivirus signatures and solutions to address these variants.

Combined introduction of personal Junk Mail Manager, Rapid Anti-Virustechnology and MailHurdle appliance helps customers to better address shifting security landscape SUNNYVALE, Calif., May 3 /PRNewswire/ -- Mirapoint, the messaging experts,today announced significant enhancements to its award-winning line ofRazorGate email security appliances that helps customers address the evolvingthreat landscape by deploying a next-generation, tiered architecture for edgeprotection. The combined introduction of the new Mirapoint Junk Mail Manager,Rapid Anti-Virus(TM) technology and MailHurdle appliance(TM) providescustomers with more complete, effective and manageable protection to securetheir number one application -- email. -- Junk Mail Manager works with any existing email server, including Microsoft Exchange, to provide uniquely flexible end-user controls for managing false-positives by keeping spam out of users' inboxes and quarantining unwanted traffic at the network edge. -- With hundreds of new viruses emerging each year, Rapid Anti-Virus technology helps customers minimize their exposure and risk from these malicious code threats during the critical first minutes of an outbreak. -- For customers with an existing security investment, the MailHurdle appliance complements these solutions and intelligently stops up to 80% of spam and virus messages at an SMTP connection layer before valuable resources are wasted and traditional filtering techniques are applied. Per-User Control with Junk Mail Manager In a recent survey Mirapoint conducted in the United Kingdom, 66% ofrespondents said that legitimate email they should have received had beenblocked by a spam filter -- known as false-positives in the industry. While51% of the respondents said time wasted was the most significant repercussion,42% acknowledged having missed important deadlines as a result of lostmessages. Junk Mail Manager leverages Mirapoint's expertise that spans thecomplete messaging lifecycle, including routing, storage, access andmanagement. As one of the only vendors with a single box solution for junkmail management, Junk Mail Manager addresses the evolving spam landscape &false-positive factor with individual quarantine mailboxes deployed on theedge security appliance. This architectural approach reduces the load on thecore mail server and network, thereby boosting overall performance andresponsiveness of the message network. Junk Mail Manager helps manage storageand eases the administrative burden by integrating per-user controls likewhite/black lists and content filters, as well as automatic message aging toauto-expire quarantined email. Designed to complement any existing mail server, Junk Mail Manager workswith traditional desktop clients like Outlook or iNotes by delivering summarydigests of quarantined messages directly to the inbox. Users can then viewcaptured messages, as well as self-manage what ultimately gets delivered totheir inbox. An intuitive web-based interface is also provided with Junk MailManager, so customers can securely log into their quarantine from any Internetbrowser and manage their email. Real-Time Protection with Rapid Anti-Virus Technology To complement Mirapoint's existing signature-based approach to virusfiltering, the Rapid Anti-Virus technology adds an additional layer of real-time protection. By using information collected on a global basis from networkprobes to address emerging threats, Rapid Anti-Virus helps customers identifyviruses in minutes from ground zero of an outbreak. In comparison, signature-based approaches alone often take up to 24 hours to get updated before theystart protecting an organization's network from attack, which is often toolate to affect the initial peak in message volumes associated with an emergingvirus propagating in the wild. Rapid Anti-Virus is based on the Zero HourVirus Protection technology licensed from Commtouch. "Commtouch is excited to expand its relationship with Mirapoint and enablea next-generation of real-time virus protection for its customers," saidGideon Mantel, CEO of Commtouch. "With the ever-growing and mutating virusthreat, Commtouch has a unique approach with the Zero Hour Virus Protectiontechnology for addressing outbreaks faster and more proactively thantraditional anti-virus signatures."

Research Shows Spammers Adapting to Authentication Protocol, But Widespread Enterprise Deployment Will Help Prevent Phishing and Spoofing. CipherTrust, Inc., the leader in messaging security, today released the findings of its latest analysis of real-world e-mail messages sent between May and August collected from companies worldwide which use IronMail, CipherTrust’s award-winning messaging security appliance. The analysis is focused specifically on the deployment rate and effectiveness of the Sender Policy Framework (SPF) e-mail authentication protocol. Most noteworthy is definitive evidence that SPF is not effective in identifying spam; however, e-mail authentication protocols like SPF do in fact prevent spoofing and phishing attacks.
In fact, according to CipherTrust’s research, 34 percent more spam is passing SPF checks than legitimate e-mail because spammers are actively registering their SPF records. In short, as long as spammers comply with the protocol by not spoofing the sender address, their messages will not be stopped by SPF. E-mail authentication does not determine whether a message is “good” or “bad,” but simply verifies that the sender is who it claims to be. CipherTrust’s research finds that a spam message is three times more likely to pass an SPF check than it is to fail it. Therefore, organizations cannot rely on such techniques alone to fight the spam epidemic, but should include e-mail authentication as part of their fraud and spam prevention arsenal. CipherTrust’s recent study also reveals the number of Fortune 1000 companies deploying available e-mail authentication protocols has increased by nearly 200 percent since May. CipherTrust recommends that companies and their e-mail security providers take necessary steps to actively participate in the deployment of e-mail authentication protocols such as the Sender ID Framework, which resulted from the merger of SPF and Caller ID, an e-mail authentication protocol proposed by Microsoft. Further details about CipherTrust’s recent study can be found at http://www.ciphertrust.com/spf_stats . Paul Judge, chief technology officer at CipherTrust, explained: “There is some bad news and good news about e-mail authentication protocols. First the bad news: these protocols alone are not effective in identifying spam because spammers are doing what they always have – adapting in order to circumvent measures aimed at stopping spam. The good news is the largest organizations in the world are recognizing the importance of e-mail authentication because it is very effective at stopping spoofing and phishing attacks. The rollout of the latest protocol, Sender ID, is led by strong industry collaboration, and will result in widespread deployment and success in the fight against spoofing and phishing.” As the leading messaging security provider with 30 percent of the Fortune 100 among its customer base, CipherTrust has been extremely active in its support of e-mail authentication protocols over the last 18 months. In fact, CipherTrust’s Dr. Judge served as founder and chartering chairman of the Internet Research Task Force’s Anti-Spam Research Group (ASRG) in March 2003, out of which the original proposals leading to SPF were borne. Less than one year later in February 2004, CipherTrust became the first e-mail security vendor to incorporate SPF into its product, and pledged on May 26 to support the Sender ID Framework. In order to protect its customers from spoofing and phishing attacks, CipherTrust’s IronMail currently incorporates SPF as one of more than a thousand characteristics to identify unwanted messages, and will do the same once Microsoft’s Sender ID Framework protocol is available. CipherTrust regularly monitors and analyzes traffic running through the nearly two thousand IronMail appliances deployed in the field to ensure customers are protected against new and innovative threats. Unlike some other research efforts, which use "spam traps" to lure and analyze e-mail messages, CipherTrust's research team analyzes spam messages targeting leading companies worldwide which are caught by the award-winning IronMail messaging security solution.

Thunderbird 1.0 is Mozilla’s next generation e-mail client. Thunderbird makes emailing safer, faster, and easier than ever before with the industry’s best implementations of features such as intelligent spam filters, saved search folders, builtin RSS support, privacy protection and much more. The Mozilla Foundation, a non-profit organization dedicated to preserving choice and promoting innovation on the Internet, today announced the worldwide availability of the Mozilla Thunderbird 1.0 email client. Thunderbird focuses on new features and settings to help stop spam and prevent viruses, the two biggest problems facing email users today. Mozilla Thunderbird follows last month's highly successful release of Mozilla Firefox 1.0 that has been downloaded by over nine million users.

Spammers get e-mail addresses from a variety of sources, Laplante says. "Robot" harvesters traverse the Web and collect e-mail addresses posted on Web sites. Spammers share email lists with each other and obtain legitimate lists under false pretenses. They can randomly generate e-mail addresses too -- all they need to know is the domain name (e.g. "anywhere.com") and they can create random combinations of user IDs until they hit real users. "Anytime you give your e-mail address in exchange for free information posted to the Web it becomes fair game for the spammers," says Laplante. "Finally, even when you give your e-mail address to a legitimate correspondent or business partner, it might inadvertently end up in the hands of a spammer." Even though spammers know that most recipients delete the e-mail without reading it, and that spam filters and bad addresses keep many of their e-mails from reaching their intended targets, spamming can still be very profitable. Sending spam isn't free -- there are costs involved in obtaining the addresses, preparing the lists, sending the e-mails, supporting the spam site, etc. -- but the cost of doing so is quite low, probably around 1/100 of a cent per e-mail sent. If only one e-mail in 100,000 yields a successful business transaction, depending on the product, the profit can be significant. So, how do you stop getting so much spam? Well, there is no way to prevent spam completely, says Laplante. This is an "arms race" and the spammers develop counter-measures for every new technique developed to stop them. But you can reduce spam by taking a number of precautions. First, use and aggressively maintain whatever spam-blocking feature your mail client provides. Microsoft Outlook has a pretty good spam filter if you maintain the rules database faithfully. There are commercial spam-blocking products, too, and some freebies, but this is not the place for an analysis of these. Also, stop giving away your e-mail address so freely. If you don't have to give your e-mail address in exchange for "product updates," don't do it. Be careful how you post your e-mail address to your Web site. If it is posted in text format, a harvester will eventually grab it. You can embed your e-mail address in an image -- this makes it nearly impossible for a harvester to find it. Finally don't ever buy a product introduced to you via spam. If the economics didn't work out for the spammer, they would stop doing it. Unfortunately, there are always suckers out there who can't resist a "bargain."

Steve Havert, owner of technology-services firm Expetec of south Orange County, offers these five tips to ...
1Have a firewall. A firewall is simply a device that prevents hackers from gaining access to your company network. For small companies, use a broadband router, like those made by Netgear, Linksys or D-Link, that has a firewall built in.
2Use an anti-virus program and keep it current. Any of the popular brands will work (e.g. Norton, McAfee, etc.). Renew your subscription every year or upgrade to the latest version. Make sure that your computers are automatically getting the latest virus definitions.
3Get Microsoft Windows and Office updates. Microsoft has introduced significant security improvements in Service Pack 2 for Windows XP that can be updated for free. Older versions of Windows are more susceptible to spyware and Internet worms. Consider upgrading PCs to Windows XP.
4Use anti-spyware and anti-spam programs. Microsoft offers a free anti-spyware program for Windows 2000 and XP. Many Internet service providers (e.g., Cox Communications, AOL, etc.) offer complimentary anti-spam services. If your provider doesn't, there are spam filter programs that work with Outlook and Outlook Express.
5Secure your network. A firewall won't protect you if a hacker can figure out the password. Make sure your computer technician has changed the default password on your router. If you have a wireless network, make sure it is using WEP or WPA encryption to prevent unauthorized access.