Old friends - MPP and SpamAssassin

Despite the fact that all MPP antispam plug-ins out-perform and are far more efficient than SpamAssassin, many MPP users still use SpamAssassin in their antispam arsenal. MPP has many advantages for use with SpamAssassin and I thought I would articulate a few in this blog post.

• Quarantine Management - MPP has an excellent quarantine and archive manager that can be customized and translated and adapted for any application. MPP quarantine management for SpamAssassin is great for service providers because it is multi-domain and supports many different authentication schemes.
• Amavisd replacement - Amavisd is great for super-power users, but for the rest of us it can be complicated, slow and resource hungry. MPP is easy to manage and deploy and offers many features and options not available in AmavisD including GUI management, Archival, Attachment Stripping and much more. MPP is much faster than AmavisD, and even though SpamAssassin is still a horrid performer, MPP will make SA feel faster.
• Scaling SpamAssassin - MPP has native load balancing algorithms to load balance across multiple instances of spamd, either remote or locally.
• Layered spam protection-  MPP effortlessly combines commercial spam scanners with SpamAssassin.
• Familiar options like score reports, header/subject marks, spam symbols and more

So here are just a few of the many ways that MPP makes SpamAssassin easier to use, easier to manage and easier to integrate. MPP has been working with SpamAssassin from the beginning, like an old friend who’s sort of a pain in the ass, but is a cheap date, pretty fat and always a good laugh.

Technorati Tags: spamassassin, email security, antispam

Think Microsoft is Bad? You’ve seen nothing…

I have been tossing this idea around for a while, boring whoever would listen to me and scaring people who think I may be a little nuts. I have tried to write a blog post about it but I have not found the right context until today. The fundamental idea is that if you think that the MSFT or long forgotten IBM monopolies were bad for competition in computing, you haven’t seen anything until you see the beast that Google could be. Without severe vigilance by anti-trust forces or radical changes in market dynamics Google is set to make any other monopoly in computing look like a child’s board game.

So first, the context. The context is an article on the front page of the Wall Street Journal today (Feb 25, 2008) regarding European antitrust chief Neelie Kroes’ attitude towards Microsoft’s promise of sharing more information with rivals. Her assertion, according to the article, is that we have seen these promises from MSFT before, but nothing really comes from them. The EU is not going to back down until there are real changes in how MSFT shares information with rivals. My thought is when is Ms. Kores going to start thinking about Google?

Google controls how more people view the Internet than anyone in the world. Google nearly processes more email, both personal and business, than anyone in the world. Google serves more Internet video than any single entity in the world. Basically Google controls the content of the Internet and if you aren’t good to Google, you are going to be buried in Internet anonymity. If you pay to play then you will be rewarded with lots of traffic, but at a high cost.

In the old days you could simply create good, relevant content and Google would rank you pretty high in searches That era went away quickly though and the new method to drive traffic was to feed Google was with bogus landing pages and other SEO tricks. This soon changed and now the main way to drive traffic is via buying or displaying Adwords. Of course, a hot story, good buzz, good PR, good sex, good pictures, a good joke, etc. can always spike traffic, but in terms of permanent trending, buying adwords has become an essential tool to every web master and if you stop paying Google, your traffic will plummet. I see this effect regularly on our site, http://messagepartners.com, when our adword subscriptions pause.

On the surface that sounds like simple good business for Google. But if you dig even a little you will see that it is far more insidious than it seems. Fraud is heartily supported by Google and click farms and search landing pages drive the price of adwords sky high while punishing legit businesses that can’t compete with the click farmers. Try a site like http://citinbank.com/ or http://spamware.net/ and you’ll see what I mean. These sites have zero informational value, they are just click farms that trick unsuspecting users. Google loves them though, they drive up legit businesses ad costs through the roof while making money for Google and the site operator for benign clicks. It is hard for an average person to see that these sites are causing such problems because it doesn’t cost the surfer anything to click on a link, but those clicks cost legit businesses plenty and put huge amounts of money in Google’s pocket. Our adwords for messagepartners.com that used to be in the range of .25 to $1.20 a click are now well over $5.00, far out of our league and far more than they are worth for our type of site in my view. It is my view that these prices are driven largely by click fraud or artificial auctions on Google’s part, but since adwords are blind auctions, there is no way that I can ever know who I am bidding against. Message Partners is one small business that can not afford adwords any longer, but when you multiply this effect by the hundreds of thousands of small businesses who see their costs sky rocket from Google sponsored fraud and secrecy you can see the damage that this causes. The supposedly level playing field that the information age should bring is really just a rehash of the same old pay-to-play business models that were offered in TV, Radio and other media. If Google is controlling the flow of information to the highest bidder then the payoff of the Information age for consumers is questionable.

I am not aware of studies that show how search rankings fall when adword dollars stop, but they are certain to come. It is only a matter of time until some business with enough money and interest will capture the interest of regulatory bodies to make Google open up their search and adword price algorithms to show that high paying, politically correct, or Google favored sites aren’t given preferential treatment under the guise of neutrality. Google takes the approach of the benevolent wizard behind the curtain driving all of this web traffic, but with all of the billionaires that Google created, including individuals, Stanford University and VC firms, are we really suppose to totally trust Google and believe that benevolence and not immense greed is driving Google?

Beyond web surfing, Google has fast moved into the email space. In five years they moved from a techy niche player to a major force in both consumer and business email. Between GMAIL and their Postini acquisition Google is handling a sizable percentage of global email traffic. They found an insidious way to monetize personal email with adwords related to your personal communication content and who knows what their plans are for their business services to capitalize on the content of your email? My guess is optionally eliminating subscription fees and putting content based ads in the signatures of emails. While it is easy to draw parallels between Hotmail and Yahoo, neither has found a way to monetize your email content in such an insidious way as Google does by actually analyzing your emails content. Adding signatures to emails as MSFT does is far more transparent than all of the data mining and monetization that Google does with your personal email. If Google does start with my theorized content based signatures then the privacy invasion and monetization of your internet habits have only continued.  On another not it is worth noting that Google is already behaving in an anti-competitive way with free email hosting for small businesses so the seeds are definitely there for foul play on Google’s part.

The video space is slightly more difficult for Google because media companies seem to be far better funded and aware of the danger that Google’s information monopoly poses to their business models and to copyright holders. Google is not finding it nearly as easy to monetize on video content and copyright laws are serving their purposes of protecting the rights of owners.

Of course the billionaires of Google want copyright laws thrown away, but it is a tough sell. Of course they want to put all of the worlds libraries in their search engines, but why should so many authors toss away their rights so Google can monetize their work?

So to sum up my view, if one company controls what you surf, what you see, what you hear and what you send on the Internet then there is a large potential for abuse. This is information control on a scale never before seen and if this company is motivated by greed under the guise of science or if it unintentionally makes bad choices there can be very severe costs to consumers, businesses and the flow and sharing of information. If Google decides what you see, are we really better off than the pre-Internet days?

Technorati Tags: google, antitrust

My Date with Virtumond

Spent the weekend cleaning a computer of Virtumond and tons of other spyware, bots, trojans, backdoors and various crap that an unprotected Windows PC can suck in. Here are a few observations.

First of all, antivirus vendors are really in the dark with spyware. Nod32 happily let Virtumond totally infect the machine along with about 20 other spyware related malware’s. To their defense, the updates were a few weeks old, but the license was valid and Virtumond has been out since 2005, so there’s really no excuse. F-PROT could detect it but couldn’t remove it. They were able to stop it from executing most of the time, but it was still able to execute at times.

Secondly, commercial spyware and spybot programs weren’t a hell of a lot better. Adaware detected Virtumond but couldn’t remove it nor stop it from executing. Adaware did find and remove about 20 other problems, but even after it was finished, Spybot found plenty of issues (free) and SpyHunter by Enigma Software found tons more, even after both of these were done. None of them could remove Virtumond though.

After Adaware, Spybot and Spyhunter finished, F-PROT was able to find some backdoor’s that remained, but still none of the quartet could fix Virtumond. I found a Symantec utility that claimed it could do the trick, but 20 minutes into it’s job I finally found a utility that a laman wrote, Vundufix.exe that did the trick faster than Bill Clinton can stain a dress.

I found it amazing that all of the computer scientists at Frisk, Lavasoft, Enigma, Spybot and Symantec could not do the job that one guy did with his utility that ran in about 20 seconds. There are many conclusions that one could draw - about the power of the Internet that I could find this one guy’s small program or the power of community in the after-days of hyper-investment in the computer security world, but the only conclusion that I draw is that is a great thing to to thank the guy that wrote Vundufix.exe and wish him well. The next time I am cleaning spyware I am going to spend a lot more time learning before I plunk down $40 for software that can’t do what it claims, such as SpyHunter and Adaware and I suggest you all do the same.

Technorati Tags: virtumond, spyware, adaware, spybot, enigma software, lavasoft, spybot

• Recent Posts

  • A New Era for Email Security Appliances?
  • Introducing MPPxpress
  • Search AmavisD and Postfix Mailing Lists with MPP!
  • The end-user view of Antispam
  • Email Archive Improvements

• Categories

  • MPP Releases and Fixes
  • News and Tidbits
  • Opinions on Email Security
  • Podcasts
  • Spam Wisdom
  • Uncategorized

• Archives

  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006

• Links

• Meta

  • Register
  • Login
  • WordPress
  • XHTML