A Review of NUCEM
Feb 26 '03
The Bottom Line A killer app for spam e-mail, it not only filters it out, it fights back. Automates the tedious investigative tasks that dedicated anti-spammers perform manually.
Software: Nucem
Company: HelpMeSoft
Web Address: www.helpmesoft.com
Requirements: MS Outlook
Price: $29.95
15-day fully-functional trial available
The Problem
As you know, Unsolicited Commercial E-mail (UCE), or "spam", is a serious and growing problem on the Internet. It pollutes our e-mail boxes, obscuring your important messages with useless, often offensive junk. It accounts for a good portion of Internet traffic, costing ISP's millions of dollars each year.
A lot of filtering software has appeared that attempts to move all of this junk out of your way. Some of this software is very good, but it does nothing to address the problem - just cover it up. This is like waving away a pesky mosquito instead of squashing it.
Fight Back
When I was only receiving a few of these messages a day, I would dive into the headers and source code and track the offender down. I would report them not only to the Internet Service Providers (ISPs) through which they sent the e-mail, but the ISP's hosting their web site. Since most ISPs have an acceptable use policy in place that prohibits spamming, this will usually get the spammer's account shut down.
What is the point of this? This action won't stop the spammer, but does raise the spammer's cost of doing business. They have to find another ISP or misconfigured network server to abuse. The point of reporting spam is to raise this cost enough to make it less profitable to send UCE. It also gets you off of many spammer mailing lists, reducing the amount of messages that you receive.
The number of UCE that I (and everybody else) have been receiving has increased incredibly over the past few years. Reporting it all became impossible, and I had to settle for taking "pot shots" a few of the most offensive messages. I have been looking for a tool to make this easier.
Automate It
NUCEM, or "No Unsolicited Commercial E-Mail", promises to do the dirty work automatically. It condenses hours of painstaking investigation into just a few clicks. You may wonder how effective an automated system can be, but after working with it for the whole evaluation period, I came through very impressed. I analyzed a few of the UCE messages manually and compared the results with NUCEM's. It was dead-on accurate every time.
This anti-spam utility has the world's simplest interface - one button. If you see a message that you didn't ask for, select it and hit the button. NUCEM takes care of the rest. It analyzes the message headers and drops reports into your mailer's out box. When your mailer sends off messages, these complaint reports will go out. Because it doesn't send the messages off right away, you can open them to inspect or modify them as you wish.
You can also configure it to send these complaints to other addresses as well, such as uce@ftc.gov or spamrecycle@chooseyourmail.org, or any other organization that is tracking spam. If you do this, not only are you reporting the spam, but helping these organizations track the problem.
Installation is fairly simple. You do need to tell it the domains of your e-mail services (such as "hotmail.com"), and you will need to restart your system to complete the installation. Once you restart, NUCEM will launch its update wizard to check for any updates over the net. When you start Outlook, you will see a NUCEM button on the toolbar along with an additional menu item. To report UCE, just select the e-mail, then hit the button.
This program is well-integrated with Outlook. It uses Outlook's network connection to perform all of its processing. When it needs to send a message to an ISP or "back home" for processing, it will place the message in the Outbox. These will be sent the next time Outlook sends messages. This allows you to inspect the messages before they are sent. NUCEM supports Outlook's menu and toolbar customization functions, but I found that it would lose contact with any new buttons on the toolbar once Outlook is restarted. This should be fixed in a later release.
The NUCEM menu contains more commands for managing spam-related items such as ISP responses and failed delivery reports. Once you submit a series of complaints, you will receive responses back. You can help NUCEM work by informing it about these responses. These will be sent back to the central server to be processed by the analysis engine. If you make a mistake, there are menu commands to undo these actions as well.
The default settings work well, but you can tweak it through the options dialog. This allows you to fine-tune NUCEM's behavior, telling it to separate the junk from the spam reports, ISP responses, and failed delivery reports, for instance. You can also add e-mail addresses to copy the reports to. If you have specific proxy and DNS server information, this can be entered here.
Finally, if you want to follow what NUCEM is doing, you can open the Console window. This is a live, scrolling log of NUCEM's reporting progress. It also provides an alternative interface to manage report processing.
How do they do this?
HelpMeSoft has a powerful analysis server at their offices that tracks spammers, ISP's, and Internet traffic. This helps NUCEM analyze the spam when you hit the button. If it has trouble with the message headers, this server tells the software on your computer where to send the reports. You'll often notice a substantial delay of a minute or two between hitting the button and seeing reports start to appear in your outbox. This occurs when NUCEM needs to communicate with the server to get more information. It's still a whole lot faster than doing it manually.
I found this to be a very accurate system. Nucem would not only send reports to the point of injection, or the ISP through which the spam was sent, but also to the ISP hosting the e-mail address or web site advertised in the message. Most ISP's also have an AUP clause prohibiting advertising web sites hosted on their service with spam.
However, at this point NUCEM does not dig through the additional layers of protection that seasoned spammers have added to their e-mail systems and web sites. It only reports the first level of information that it finds in the e-mail. Spammers are always getting themselves reported, so they have created these additional layers to provide a buffer between terminated ISP accounts and the spammers' "real" e-mail and web hosting accounts. This makes shut-down accounts less painful, but it still costs money and time.
For instance, most spammers will send e-mail through unsuspecting, badly-configured mail servers knows as open proxies. This technique makes it impossible to know where the e-mail really came from. Also, they often create multiple "dummy" or relay web pages that eventually get you to their real business web site. These pages are often heavily encoded to make it very difficult (but not impossible) to find the business behind the message.
This may make the effort seem hopeless, but setting up these extra layers still takes time and money. Stripping just one layer adds cost to the spammer's business. Alerting ISP's of these problems helps clean up the net, and makes it harder for the spammers to find systems to abuse. You know that you are having an effect when the spam flowing into your e-mail box finally starts to ebb.
HelpMeSoft works closely with ISP's to handle spammer problems. They track which ones take care of the problem, and which ones don't. If an ISP is having trouble, they will work with them to help to solve the problem. Purging ISP's of spammers is in everybody's best interest (except the spammers, of course).
As a last resort, if an ISP refuses to enforce their AUP, then HelpMeSoft will hand their information over to the block list organizations. These organizations maintain lists of ISP's that tolerate spamming and other questionable activity on the Internet. Many corporations and ISP's use these lists to block any activity coming from addresses that appear on these lists. This can make an offending ISP effectively "disappear" from the Internet until they fix the problem. It's not an ideal solution, but it's purpose is to apply brute-force pressure to misbehaving ISP's.
The Future
Because the NUCEM analysis engine sits on their servers, you can benefit immediately from any improvements that HelpMeSoft adds to their system as a result of their research. They are constantly working on improving their analysis and reporting system, and will eventually be able to get past "first level" reporting and do some more in-depth investigation. Their system already recognizes many ads as coming from certain, specific corporations, despite the open proxy problem. It will eventually be able to penetrate the multiple-layered web page problem as well. I hear that they are working on some rather sophisticated technology. I'll add more information here as it gets released.
Tag Team
By the way, NUCEM can work together with your existing filtering software. NUCEM has its own filter, but its strength is in its reporting. I am using it in conjunction with Sunbelt Software's "iHateSpam" filter (see my review in this section). The filter just needs to be told to leave any message with a subject containing "[NUCEM]" alone, as NUCEM places this in all of its automatically-generated messages. When the filter catches something, I go to my spam folder, select the messages, and simply "Nuke Them"! If the filter misidentified some messages, it's a little more work -- I have to hit two buttons. It couldn't be any easier.
 |
|
|
|
|
|
|
Epinions.com ID:
gsearle
|
 - Top 1000 |
|
Member: Greg Searle
Location: Nashua, NH
Reviews written: 27
Trusted by: 11 members
About Me:
Computer graphics designer and software developer with interests in technology, home improvement, and family life.
|
|
|
© 1999-2008 Shopping.com, Inc.