Search  Rules  Login
TheBat English » The Bat! - Configuring the E-mail Client
Pages: 1
RSS
Many Questions About Anti-Spam Features, hoping to understand how anti-spam features work
 
#1
0  
Hello!

I have been using The Bat! with AVG for some months now and have just upgraded my AVG to include the Anti-Spam filter. Previously I used several spam filters (Spam Assassin and PopFile) which are located prior to TB in the email delivery chain. Although these tools work reasonably well, they have the disadvantage that they must be maintained separately (whitelists, training etc) which is cumbersome and unreliable. I am hoping that by using The Bat! with one or more anti-spam plugins, I will be able to do all of the maintenance from one place (The Bat!). What I currently have is AVG's anti-spam plug-in loaded and configured in TB. I am considering adding another plugin if that improves performance (considering Anti-Spam Sniper based on forum postings here). So, here are my questions:

1. Is there any way to maintain just one whitelist that can be used by multiple anti-spam plugins? If so, how? The way it appears now is that to access a whitelist, I have to select the particular plugin and click on configure, which brings me to the whitelist for just that plugin. AVG supports import from a text file, but don't know if any other plugins support this. Has anyone found a way to consolidate whitelist maintenance?

2. Is there any way to make the spam score for an email show in the junk email folder? Before I choose cut-offs for deletion vs. filtering of spam I would like to have an idea of how high the false positives are scoring. It would also be really nice to be able to sort the junk email by increasing spam-score so the ones most likely to be false positives have some chance of floating to the top of the bin....

3. If I configure TB to automatically delete spam above a certain score, does that get deleted for real or sent to the trash bin? I'm concerned about false positives and hence somewhat reluctant to use this feature without first being able to see what the false positive rate would be.

4. What is the Special menu item "Mark as Not Junk" supposed to do? Please pardon me if it sounds like a stupid question but it's not obvious. I sent myself a test email which got put in the junk email folder and I selected "Mark as Not Junk" and nothing seemed to happen. Is this training the AVG Anti-Spam filter when I select this? My initial assumption would be that this would move the message back into my inbox, and this is the behavior I would hope for. In fact I can move it there myself and it stays there, but why doesn't it go there by itself just from marking not junk? I noticed someone on the forum said this is because it would be refiltered but that doesn't make sense to me since I am able to get the result manually so it should be possible to program the result, too. More generally, is it possible to configure the actions taken when I select "mark as not junk"?

5. When I receive an email which is marked as junk but is not junk (a false positive) it would be incredibly convenient to be able to right click on it and add the sender to my universal whitelist. Is any such thing possible or envisioned? Along the same lines it would be great if the marking as not junk could automatically train the plugins (does it currently do so?).

6. I tried to train AVG Anti-spam but it wanted me to exit TB first. Is this the only way to train it or does it get trained from my marking "Junk" and "Not Junk" in TB?

7. The documentation for TB says that it comes with BayesIt Anti-spam filter, but discussion on the forum seems to indicate this is no longer so and I don't see it listed in the anti-spam plugins, so I assume there is no longer any anti-spam plugin that ships with TB. Would be great to update the documentation to match current behavior. Or do I need to manually download new documentation?

8. I asked the AVG plugin to write [spam] in the subject and it seems to do so twice. Do I have something misconfigured? Has anyone seen this behavior?

9. I think the ideal anti-spam tool would have very intimate integration with the mailer so that all configuration and maintenance happens in one place, preferably by a keystroke or right-click on the email selected. It looks like TB is moving in this direction and I hope it is possible to get there, even though different authors write the plugins....

Thanks, in advance, for any illumination on these points....
 
 
 
#2
0  
AVG has not very powerful antispam, You should consider tp use AntispamSniper, which has free version available too.

1) in AS You can define whitelist and blacklist

2) In The Bat! You can see message score in Account log only, hit Ctrl+Shift+A and find that message.

or use AS and You can open its Log window, where are messages displayed with their score and reasons, why they were marked as spam/ham. It is very useful, because You can mark that message and add sender to whitelist for example

3) You can define to move message detected as spam by score to JUNK folder, message si deleted and dissapperas from INBOX, but persists in its msgbase until You remove deleted message in Folder menu.

4) basically, antispam programs and plugins, which uses Bayesian statistic algorithm, detects messages via statistic of allowed and blocked words from messages marked as Ham/Spam, so You should mark junk messages as spam and correct messages as Ham to decrease false positives.

AS has many other features for message detection, You should check it.

5) yes, marking as ham will train plugin, but adding to whitelist is better if is this sender OK.

6) maybe it has its own default spam base, but every program or plugin must be trained, because every person gets different spam and ham messages.

7) there was BayesIt plugin included in default installation, but it is no longer developed and developers decided to remove it from default installation, You can use many (AFAIK there 7 antispam plugin for TB available) others.
My page is in Czech, but plugins are listed there:
http://www.thebat.cz/the-bat-professional/rozsirujici-pluginy

8) I do not use AVG antispam, only AVG antivir, so I can't help You with this.
 
 
 
#3
0  
Thanks Marek! I have installed the trial version of the pro version of Anti-Spam Sniper (I'll call it ASP - P for pro) and I like it very much so far. If anyone else is interested here is the link to see the comparison between free and pro versions: http://antispamsniper.com/tbp_compare.html

So far, it appears to have more ways to detect spam than AVG and the interface is MUCH better designed (more seamlessly integrated with TB). AVG does also have a whitelist and blacklist and you can open the configuration of these from within TB, but ASP has so much more than this. I will try to describe the difference for those people who are still looking for a nice anti spam tool.

ASP adds a toolbar to TB with these buttons:
 Mark as Junk
 Mark as Not Junk
 View Log
 Testing Mode
 Delete Spam
 Options

When you have a false negative (spam in your inbox) you just hit the Mark as Junk button (or map to keystroke in TB) and the Spam is moved to your junk folder.

If you click the View Log button, a window opens from ASP showing all the header info for all the emails you have received and how they were classified (including spam score). Those with higher spam score are highlighted in red, fading to orange as the spam score gets lower, to yellow for a spam score around 50%, then into the greens for lower spam scores (like a rainbow). You can also see information on how an email received its classification. In some cases the email just has enough "funny stuff" in it to accumulate a high spam score. In other cases it has tripped a switch called a black rule which causes it to immediately be classified as spam. ASP comes with a bunch of these black rules which you can enable or disable. If the message has tripped a blackrule, the name of the black rule shows in the log. If you use one of Mark As Junk/NotJunk then it creates an entry in the log showing that the particular email has been learned as Spam/Ham. So you can very clearly see the history of classifications in the log.

For a false positive (ham in your junk folder) just hit the Mark as Not Junk button and then move the email to the desired folder manually. It generates a "learned as Ham" entry in the ASP log.

I have looked at TB's account log and as Marek points out, you can see the spam score here but apparently only for messages that were classified as spam. This is the same log where TB logs each and every interaction with a mail server so there can be a lot to wade through to find spam scores in this log. Clearly the ASP log is a much better way to view spam scores (since this is its only purpose, unlike the TB account log). In the ASP log you can see the spam score of your ham as well, since every email is scored (unless it hits a white/black rule). So if your ham is scoring a little high, but not high enough to end up in the junk bin, you can see this and either mark as not junk or put sender in whitelist of whatever action you want to increase the likelihood of correctly classifying that message *before* it ends up in the junk bin. Very nice feature!

Here are the options available for an email via right-click context menu from the ASP log:
 Show Details
 Undelete
 Search
 Export
 Add Sender to WhiteList
 Add Sender to BlackList
 White Rules
 Black Rules
 Clear Log

Show Details just shows the same info as the log window but in a dialog box. Hmmm.

Search is a "find" dialog for finding text in the log.

Export appears to export the entire ASP log to a semicolon-delimited ascii file.

Adding sender to whitelist/blacklist gives you the opportunity to edit the email address (e.g. to use wildcards - user@domain.com for just one email address or *@domain.com for whole domain).

White/black rules are regular expressions (PCRE) to search in the header. If found the email is immediately classified as ham/spam.

This is exactly the kind of integration between mailer and anti-spam engine that I was looking for. Very efficient to use. No remembering to update several different whitelists, etc. BTW, AS recommends to only use one anti-spam engine at a time so they don't interfere with each other. At the moment, AVG anti-spam is still running - I've removed the AVG plugin from TB but not diabled AVG antispam. I have it mark the subject if the spam score is over 80 so I can see how it compares to ASP and at present (both are still in training) I must say it does better than ASP on some emails and worse on others, but more often worse. I think when well-trained ASP will probably do better than AVG and the quality, efficiency, and convenience of the user interface for ASP cannot be understated. Really fantastic! In comparison AVG's anti-spam interface is very disappointing. As far as I can see, in AVG, you only can access the whitelist by opening it directly and then typing in it or importing from a file, but not by right clicking on a message.

As far as deleting spam above a certain score (a setting one can select in the TB anti-spam configuration), if I understand Marek properly, it gets really deleted, not put in the trash, but if you haven't compressed the folder, you can still rescue it using the Browse Deleted item in the folder's context menu. If I misunderstood, someone please correct me. I won't try this till the ASP is better trained and I can see the rate of false positives.

Regarding training, ASP seems much better set up than AVG for this. I've been using "a train as I go" approach, just training it on incoming email and anytime I want to see how it's doing I just open the log window. With AVG, it has a training mode where you can give it some archived emails to look at (either spam or ham) for training, but you have to shut down TB to do this and it is rather crudely designed in the user interface. For instance there are a sequence of check boxes to set to tell it spam/ham and whether you want all the messages used or to ask about each one, etc and then you get to pick a mail folder. So, for instance, you can select an archive folder will all ham and train it on that and then select a folder with all spam and train it on that, or select a folder with some of each and review each message to say spam/ham but for each folder you have to select the options again and it does not remember your last selection and it does not recurse to subfolders. After training on a couple of folders like this I started to wonder, did I remember to tell it ham this time? You can't see that information while you are selecting the folder so if you are sleepy or in a rush you end up clicking a lot and then forgetting if you clicked correctly in the check boxes. Not good. Very easy to train incorrectly which can make a HUGE mess for a Bayesian filter. So, while I have no problem with the idea of training the filter, I want to have the training interface make it easy for me to see that I'm training correctly. ASP does this and AVG definitely does not.

BTW the I love AVG's other products and have used them for years, and AVG is how I found out about TB. So, while I think AVG's anti-spam filter is not very good yet (especially in user interface) I do think their other stuff is great. I use their anti-virus, anti-spy and firewall very happily.

Finally, in case anyone is dealing with this issue, I found out why the double spam markers from AVG. When I initially set up TB to work with PopFile (a spam filter) and AVG, I had to set the mailserver to localhost and then put the real server in the user box of the POP server setup to make it possible to put POP file in the chain before the mailserver. Then I ended up reinstalling AVG and the end result was that AVG was in the chain twice. So I changed TB popserver setup to a more normal configuration (since I'm not using PopFile anymore) and now it only tags the subject line once.

Anyway, I hope this is useful to people looking for a new anti-spam filter. I would highly recommend Anti-spam Sniper Pro edition so far. It's only around $US 20
or so and, IMHO, a very good buy for the money and you can trial for free for 30 days.

As for the BayesIt plugin, I don't want it, I was just commenting that as a new user of TB, when I read in the manual that BayesIt comes with TB and then I don't see it, it is confusing and does not encourage me to further use the manual if the manual is not accurate. So, my humble request would be, when an update of TB is prepared and automatically downloaded to my machine, could it contain an updated copy of the manual/help also please? I'm a programmer too, so I know the manual/help file is always the last thing on the priority list, but if time can be found to update it, it will be very much appreciated by those of us who still read manuals.

Anyway, thanks for answering my questions. I love TB and ASP. Very nice products.















 
 
 
#4
0  
Another thanks to Marek!
I installed the 30 day trial of AntispamSniper last night. For all the reasons that mxixrx stated I paid this morning  ;)

I really hope Ritlabs remove Agava from the suggested antispam plugins. I won't list the reasons here as they are in other threads

It's too bad as I was looking for some web space outside the US which they seem to have. But at this point I'll be damned if I would use them, but that's another story :)  
 
 
 
#5
0  
I don't believe the extensive post from mxlxrx !
(almost sounds like a paid promotion)

I have purchased the full version and had nothing but TRUBLE for year I tried to use it.
It doesn't work!

For more info check this post.
http://www.ritlabs.com/en/forum/read.php?FID=4&TID=4740
 
 
 
#6
0  
Hello. Sorry for the confusion. I was messing around with my profile. I'm the same as mxlxrx and I don't work for the maker of AntiSpam Sniper, I don't even know them. The first I heard of them was on this forum. I should have made the disclaimer.... I also don't work for AVG or TB or any other company related to the software discussed here.

I wrote the extensive description above for two reasons:

(1) because this was my original post and I wanted to write back and say that ASP does most of the things I was asking for in my original questions and

(2) it's really nice to have extensive information about product before you try/buy. Even for free software it is very time consuming to download, install, learn, try, uninstall until finding the right software. So I posted what I thought would be enough information so people could see how this anti-spam product compares to others they might have used, or to their feature wish-list. I do happen to like AntiSpam Sniper so far, and I am trialing the Pro version because I specifically wanted the toolbar in TB and because I think that feature is worth the $US 20 or so they are asking. But if I discover problems with it down the road, I'll certainly post to the forum so people will know.

I also respect the opinion of anyone who doesn't like AS, too. And it's very helpful when people post their experience (positive or negative). Everyone can read the posts and draw their own conclusions.

Ivone: I'm sorry to hear you had so many problems with AS. I did read your post but it was outnumbered by more positive postings, so I decided to try AS anyway. I did not have the difficulties you describe with AS  slowing down the machine or locking up TB. Perhaps it was a bad interaction with some other Anti-Spam product on your machine? I did remove the AVG-AntiSpam plugin from TB because Sniper likes to work alone, according to the installation instructions in the readme. Anyway, I'm sorry to hear that you couldn't get it to work and I hope you found some other product that works well for you. Computers are supposed to save us time and increase our productivity but they obviously don't do that without good quality software that addresses one's specific needs.....

Thanks to everyone who posted answers to questions and useful info about Anti-Spam products.

Best wishes to all,

Melissa (aka mxlxrx)
 
 
 
Pages: 1