Introduction

After getting about 200+ spam emails per day, I decided that Outlook Express's rule system was insufficient at stopping them all.  The real killer is that the creation of new rules is such a pain that I was wasting more time doing this than anything else.  Outlook's user interface could be greatly improved.  I searched on the Internet for a review of multiple spam filter programs, and I recall arriving at spamfilterreview.com.  At the time, they gave Spam Inspector the highest rating of all the programs (Update: it does not even appear on the list for 2005).  I read a decent number of reviews, and noticed that Spam Inspector was one of the few programs that supposedly integrated well with Outlook Express.  Proper integration is important, so I decided to give it a try.  I thought that $20.00 is not much to waste if it turns out worse than expected.  I purchased Spam Inspector 4.0 from Giant Company Software.

To get this off of my chest, I am going to immediately enumerate all of the negative aspects of this program that have been driving me crazy.  A cup of coffee may be in order:

Problems Encountered with Spam Inspector 4.0

• During installation, there is a step to 'Add Friends to your Friends List'.  Because I was using Outlook Express, and have never run the Outlook set-up wizard, the installation actually initiates this wizard by mistake.  I figured this was not the end of the world, so I notified Giant Company Software about this minor problem so they could look into it. They did not reply.
  
  
• There is an 'Is Spam' button that allows you to deal with spam that the filter accidentally let through.  By default, the 'Add Sender to Enemies List' is selected as one of the actions that this button performs.

The 'Add sender to Enemies List' default selection will blacklist your friends.

This action adds the email address that the spam email came from to a black list.  Anyone on this blacklist will forever have their emails blocked.  The problem is that worms and viruses have been spoofing email addresses for years.  It has been a while since anyone received spam where the 'from' address is the spammer's actual email address.  It is always either a fake email address (that is never replicated), or an address that the spammer harvested from someone (from a user's address book, or an online web page), maybe one of your friends.  Please note that spammers often want to spoof their emails with a friend's address, because you are much more likely to open it if you believe it is from a friend.  A lot of worms spread by emailing themselves to everyone in your address book.  So, if you get a spam email that is spoofed with one of your friend's email address, and click the 'Is Spam' button - congratulations - you just added your friend to the enemies list, and all their future email will now be marked as spam.  This feature serves no useful purpose, and can only have negative consequences when used.  It should not even exist.  Yet, this is the default setting.  I notified Giant Company Software about the problem with no reply.

• There is a 'Not Spam' button whose purpose is to let Spam Inspector know that it misjudged a legitimate email.  The problem is that when you notify the program about these false negatives, it does not bother moving these emails (that were placed into a unique 'Spam' folder) back into your Inbox.  You have to do that manually.  It also leaves it highlighted in red and the subject prefixed with '**SPAM: '.
  
  
• A friend of mine asked me if I got an email from him the other day.  So, I looked for it and found it in the spam folder.  Spam Inspector marked a message as spam that came from the person who probably sends me more email than any other person.  How could this email have possibly fooled the filter?  I know why: In this particular email, he quoted a web site, gave its URL, and commented on it.  From this perspective, I could see why the filter thought it was spam, since the words mostly were not his own.  But, the email was NOT an advertisement in any way, so it did not match the spam email any more than regular legit email would.  Also - and this is the biggie - it dawned on me that since the email was legit, it would have nearly identical email headers to every other piece of legit email sent to me from this friend.  These email headers are something a spammer who spoofed my friend's email address would not be able to replicate.  But, the filter thought it was a spam, anyway.  It has become apparent that Spam Inspector does not bother looking at this large amount of useful information - the email headers - that could have easily distinguished it from junk mail.
  
  
• Whenever you start Outlook Express, the program loads as normally, and about one second later, Spam Inspector 'kicks in' and integrates itself with it.  This causes Outlook Express to lose focus.  If you are a keyboard user, this is annoying.  I have Outlook Express's 'Send and receive messages at startup' turned off (for the purposes of being more productive, so I can open the program to send someone an email without seeing new messages.  The purpose being that I choose when to receive email).  If you do this, as well, then if you click the 'Send/Recv' toolbar button to receive messages between the time Outlook Express loads and the time Spam Inspector starts up, your click is ignored.  Believe me, this will happen every time, at least until you get used to waiting for the program to lose focus, which is an indication that Spam Inspector has finished kicking in.  Sometimes, the Spam Inspector toolbar will update itself on start-up, and annoyingly asks you to restart the program you just started:

Even just starting the program is annoying.  We haven't even got to the meat of it, yet.

• When I ordered Spam Inspector from the web site, I went through all of the regular online ordering steps, and arrived at a screen with the following message:
  
  "Thank you, your order is currently being processed. Please be patient as the ordering pages may take up to 30 seconds to finalize and display your confirmation and registration information."
  
  After about 10 minutes, I began to suspect the page would never load, so I shut it down.  Did the order go through or not?  I emailed them about the problem, just in case they took my money before the order finalized.  While waiting, I decided to do some investigation work myself.  I went to their 'Lost Registration Key Request' page and entered the email address I used in the order.  I then clicked the 'Send me my registration key' button.  The web page provided zero feedback as to whether or not the email address was valid - it just reloaded the web page with the same input form.  Was this an error on their end, or is this what happens when you enter an email that is invalid?  In any event, the order did eventually go through, as I received the automated email with my registration key.  Regarding my email request for help, I got an automated reply that was so off-the-wall that it may as well have explained how combustion engines worked.  Please read on for details:
  
  
• Are you wondering how great their Bayesian filter works?  Such a filter is the core to most spam filter programs.  It is used to categorize information into one or more groups - usually 'spam' and 'not spam' for spam filters, but it could be used to categorize emails into more distinct groups.  I believe that they have such a filter for their automated support replies (yes, I did get such a reply once), since it is unlikely that they reprogrammed new technology to do so when they already had it programmed for Spam Inspector 4.0.  Let's have a look at their filtering technology ability.  This is the email I sent regarding the online ordering problem:
  
  "I recently attempted to purchase Spam Inspector online and had the problem of the system not responding after I clicked the button to send my order information in.  I do not dare to attempt to go through this again, in case the order was already processed.  As a hunch that it may already be processed, I decided to use the 'Lost Registration Key Request' web page, and I entered the email address that I specified in the order.  When I click the 'Send me my registration key' button, the web page gives no feedback as to whether the email address is valid or not.  It just reloads the web page.  Is this a bug, or is this actually what is intended to happen?"
  
  Here is their automated reply, quoted exactly, including irregular spacing:
  
  

  "Thank you for contacting GIANT company customer support. It sounds like you want to view FOLDERS LIST in Outlook Express. You should be able to make it visible by selecting VIEW >LAYOUT >  FOLDER LIST from within Outlook Express. Please let us know if you have any other questions or comments."

  Okay.  This is the technology that is categorizing your important email into 'spam' and 'not spam'.  I notified Giant Company Software about this problem with no reply.
  
  
• Some spammers send multiple, identical emails to multiple addresses at the same domain, hoping to reach a bunch of different people at some corporation.  For some people, like me, all of this email gets read by the same person.  This means that one person may end up with 30 or more copies of the same spam email.

Spam Inspector 4.0 doesn't realize 50 identical emails are all spam.  There is no option to click 'Is Spam' for them all simultaneously.

Spam Inspector 4.0 does nothing about this, as it does not train its Bayesian filter as new spam arrives.  If it did, it could factor in such information, and potentially realize that these emails are spam after only a few pass through.  After all, how often does someone legitimately send you 30 identical pieces of mail?  I notified Giant Company Software about this problem with no reply.

• Some addresses that send mass emails are not spammers.  They are legitimate newsletters that you may have joined at some point in the past.  For these addresses, it is OK to ask to unsubscribe, because they will listen to your request, and not sell your email address.  However, a spammer will not listen to such a request - they will take your note as confirmation that your email address exists, so you better buckle up to prepare for more spam.  The problem lies in how you distinguish the two.  Spam Inspector has a 'Trusted Sender Program' which maintains a list of email addresses that are safe to unsubscribe from.  This sounds like a cool feature, so what could possibly be wrong with this?  Well, the fact that Spam Inspector's programmers have no knowledge of spoofed emails means that you will get spam emails that are spoofed with legit addresses.  When this happens, it does not let you mark the email as spam via 'Is Spam', because it thinks you are telling it that a legit email is spam!  In fact, if you attempt to do so, it actually complains with a pop-up requesting that you merely unsubscribe instead!  Also, sometimes it tells you that an email address that is safe to unsubscribe from even though it is a spam email:

The 'Trusted Sender Program' claims this email is safe to unsubscribe from, but...
(By the way, don't click that link; the URL is invalid, so it doesn't work.)


It is a spam email with spoofed email address that almost looks legit.

• There is no easy method to provide feedback to the company from the program itself.  There should be a feedback menu selection.  I actually found that the email link on their (no longer available) web page is missing the "mailto:" attribute, which causes it to work improperly.  Not a big deal, but I notified Giant Company Software months ago about this (with no reply) and it is still broken.  So far, I have yet to receive a single human reply to any of my numerous emails - most of them notifying them about bugs in their software.
  
  
• There are many minor user interface design bugs.  Such as in the 'View Statistics...' window, the scroll bar does not update the window in real-time as you move it.  This is literally a matter of one line of code.  Also, they disabled double clicking, so you cannot click multiple times on the scroll bar shaft (the shaded area above and below the scroll box / thumb used to scroll one page at a time), as each second click is ignored.  Sure, these are minor things, but there are so many.  The software could make good use of the information from Joel Spolsky's User Interface Design for Programmers book, particularly Chapter 1: Controlling Your Environment Makes You Happy.  Let me summarize the chapter:  If the program does not do what the user expects, you are going to have an unhappy user.  I will warn you now:  Prepare to be unhappy when you use Spam Inspector.  I notified Giant Company Software about these problems, with no reply.
  
  
• When you get 300 to 500 spam emails a day (yes, I am getting more now than when I purchased the program):

Imagine having to click 'Is Spam' for each email, individually, with a forced delay between each press.

and your spam filter has a badly implemented Bayesian filter, then a lot of spam gets through.  Usually on the order of 30 to 50; at least 10%, sometimes 15%.  Even with legit email interspersed in the all of that junk, here are usually about 10 or 20 pieces of spam in a row.  It would be nice to select them all at once, and click the 'Is Spam' button.  I wrote Giant Company Software regarding such a feature, with no reply.  As it stands now, you have to click 'Is Spam' individually for each piece of spam mail.  It gets worse.  Even on my relatively quick machine (AMD Athlon XP 2500+ 1.83 GHz) it takes well over a second to respond to each one of these clicks.  Just long enough to make you mad.  Each click of the 'Is Spam' button should be answered with an instantaneous response, because the user has to sit there and repeatedly click the 'Is Spam' button many times in a row.  When you cannot do what you want to do, you become unhappy.  You start to have a bad day.  Now, imagine going through this every morning.  Each and every day this annoys me enough that I feel like making a revision to this article by bolding this point it very large text.

• There are no settings to change the emphasis of the Bayesian filter.  It would be nice if the filter could rate each email from 0 to 100 (0 meaning a 0% chance that it is spam, and 100 meaning a 100% chance that it is spam), and you could set the threshold.  (The Bayesian filter does do this internally, you just cannot see it.)  This would help if you get no false negatives (legit emails marked as spam), but many false positives (spam that passes through the filter), as you could change the threshold to help block more spam (at the risk of having some false negatives).  In fact, having a third category 'Unsure' to place all spam that is too close to be sure if it is spam or not, would avoid any false negatives, and you would have a much shorter list to search through when you want to see if Spam Inspector potentially marked legit email as spam.
  
  
• Even though Outlook Express is not running as I type, there are three background processes running that Spam Inspector is responsible for.

Three background processes running even when Outlook Express is not.  Hmm?

Does it need to be running in the background when I am not checking email?  No.  There is a feature to participate in the 'Spam Learning Network' to collaborate spam email information from all users, so the Bayesian filter can learn from other people's spam emails.  This is a good idea, since it could learn to block spam email that it has not yet seen, but how do I know what the system is sending across the Internet?  Why is it running when I have nothing to send to anyone, since I am not even checking my email?  There are allegations that the program contains spyware, and I cannot say that I blame people for being suspicious.  This behaviour is uncalled for.  Here is a Q&A from the help files that accompany the program:

Q: In my Windows Task Manager Processes I see the following processes running, siMain.exe and siStartupService.exe, what are these and why are they always running?
A: These applications are used to provide a number of quick access functionality to the Spam Inspector platform. The siStartupService is responsible for managing your spam definitions and software updates of Spam Inspector on startup of Windows as well as manages the instances of Spam Inspector running. The siMain is the primary applications that Spam Inspector uses to provide it with its features and spam filtering technology. These processes may not run all the time, only when Spam Inspector needs them are they loaded. Please, do not attempt to stop these processes from running, this may cause Spam Inspector not to function properly.

For the record, the three processes I see running are siMailProxyServer.exe, SiService.exe and siSpamFilterEngine.exe, so their help files are outdated.  I am unconvinced that these processes need to be running.  There is no requirement for these processes to execute when the spam filter is not required at that time.  If they are required only for the reasons their help file states, they are not justified to be running 24/7.  Let me make it clearer:  People do not want programs running on their systems without their permission.  Spam Inspector should, at minimal, have an option to turn off such processes when your email program is not in use.

Does Spam Inspector 4.0 Get Anything Right?

Yes.  They set the threshold for the Bayesian filter so low that, even though tons of spam breaks through the filter and stinks up your Inbox, almost no legitimate email reaches the spam folder.  In my experience, the email that Spam Inspector did report as spam were from forums / discussion boards that send an automatic email for each reply to threads I had participated in.  Because such emails are clogged with advertisements, I would never critique a spam filter for not understanding such emails are not spam, since they practically are spam.  They are spam that you agreed to receive in exchange for some service - in this case, the usage of convenient forum features such as the thread activity notification.  In each case, after notifying the program that it was not spam, the email address was added to a whitelist so it would never made the mistake again.  This is good right?  As long as no spammers will spoof their spam emails with such addresses, since the filter will now mindlessly let anything that comes from it through.  With email spoofing, blacklists and whitelists do not work.

Unfortunately, this is the limit for what the program does right.  When you do get a piece of legitimate email in the spam folder, you first have to search for it, wading through the trash just to find it.  Are you going to do this everyday?  Try it when you get 400 pieces of junk in there.  Word find puzzles are easy to do when you know what you are looking for - try one when you do not know if even a single word exists in the entire puzzle and when you do not know any of the words that you are looking for.  Now, try that every day.  Believe me, you will just give up, and just hope the program is doing its job.  When you do find a legit email in the spam folder, you will have to click the 'Not Spam' button to notify the program of its error, which has its problems as I have already described in the above list.

Because the program is so cautious about tagging legit email as spam, the consequences are that lots of spam passes through to your Inbox.  This will happen every day, so the program should have a nice way to deal with it efficiently.  As I have previously described in the above list, it does not.

My suggestion is that they should mark each piece of spam with its numerical measurement of the Bayesian filter, so the user can sort the messages by the likeliness of them being spam.  And, yes, this is very possible, even when the product is an add-on to another email client, such as Outlook Express.  They already modify the subject line with the prefix '**SPAM: ', so with an additional couple of lines of code, they could insert a number representing the chance of it being spam.  The user could then sort the email by the subject, which would effectively sort them by their likeliness of being spam.  I would think if the software had passed through a small amount of Quality Assurance, this idea would have arisen.

Conclusion

The program is not worth $20.00.  Many of its features simply do not work.  The most appalling thing is that it shows a lack of a basic understanding of how common spam emails work.  I find it astonishing that the software is woefully unaware of the spoofing techniques that have been used for years.  This information is crucial in handling spam email, and this is the program's primary purpose.  (Update: When instructing the program to bounce spam emails, almost every bounce attempt will respond with an error due to its determination that the spammer used a 'forged email address' [which makes the feature useless, but this is beside the point].  Therefore, the designers are aware of spoofing techniques, but the software does not make use of it on many occasions.)

I am surprised at the reviews this software has received, but I can offer an explanation:  I find it very plausible that the spam filter reviewers did not review the software properly.  If, after a few days of trying it, some spam is blocked and it did not crash, they give it a good review.  It gets bonus points for its fairly smooth integration with existing email software.  But, did they even notice that the most commonly used feature of the program, the 'Is Spam' button, does not even work?  Probably, not.  Do you think any reviewer has placed each of these spam filter programs through as much testing as a paying customer does?  Of course, not.  Let me spell something out:  Using a blacklist of email addresses to block emails no longer works.  When you can easily spoof an email to show any address, why would spammers ever use the same address twice?  This obsolete feature can only serve the purpose of accidentally blocking your own friends' email addresses, if their addresses are used in spoofed spam email.  Yet, spam filter reviewers have a field for such features to place a checkmark next to.  This is not a desirable feature.  This brings to my attention another topic to write about for another day:  Why the vast majority of people who review software should not review software.

Numerical Rating

For those of you who are looking for Spam Inspector reviews who dislike reading, I will rate the program on a numerical scale for a bunch of categories that I believe are important.  Here is the rating scale that I will use:

0 - null, void, non-existent.
1 - so poor, almost as if on purpose.
2 - shows limited understanding of how people use such a product.
3 - nothing beyond a basic set of partially implemented features.
4 - failure, unacceptable.  main features do not perform their job.
5 - barely achieves the most basic requirements.
6 - below average, almost meets expectations.
7 - average, what would normally be expected.
8 - above current expectancy of such software.
9 - almost perfect, fairly insignificant glitches exist.
10 - exceptional, perfect, could not imagine or want more.

Spam Inspector 4.0 Review:

Technical Support: 0 / 10
   - It is non existent.  Do not send them email... they will not read it. 
Usability:  3 / 10
   - If you did not get up on the wrong side of the bed, you may as well have when you check your morning email.
Filter, False Positives: 6 / 10
   - It marks almost no legit email as spam, but you will not be happy when it does.
Filter, False Negatives: 3 / 10
   - It lets 10% to 15% of spam through.  Learning process is slow.  Identical spam will pass through for weeks.
Feature Set: 3 / 10
   - You can not adjust the Bayesian filter.  You can not sort messages by their likeliness of being spam.
Recommendation to Others: 2 / 10
   -  Outlook Express's message rule system has less headaches than Spam Inspector 4.0.

Overall Rating: 3 / 10

By: Jason Doucette
(Interested in Writing Articles For Xona.com?)