Outlook Express, an old dog in today's fight against Spam

Outlook Express, formerly known as Internet Mail and News program was Microsoft's flagship email client as part of the Internet Explorer bundle for Windows 3.1 to Windows XP. It came with lots of features for an email client at that time, including a news reading feature which never took off as a killer app on the Internet given the rise of social media.

Data Chart

The Outlook Express upgrade comes as a bundle with every Internet Explorer upgrade. The email client is a "light" version of the Microsoft Outlook application, a member of the Microsoft Office productivity suite. As detailed in the graph above, in its five-year history as recorded by cvedetails.com, Outlook Express had 45 vulnerabilities, from 1999 to 2010. Windows Vista, released to the public in 2007 had a replacement for Outlook Express, Windows Mail. However, during the same period from 2007 to 2010, there was still a huge number of Windows XP computers with Outlook Express, hence 8 critical vulnerabilities were still recorded against the software.

The vulnerability statistics are categorized into various exploits like DoS (Denial of Service), Code Execution, Overflow, Memory Corruption, SQL Injection, XSS (Cross-site Scripting), Security Bypass, Gain Information and Gain Privileges. The plurality of the vulnerability was Denial of Service and Execute Code, which enabled attackers to take over the vulnerable Outlook Express installation.

Anti Spam Outlook Express was created by Microsoft as a late attempt to compete against Netscape Communicator's email client. Antispam Outlook Express was not implemented in the first version of the program, Microsoft has not taken enough consideration that spam as a problem even with version 2.0 before 1996 ended. A brand new Outlook Express is bundled with Internet Explorer 4.0 and it became part of Windows 98 and through its tight integration defeated Netscape's offering. Microsoft using the Windows desktop OS has taken advantage of the influence it had to push the usage of Outlook Express and Internet Explorer against its rivals. This motivated the Department of Justice to launch an Antitrust case against Microsoft's apparent monopoly.

Antispam For Outlook Express

Antispam Outlook Express has been improved with version 5.0, as part of Internet Explorer 5.0. This version penetrated the enterprise space, given that Windows 98 Second Edition and Windows 2000 bundled Internet Explorer 5.0 package. The enterprise users were able to have a safer email environment with the embedded Antispam Outlook Express with their corporate Win98 and Win2000 computers, saving the company from the labor cost of deploying a 3rd party solution.

Windows XP unified the customer and enterprise Windows codebase under the NT branding. This enabled a modern interface for Antispam Outlook Express plus a slightly improved version the Antispam Outlook Express plugin. With version 6.0 of the Microsoft's Antispam Outlook Express email client, updating and fixing of bugs and vulnerabilities had been streamlined. The new antispam outlook express measures were constantly on a monthly basis.

Automatic updates became part of Windows 2000 SP3 and an integral component of Windows XP, every second Tuesday of the month pushes fixes for all components of Windows, AKA Patch Tuesday lessening the vulnerabilities that reach the end-users, as long as sysadmins do not block the updates deliberately.

The persistence of Antispam Outlook Express in the enterprise was credited to the huge market share of Windows XP and its long life, from 2001 to 2014. Its success in the office environment and the consumer space, while competitions like the MacOS and Linux were very weak if not irrelevant. There were some users and companies that were able to run Anti Spam Outlook Express using the Wine API extensions for Linux and MacOS.

The bottom line of Anti Spam Outlook Express history is the need for an external application or a hosted service to secure the functionality of the email clients. A hosted anti spam service outsources the anti spam measures in the remote server. In the days when a non-HTML email client is unacceptable, the security and privacy of the email users are delegated not to the email clients, but to a 3rd party. This is where anti spam measures are externally enforced, through the use of a hosted anti spam service.

One such compatible hosted anti spam appliance service is Comodo Anti Spam Gateway. Developed by a world-leader in the name in IT privacy and security, Comodo. It enables the use of real-time anti spam, which is effective in blocking spam email before it reaches the users.

The proprietary scanning engine powering Comodo Anti Spam Gateway is Valkyrie-Technology, which uses a cloud-based engine database that connects the mail server to the Comodo Cloud in order to implement updated anti spam measures. This is much better than anything Anti Spam Outlook Express can ever offer. Comodo maintains a standard list of known spammers in its anti spam database for fast identification of junk emails, which Anti Spam Outlook Express never had. This is supplemented by an aggressive self-learning heuristics scanning of the emails, enabling detection of unknown threats.

Any company that still uses Anti Spam Outlook Express can still choose to deploy Comodo Anti Spam Gateway, as the latter is designed to immunize and harden the email server, as it runs a background process monitoring the email exchange to and from the Internet. Anti Spam Outlook Express had not insulated users from contact with dangerous content and prevents the people from being exposed to the most vulnerable layer in a company's cybersecurity system. These days spammers have all the tools at their disposal to bypass anti spam measures making Anti Spam Outlook Express irrelevant, but Comodo offers comprehensive database, a much-needed remedy against spam in the enterprise, regardless if they are large or a start-up. Try Comodo Anti Spam Gateway today!


Start Your 30-Day Free Trial Now