Benign v1.4 - review

Reviewed by: Howard Carson
Published by: Firetrust Limited
Requires: Windows 98 through Vista; 10MB hard disk space, 32MB RAM; Pentium 75 MHz or faster; screen resolution 800x600x16 colors or higher
MSRP: $34.95US

Benign is an unobtrusive program designed to analyze your e-mail and neutralize or strip out the programming code that makes viruses, worms, scripts and other potentially harmful things run. Benign is able to strip out web bugs and block images with embedded malicious code from transmitting information. File attachments that can be used maliciously are quarantined with a new extension that makes it impossible for them to be automatically executed. Think about it for a while and you may come to the conclusion that e-mail is a relatively creepy proposition these days. What's a person to do? Well you could try Benign.

HTML e-mail can contain scripts and ActiveX components to automatically run programs which delete or modify files or let an outside user spy on you. Web bugs, executable files attached to e-mail and even apparently benign HTML e-mail can be used by unscrupulous marketers (and worse) to track your activities, register what you're doing and then integrate all of the data into larger databases in order to mine for valuable information. The value, of course, lies in the sheer volume of information gathered by all of the operators out there. Benign can strip out harmful codes hidden in an HTML message.

File attachments can contain viruses or other threats. Some e-mail programs allow these attachments to run automatically as soon as a user previews a message. The most virulent virus ever - Klez - exploits this vulnerability. Benign can strip these attachments out or just rename them so they won't run.

An e-mail can contain embedded images which are designed to track the online and desktop activities of anyone who opens the e-mail. As soon as you preview the e-mail, it will send back information to the sender to say you have read their message, thereby letting the sender know you have a working e-mail address to which more junk/spam can be sent. Benign strips out this identifier information.

When an e-mail is intercepted by Benign, the key information is extracted and then every aspect of the e-mail is completely rewritten. The essential text in the e-mail is then presented free of any malicious code. The idea is to protect against known security problems and against a large number of attacks yet to be discovered. Benign supports the following e-mail programs:

After installing Benign, you will be asked to import your e-mail account settings so that Benign can intercept your e-mail and pass it to your e-mail program. The process is completely automated. The configuration routine will ask you to select a security setting - we chose ‘Medium’ to start. There are several other manual configuration options, a comprehensive logging system which tracks everything Benign does, domain and address overrides, log report settings, and customizable security settings.

So how does Benign actually do its work? Once it's set up, you'll find that all of your POP3 mail accounts have a ".B9" extension which allows Benign read and analyze your e-mail each time you launch your e-mail software. Benign automatically makes changes, strips out or renames potential problems, then passes the sanitized e-mail to your e-mail program. Benign appeared to make only minimal changes to the appearance of our e-mail (and you can change the setting at any time), but it still stripped out attachments (just like the original 'surprise' setting of the same type in Microsoft Outlook). Unlike Outlook however, you can change the Benign setting to simply rename attachments. HTML messages remain easy to read and understand unless you set the software to strip out all HTML. Benign runs in the background and displays a "B9" icon in the Windows system tray.

When an e-mail is intercepted by Benign, the key information is extracted and then every aspect of the e-mail is completely rewritten with the information presented free of any malicious code. Likewise any attachments that can be used maliciously are quarantined with a new extension that makes it impossible for them to be automatically executed. This way Benign protects not only against known security problems but also against a large number of attacks yet to be discovered.

We've reviewed Firetrust's excellent Mailwasher Pro software and have now discovered that using it in combination with Benign is a highly secure method of using e-mail. Mailwasher Pro checks all your e-mail while it's still on the server, allowing you to delete, blacklist, bounce and otherwise filter out spam before it ever gets to your computer. Then run your e-mail program as usual (or allow Mailwasher to start it automatically) and Benign will also automatically do its thing. It all amounts to two full layers of protection before anything ever reaches your regular e-mail software.

Cons: Benign will catch all known and future e-mail viruses and worms, but cannot catch viruses downloaded from the Internet or transferred from disk. Therefore it is still advisable to run up-to-date antivirus software.

Pros: Superb companion program for Firetrust's flagship product Mailwasher Pro. Running the two of them provides excellent protection. Running the two of them alongside decent antivirus software is an even better idea. Running Benign, Mailwasher, your antivirus software and a firewall (ZoneAlarm, NetDefense, Norton, etc.) create an extremely secure environment. Benign works fast, doesn't slow down your e-mail routine, does its job effectively and is transparent when running. An excellent weapon to add to your e-mail arsenal. Highly recommended.