IronPort Systems has launched a new anti-spam system for its e-mail security appliances that employs reputation assessment technology to filter unwanted messages. The company announced this latest enhancement to its SenderBase technology on Monday.
The new technology measures the behavior and traffic patterns of a Web site to assess its trustworthiness in order to provide improved protection against spam, viruses, phishing and spyware threats.
“In the last six months, we have seen a 200 percent increase in e-mail borne spyware,” said Tom Gillis, senior vice president of Worldwide Marketing at IronPort Systems. “Clearly, the authors of these threats are blending e-mail, Web and even IM technologies to find the weak spot in the network.”
New Approach, Old Problem
Last year the Pew Internet Project conducted a study to assess the impact of the U.S. CAN-SPAM Act. The study’s findings included an increasing level of tolerance for spam among online users. Still, 52 percent of Internet users still considered spam “a big problem,” according to the study.
IronPort’s new system is designed to evaluate a message’s full context by analyzing what the message contains, its construction, the reputation of the sender, and, if applicable, the legitimacy of the Web site the e-mail directs a user to, in order to accurately distinguish friend from foe. It is one of many software companies working on what has become a persistent and increasingly complicated problem.
Microsoft, Yahoo, AOL and Earthlink (NASDAQ: ELNK) have worked with law enforcement agencies from the ISP side to sue spammers. Yahoo and Cisco lead an alliance that advocates cryptographic e-mail authentication.
Microsoft also supports the effort, known as DomainKeys, along with a technology called SenderID, which checks a registered list to determine if the message came from the domain name purported by the e-mailaddress.
The Common Denominator
Spam, viruses, phishing and spyware all have one thing in common: They are tools used by criminals and illicit marketers to make profits. The profits from these activities fund the development of new, more potent threats.
In December 2005, the Federal Trade Commission published a report entitled “Effectiveness and Enforcement of the CAN-SPAM Act: A Report to Congress,” which concluded that spam has become more targeted and devious. Today’s spam bypasses traditional content-based filters and uses a URL to deliver the spam message. Similarly, virus writers are increasingly using URLs embedded in e-mails to distribute the infected file and bypass traditional anti-virus defenses.
Bad Web Reputations
IronPort said its Reputation System broadens the context in which the message is evaluated, improving catch rate and accuracy. To combat the use of embedded URLs, IronPort has applied the concept of reputation to the Web. Its Web Reputation technology tracks more than 45 different network parameters to accurately evaluate the reputation of a given Web site.
The company said the keys to reputation accuracy comprise a large, diverse data set. IronPort’s SenderBase Network is fed by over 100,000 contributing sources, including eight of the 10 largest ISPs, a variety of Fortune 500 and Global 2000 enterprises and sources from every major geographic and customer segment.
A Social Problem
Coalition Against Unsolicited Commercial E-Mail (CAUCE) does not believe that technology will be able to stop spam. The organization promotes legislative efforts to stop unsolicited e-mail.
“We don’t believe that technology alone can stop spam. Some of the brightest technologists in the world have been trying to come up with anti-spam technology solutions for almost a decade now,” CAUCE co-founder John Mozena told TechNewsWorld.
“We think that treating spam as a social problem rather than a technical problem is the way to go. Spam is not out there because the Internet is broken. It’s out there because people and companies are making the decision to send it.”