IDG News Service - Antispam company Postini Inc. is now rejecting more than half of all attempts to send e-mail to its customers, in part because of increased activity from compromised home computers that have been turned into "zombies" for sending unsolicited commercial e-mail.
The company is dropping 53% of all e-mail connections that use the Simple Mail Transfer Protocol (SMTP) without reading the content of the e-mail messages. That's a sharp increase since the company began aggregating information about troublesome Internet addresses from across its customer base, said Andrew Lochart, director of product marketing at Postini.
The Redwood City, Calif.-based company manages e-mail for about 3,300 companies and 5 million e-mail users. Postini uses its own algorithms to spot spam, denial-of-service attacks and other threats by analyzing the behavior of Internet-connected machines that send e-mail and, after that, the message content.
Since October 2003, the company began aggregating information on Internet Protocol addresses of machines attempting to e-mail its customers and dropping connection attempts from IP addresses that are behaving suspiciously. Since that time, the percentage of dropped connections swelled from 35% of all connections to the current 53%, he said.
"We're cross-correlating spam and virus attacks for all our customers, and that allows us to block an even greater percentage of messages without even looking at the content," he said.
Home computers connected to the Internet through large Internet service providers (ISP) are responsible for 36% of all dropped connections. Loosely configured machines called "open relays" and other compromised computers account for the rest of the dropped connections, he said.
Of the 47% of e-mail connections accepted, 76% of the mail accepted is spam and 1% to 2% are viruses. Only 11% of the 10.75 billion SMTP connections the company receives each month constitutes legitimate e-mail messages, Postini said.
Spam and the problem posed by compromised home computers have been attracting more attention in recent months. Leading ISPs, including Comcast Corp., have begun kicking zombie machines off their networks. At the same time, numerous companies and international standards organizations are evaluating technology standards that, if widely adopted, would allow companies to verify the source of e-mail messages and stop address spoofing, a common technique spammers use to disguise the origin of their messages.
In June, The Anti-Spam Technical Alliance, an industry organization representing e-mail providers Yahoo Inc., Microsoft Corp., America Online Inc. and EarthLink Inc., released recommendations for ending spam, including a list of suggestions and best-practice recommendations for ISPs, e-mail service providers, governments, corporations and bulk e-mail senders.
Microsoft is also
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
