IBM releases FairUCE antispam technology

It uses identity management to link an e-mail to its original IP address

IBM introduced technology today designed to stop spam by identifying the Internet domain it came from and to help spot online scams such as phishing attacks and e-mail spoofing.

The company announced the release of FairUCE, or Fair Use of Unsolicited Commercial Email, for the company's alphaWorks advanced technology program. It cited a newly released IBM survey that indicates spam makes up 76% of all e-mail and may cost U.S. companies $17 billion to fight this year.

The FairUCE technology uses identity management features to link inbound e-mail back to its original IP address, establishing a connection between an e-mail message, the Internet domain and the computer from which the e-mail was sent, IBM said.

AlphaWorks is a program that distributes innovations to developers around the world who sign on as early adopters of technology developed by IBM's global research labs. FairUCE will allow alphaWorks software developers and third-party vendors to build more-effective spam-filtering technology, IBM said.

IBM researchers acknowledge that FairUCE is not a full-blown antispam product but rather an early version of technology that could one day be used in the marketplace. "We'd like to see whether early adopters consider the technology an innovative approach to handling a massive problem," said Marc Goubert, manager of alphaWorks. "We want to find out how innovators and early adopters would use it in their environments and get their feedback."

FairUCE software runs on e-mail servers. It pulls IP addresses out of e-mail messages and then compares those against one or more databases of known spammers, said Goubert.

Unlike many spam-filtering technologies that use message content to determine whether an e-mail message is spam, FairUCE links e-mail to IP addresses. That allows IBM to spot messages from compromised, or "zombie," computers as well as legitimate e-mail servers, IBM said.

Other logic built into the technology allows FairUCE to weed out good and bad IP addresses from large Internet service providers like Yahoo Inc., so that not all mail from those domains is blocked. The product can also flag e-mail from servers based on "longevity" -- how long the sending server has been online, Goubert said.

Recent data from e-mail security company CipherTrust Inc. suggests that e-mail "bad senders" frequently use new IP addresses, which may not be listed in databases of known spammers. Traffic from those machines is often attributed to zombie PCs that go on- and off-line frequently.

IBM cited results from a February Global Business Security Index report to support FairUCE. The company's security intelligence services found that one of every 1.3 e-mail messages is spam and that one of every 46 e-mail messages carries a virus, Trojan horse program or other malicious content.

The cost to U.S. organizations of fighting spam has risen sharply in the past two years, from approximately $10 billion in 2003 to an estimated $17 billion in 2005, IBM said. Lost productivity from workers who must sort through the reams of spam e-mail, inconveniences caused by legitimate mail that is incorrectly labeled as spam and blocked, and calls to corporate help desks are major sources of spam-related expenses, IBM said.

FairUCE is available through IBM alphaWorks and can be downloaded from the company's Web site.

Other companies, including Microsoft Corp. and Yahoo, have proposed technology to weed out spam by checking the source of inbound e-mail, sometimes referred to as sender authentication.

Microsoft's Sender ID technology framework, for example, closes loopholes in the current system for sending and receiving e-mail that allow senders -- including spammers -- to fake, or spoof, a message's origin. With Sender ID, organizations publish a list of their approved e-mail servers in the domain name system. That record, referred to as the sender policy framework record, is then used to verify the sender of e-mail messages sent to other Internet domains using Sender ID.

Copyright © 2005 IDG Communications, Inc.

Shop Tech Products at Amazon