CipherTrust offers updated IronMail to fight spam

Network administrators and security staff now have additional tools with which to fight unwanted e-mail, courtesy of new antispam features unveiled today in CipherTrust Inc.'s IronMail e-mail security appliance.

The appliance runs a customized, hardened version of Unix along with other CipherTrust software and offers a suite of e-mail security options including an e-mail firewall and antivirus features. Users purchase licenses to the various options individually and are issued "license keys" to turn those features on, said Matt Anthony, director of marketing at the Alpharetta, Ga., company. The boxes ship with all the software preinstalled.

The antispam features announced today use a few relatively new methods for fighting unwanted e-mail, such as signatures and "checksums." These are combined with methods that have been used in the past, including lists of addresses commonly used by spammers, content filtering and so on, Anthony said.

IronMail uses the Razor distributed spam-detection and -filtering network from Cloudmark Inc., he said. Razor builds signatures to identify and block spam in much the same way antivirus software and intrusion-detection systems do, by using a series of automatic and self-reporting systems spread throughout the Internet. Once a signature for a spam mail is created, it can be distributed and blocked in the future.

Also included in IronMail's antispam package is information from the Distributed Checksum Clearinghouse (DCC), Anthony said. The DCC uses checksums, unique mathematical identifiers that are created by a distributed network of systems to identify, filter and block spam e-mails.

The new features augment more traditional antispam measures already used in the appliance such as the Real-time Blackhole List from Mail Abuse Prevention System LLC (MAPS) in Redwood City, Calif. The MAPS Real-time Blackhole List is a list of IP addresses that have been identified as relentless sources of spam that are provided to administrators for blocking, Anthony said.

The system also uses reverse Domain Name System (DNS) lookups, which attempt to authenticate the source of spam e-mails, he said. Many spam e-mails don't include their real source addresses and can thus be blocked based on reverse DNS information.

IronMail has succeeded in blocking spam that amounts to about 15% of the total e-mail traffic into Norfolk Southern Corp., according to Tony Samms, director of security information technology at the freight and natural resources company in Norfolk, Va.

Norfolk Southern began looking for a way to filter spam after an increase in unsolicited sexually explicit e-mail, Samms said. "In the last nine months, we saw a tremendous increase in the number of objectionable e-mails coming through," he said.

Only 1% to 2% of the traffic getting through IronMail to users is spam, said Samms, calling IronMail "very successful" in that regard.

CipherTrust's new antispam features are available now. They are priced based on the cost of the appliance and the cost of the e-mail security options chosen by the customer, Anthony said. A typical antispam installation will cost in the range of $35,000 to $40,000, he said.


Copyright © 2002 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon