Spam: Arriving en masse to an e-mail address near you

Shifting from daily nuisance to serious IT and business concern, uncontrolled spam is prompting customers to arm themselves with tools to fight back against productivity loss, potential liability and bandwidth-clogging consequences that unsolicited commercial e-mail can bring to an enterprise.

Targeting a growing concern on the antispam battlefront, IronPort Systems Inc. yesterday introduced technology designed to prevent legitimate e-mail messages from being weeded out by antispam filters.

IronPort rolled out two e-mail delivery appliances based on the company's Virtual Gateway technology, which allows users to assign a specific outbound IP address to each message based on campaign or message type. The technology, in essence, creates a separate virtual machine for each mailing, separating critical transaction confirmation messages from other marketing messages that might be snared by a spam filter, according to Scott Banister, chairman and chief technology officer of IronPort, in San Bruno, Calif.

"Companies are finding that if they send out e-mail marketing newsletters, increasingly Internet service providers are deploying antispam systems that often inadvertently trap messages that are legitimate," Banister said. "No one wants to be throwing out babies with the bath water."

IronPort's Virtual Gateway ensures that even if a marketing message is trapped by a filter, other traffic being sent from the same infrastructure will be unaffected, he said. The two new delivery appliances, the A60 and A30, are designed for high- and low-volume requirements, respectively.

Similarly, Postini Inc. and BrightMail Inc. last week introduced new antispam products and services designed to help end users restore normalcy to workplace operations being hampered by hundreds upon thousands of e-mail messages targeting random in-boxes and servers over the Internet.

In fact, most corporate customers and service providers are oblivious to the massive amount of spam proliferation caused by automated e-mail address "harvesting" over the Web, said Joyce Graff, vice president and research director of Stamford, Conn.-based Gartner Inc.

Spam "is burning your resources; it's keeping your message transfer agent busy doing stupid things; it's clogging bandwidth, clogging disk space and, most important, stealing people's time," said Graff. "Even more important, it's creating a very upset work environment."

Graff said tools capable of launching a myriad of spam-related attacks are becoming readily available over the Internet. This enables even beginners to send out spam and fuels con artists to perpetrate hoaxes, identity theft, fraud, bulk junk mail and mass-market advertising. Spammers can easily set up and dispose of multiple free e-mail accounts to hide their tracks.

According to Graff, many spam attacks bombarding enterprises feature increasingly vulgar and insensitive content. This raises the question of whether a company is legally responsible for blocking inappropriate spam messages viewed by its employees.

Postini customer Lee Rocklage, IT manager at Redwood City, Calif.-based DPR Construction, estimated that about 40% of his company's daily e-mails at one time were spam. Before deploying Postini's Security Manager product, he noted that offensive e-mail proved a major distraction and was "the biggest complaint" from his employees.

"It became a concern," said Rocklage. "We're a service-oriented company, and having to sort through all of the unnecessary e-mails each morning to identify those that were important or required a quick response can be very time-consuming."

Last week, Postini announced the availability of Postini Perimeter Manager, Postini Security Manager and Postini Resource Manager, three new service offerings to heighten e-mail protection against spam, viruses and directory harvest attacks.

BrightMail, which offers a software license as well as a services model, made noise on the spam battlefield last week with the launch of BrightMail Anti-Spam 4.0 Enterprise Edition. Designed to support Microsoft Windows 2000 and Sun Solaris environments, the new version can remove randomness inserted by spammers in the header of an e-mail message body to reduce polymorphic spam attacks and can generate rules against slightly altered attacks, said Ren Chin, director of product development at San Francisco-based BrightMail.

Albert Rodriguez, president of Ann Arbor, Mich.-based ImageMaster Financial Publishing, said the annoyance of unwanted e-mails forced him to seek out a product such as SurfControl's Anti-Spam Agent, which could not only filter spam, but also provide his staff with the ability to flag or isolate e-mails for further inspection.

"The product is blocking spam, but it's doing it by allowing us to have control of exactly what comes through and what doesn't. If it weren't for that, we wouldn't have gotten it," said Rodriguez, who said a queue has been set up to flag key phrases, Web addresses and redirection attempts.

Graff said it is critical that customers stay away from generating false positives that could prevent legitimate business or e-mail messages from getting through even if it appears off-color.

Toward that concept, IronPort offers a Bonded Sender program, designed to integrate with the appliances, which lets companies use a financial bond to stand behind valid e-mail messages. Described as a kind of first-class postage stamp for e-mail, the Bonded Sender service signifies to Internet service providers and corporations that the message sender has a legitimate business relationship with the recipients, Banister said.

This story, "Spam: Arriving en masse to an e-mail address near you" was originally published by InfoWorld.


Copyright © 2002 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon