TrustedSource 3.0 tracks 50 million IP addresses, then uses that data to detect spam.
E-mail security company CipherTrust Inc. on Monday rolled out an upgrade to its E-mail reputation filter, TrustedSource 3.0.
The upgrade, which is available to existing customers and will be integrated into the company's IronMail message security appliance, tracks some 50 million IP addresses that send E-mail to CipherTrust's network of customers. TrustedSource 3.0 uses the data gathered to help determine whether a message is spam.
A number of other E-mail security companies also filter based on reputation, including IronPort Systems, Postini, MessageLabs, and Symantec's Brightmail. Not all anti-spam vendors, however, handle enough messages to effectively evaluate senders' reputations.
"The key thing in establishing an effective reputation service is it's all about the volume," says Matt Cain, senior VP at research firm Meta Group. "The more data points you can gather, the more reliable that information becomes over time. Given that CipherTrust has one of the best-selling products out there, they do have a broad enough network where they can build a fairly effective reputation service."
CipherTrust has found that 30% of the average enterprise's incoming messages come from IP addresses that seldom send E-mail. These addresses, the company says, have a high probability of being "zombie" machines. Given that its network detects 18,000 new zombies an hour, it makes sense that such information might prove useful in blocking spam.
Reputation is only one of many metrics used to determine whether an E-mail message should be blocked. Bayesian analysis, heuristics, header analysis, content filtering, and spam signatures all have their uses in evaluating messages. But because spammers have become so sophisticated in the techniques to bypass content filters, many in the industry see reputation as a more promising approach. That's because bad behavior is more evident than deceptive text.
Says Matt Anthony, director of product marketing at CipherTrust, "We think reputation is really going to be critical to E-mail security going forward."
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.
InformationWeek Tech Digest, Nov. 10, 2014Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?