26 July 2005
Spam block has its own ethical issues
couple of years ago, this column featured the prediction that the junk e-mail problem would be coming under control right about now. So much for clairvoyance.Sign up for: Globe Headlines e-mail Breaking News Alerts Instead, between 60 and 70 percent of the world's e-mail is spam. Even a federal anti-spam law and a number of high-profile federal prosecutions haven't put a kink in the hose. With so many junk mail marketers on the loose, locking up a couple here and there makes hardly any difference. Distracted by terrorism, drugs, and organized crime, cops won't hammer the spammers with an all-out nationwide dragnet, the only strategy that might work.
Perhaps technology can save us: more aggressive spam filters, maybe, or new technologies that will identify and block spammers before they can run wild. Many such ideas are making the rounds; why haven't they paid off? In large part, because spam-fighters have spent so much time sparring among themselves.
Just look at the dispute over Sender ID, an e-mail authentication system backed by Microsoft Corp. Most spam contains phony return addresses, making it hard to track the filth back to its lair. Sender ID would add a feature to the e-mail system that would enable it to confirm the true origin of a piece of e-mail, thus making it harder for spammers to hide. It's not a cure-all -- you would still need to block the spam. But that's a lot easier when you've accurately identified the source.
But will Sender ID work? A recent study by a panel of technical experts found that the system has a host of technical problems. That hasn't stopped Microsoft from trying to patent key portions of the technology. This move terrified other firms, who don't want their e-mail put at the mercy of the world's most merciless software company. So some of them have rallied around an alternative authentication system developed by the search company Yahoo Inc.
The Internet Engineering Task Force, which must decide on the best technical solution, is still thinking about it. ''No consensus has yet been reached concerning a single technical approach," the task force said last month, news that no doubt warmed many a spammer's heart.
It's enough to make you feel trapped, desperate, eager to strike back with any tool at hand. So an Israeli entrepreneur's plan to choke spam at its source has a certain spiteful appeal.
''We're looking for people who are willing to stand up for their online rights," said Eran Reshef, founder and chief executive of Blue Security Inc. The company, in Menlo Park Calif., and Herzliya, Israel, has scared up $3 million in venture funding from Benchmark Capital. Now it's rounding up a digital posse to unleash against the companies that torment us
Perhaps technology can save us: more aggressive spam filters, maybe, or new technologies that will identify and block spammers before they can run wild. Many such ideas are making the rounds; why haven't they paid off? In large part, because spam-fighters have spent so much time sparring among themselves.
Just look at the dispute over Sender ID, an e-mail authentication system backed by Microsoft Corp. Most spam contains phony return addresses, making it hard to track the filth back to its lair. Sender ID would add a feature to the e-mail system that would enable it to confirm the true origin of a piece of e-mail, thus making it harder for spammers to hide. It's not a cure-all -- you would still need to block the spam. But that's a lot easier when you've accurately identified the source.
But will Sender ID work? A recent study by a panel of technical experts found that the system has a host of technical problems. That hasn't stopped Microsoft from trying to patent key portions of the technology. This move terrified other firms, who don't want their e-mail put at the mercy of the world's most merciless software company. So some of them have rallied around an alternative authentication system developed by the search company Yahoo Inc.
The Internet Engineering Task Force, which must decide on the best technical solution, is still thinking about it. ''No consensus has yet been reached concerning a single technical approach," the task force said last month, news that no doubt warmed many a spammer's heart.
It's enough to make you feel trapped, desperate, eager to strike back with any tool at hand. So an Israeli entrepreneur's plan to choke spam at its source has a certain spiteful appeal.
''We're looking for people who are willing to stand up for their online rights," said Eran Reshef, founder and chief executive of Blue Security Inc. The company, in Menlo Park Calif., and Herzliya, Israel, has scared up $3 million in venture funding from Benchmark Capital. Now it's rounding up a digital posse to unleash against the companies that torment us
Trend Micro announces network anti-spam services
SecureData, a member of the JSE-listed ERP.com Group, and the southern African distributor for Trend Micro security software, today announced the latter's Network Reputation Services, a portfolio of network-based anti-spam services that complement the company's existing anti-spam offerings.
The services represent the first offering resulting from the company's acquisition last month of Kelkea, Inc, an IP filtering and reputation services provider.
Trend Micro Network Reputation Services respond directly to the continuing growth and difficulties of tackling spam. Although its abundance is nothing new to businesses - Gartner reported that approximately 90% of enterprise organisations' inbound e-mail is considered spam (Source: The Evolving Secure Email Boundary, 2005) - the adoption of spam-like techniques in carrying out malicious zombie and botnet attacks is creating a pressing need for advanced network-level protection.
Trend Micro Network Reputation Services provide that solution. According to Trend Micro, the services stop between 40% to 80% of connections from known offending IP addresses from sending suspicious e-mail into a network. This service is enabled by the Trend Micro Threat Prevention Network, which monitors the Internet and rates the 'reputation' of IP addresses based on whether or not they're sending spam. This information is stored in an extensive reputation database that Trend Micro believes to be the largest of its kind in the industry. By applying proactive protection at the network level, customers can increase productivity and support a continuous flow of business information while managing costly demands on bandwidth and administrative time.
"Once again, Trend Micro has executed quickly, converting the promise of an acquisition into flexible market-ready services that address a growing customer pain," commented Eva Chen, CEO of Trend Micro. "Trend Micro Network Reputation Services provide enhanced protection against existing and emerging threats. By stopping the bulk of spam at the IP address, our services protect customers from the rising threat of zombie attacks and botnets, both of which utilise spam-like techniques. These new services will ultimately help customers optimise bandwidth and other resources for business-critical operations."
The services complement Trend Micro's existing Spam Prevention Solution (SPS) as well as other anti-spam content filtering systems. Blocking spam at its source offloads the amount of e-mail that traditional messaging security solutions must filter and therefore can reduce the potential for threats to infiltrate the network.
Trend Micro Network Reputation Services consist of the following offerings:
* Trend Micro RBL+ Service: This service involves checking lists of suspect IP addresses from four databases -- an open-relay list, open proxy list, a real-time black-hole list, and a dial-up user list.* Trend Micro Network Anti-Spam Service (NAS): This advanced service consists of a dynamic list that queries a database focused on dynamic behavioural monitoring of suspect zombie PCs.
In addition to its anti-spam capabilities, Trend Micro plans to expand its reputation services to defend against phishing, pharming and other network-related threats.
The services represent the first offering resulting from the company's acquisition last month of Kelkea, Inc, an IP filtering and reputation services provider.
Trend Micro Network Reputation Services respond directly to the continuing growth and difficulties of tackling spam. Although its abundance is nothing new to businesses - Gartner reported that approximately 90% of enterprise organisations' inbound e-mail is considered spam (Source: The Evolving Secure Email Boundary, 2005) - the adoption of spam-like techniques in carrying out malicious zombie and botnet attacks is creating a pressing need for advanced network-level protection.
Trend Micro Network Reputation Services provide that solution. According to Trend Micro, the services stop between 40% to 80% of connections from known offending IP addresses from sending suspicious e-mail into a network. This service is enabled by the Trend Micro Threat Prevention Network, which monitors the Internet and rates the 'reputation' of IP addresses based on whether or not they're sending spam. This information is stored in an extensive reputation database that Trend Micro believes to be the largest of its kind in the industry. By applying proactive protection at the network level, customers can increase productivity and support a continuous flow of business information while managing costly demands on bandwidth and administrative time.
"Once again, Trend Micro has executed quickly, converting the promise of an acquisition into flexible market-ready services that address a growing customer pain," commented Eva Chen, CEO of Trend Micro. "Trend Micro Network Reputation Services provide enhanced protection against existing and emerging threats. By stopping the bulk of spam at the IP address, our services protect customers from the rising threat of zombie attacks and botnets, both of which utilise spam-like techniques. These new services will ultimately help customers optimise bandwidth and other resources for business-critical operations."
The services complement Trend Micro's existing Spam Prevention Solution (SPS) as well as other anti-spam content filtering systems. Blocking spam at its source offloads the amount of e-mail that traditional messaging security solutions must filter and therefore can reduce the potential for threats to infiltrate the network.
Trend Micro Network Reputation Services consist of the following offerings:
* Trend Micro RBL+ Service: This service involves checking lists of suspect IP addresses from four databases -- an open-relay list, open proxy list, a real-time black-hole list, and a dial-up user list.* Trend Micro Network Anti-Spam Service (NAS): This advanced service consists of a dynamic list that queries a database focused on dynamic behavioural monitoring of suspect zombie PCs.
In addition to its anti-spam capabilities, Trend Micro plans to expand its reputation services to defend against phishing, pharming and other network-related threats.
Spam filter may have blocked news items
A new spam filter may have stopped some submissions sent by readers using one of the forms on The News-Review's Web site in recent weeks.E-mail sent directly to a specific News-Review address was not affected. Anyone who has used one of the forms on newsreview.info since June 6 should contact the newspaper to see if the information arrived, or simply resend it. The technological glitch has been solved.The forms that may have not functioned properly are the ones used to submit news for the Community page and letters to the editor
Open-source spam filter advances
Open-source spam filter ASSP has been upgraded with a much improved administration interface, Sender Policy Framework (SPF) support, SMTP session limits, IP connection limits and a much better statistics page for reporting on mail traffic.
ASSP is a Perl program, so the same software runs on Linux, Unix, Windows, OS X and most other systems for which a Perl interpreter is available. The upgrade can be downloaded from the first URL below.
The most noticeable addition is the SPF support. The SPF protocol is designed to prevent messages with incorrect return-addresses from being delivered. Because most spam currently has a forged return address, this approach might rapidly become an effective anti-spam measure.
However, SPF requires domain owners to update their Domain Name System (DNS) servers to incorporate SPF-related information. It also requires recipients to verify the extra SPF details. Rather than needing to update all desktop systems, the latest ASSP software could handle this verification for an entire mail system.
The other new features are likely to interest mail system administrators.
The SMTP connection limit can be used to reduce the amount of ASSP work taken by a particular server, which could be used to manage the overall CPU utilisation on a busy server. Similarly, the IP connection limits restrict the number of connections from individual IP addresses, which would be a boon when a firm is suffering a denial of service (DoS) attack on its mail system.
DoS attacks are often caused either by extortionists attempting to disturb normal business processes, or as a side-effect of viruses.
An FBI/Computer Security Institute report released in June said over 99 percent of firms use antivirus tools, but despite this virus incidents were the most common computer security problem in 2004, with 78 percent of firms surveyed reporting virus infections.
These incidents are estimated to have cost US organisations some $55m. The same report said that DoS attacks were the next most expensive security problem.
The web-based administration interface for ASSP includes an improved hierarchical structure to hide unwanted options.
ASSP is a Perl program, so the same software runs on Linux, Unix, Windows, OS X and most other systems for which a Perl interpreter is available. The upgrade can be downloaded from the first URL below.
The most noticeable addition is the SPF support. The SPF protocol is designed to prevent messages with incorrect return-addresses from being delivered. Because most spam currently has a forged return address, this approach might rapidly become an effective anti-spam measure.
However, SPF requires domain owners to update their Domain Name System (DNS) servers to incorporate SPF-related information. It also requires recipients to verify the extra SPF details. Rather than needing to update all desktop systems, the latest ASSP software could handle this verification for an entire mail system.
The other new features are likely to interest mail system administrators.
The SMTP connection limit can be used to reduce the amount of ASSP work taken by a particular server, which could be used to manage the overall CPU utilisation on a busy server. Similarly, the IP connection limits restrict the number of connections from individual IP addresses, which would be a boon when a firm is suffering a denial of service (DoS) attack on its mail system.
DoS attacks are often caused either by extortionists attempting to disturb normal business processes, or as a side-effect of viruses.
An FBI/Computer Security Institute report released in June said over 99 percent of firms use antivirus tools, but despite this virus incidents were the most common computer security problem in 2004, with 78 percent of firms surveyed reporting virus infections.
These incidents are estimated to have cost US organisations some $55m. The same report said that DoS attacks were the next most expensive security problem.
The web-based administration interface for ASSP includes an improved hierarchical structure to hide unwanted options.
SpamSweep spam filter for Mac OS X released
Bains Software has released SpamSweep 1.0, a new spam filter for Mac OS X. SpamSweep is an advanced bayesian spam filter with a simple, easy-to-understand interface. SpamSweep seamlessly combines many filtering technologies, including domain and relay blacklists, sender whitelisting, and a bayesian filter to automatically delete spam messages before they're downloaded by your email client. SpamSweep can notify you when you have new good mail by playing a sound, displaying the new messages in a floating window, or launching your email client. The $20 shareware runs on Mac OS X 10.3 or later; a 15-day trial is available online.
