Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Wednesday, March 23, 2005

IBM releases new antispam technology

New technology from IBM Corp. is designed to stop spam by identifying the Internet domain it came from, and can help spot online scams such as phishing attacks and e-mail spoofing.

IBM announced the release of FairUCE, or “Fair use of Unsolicited Commercial Email” for the company’s alphaWorks advanced technology program, citing a newly released IBM survey that found spam is 76 percent of all e-mail and may cost U.S. companies US$17 billion to fight this year.

The technology uses identity management features to link inbound e-mail back to its original IP (Internet Protocol) address, establishing a connection between an e-mail message, the Internet domain and the computer from which the e-mail was sent, IBM said.

AlphaWorks is a program that distributes technological innovations to developers around the world who sign on as “early adopters” of technology developed by IBM’s global research labs.

FairUCE will allow alphaWorks software developers and third party vendors to build more effective spam filtering technology, IBM said.  IBM researchers acknowledge that FairUCE is not a fully-blown antispam product, only an early version of technology that could one day be used in the marketplace.  “We’d like to see whether early adopters consider the technology an innovative approach to handling a massive problem,” said Mark Goubert, manager of alphaWorks.  “We want to find out how innovators and early adopters would use it in their environments and get their feedback.”

The solution allows IBM to spot messages from compromised, or “zombie” computers, as well as legitimate e-mail servers, IBM said.  Other logic built into the technology allows FairUCE to weed out good and bad IP addresses from large Internet service providers like Yahoo Inc., so that not all mail from those domains is blocked. [Editors note: Similar to Symantec Appliance solution.]

Recent data from e-mail security company CipherTrust Inc. suggests that e-mail “bad senders” frequently use new IP addresses, which may not be listed in databases of known spammers.  The company’s Security Intelligence Services found that one of every 1.3 e-mail messages was spam, and that one of every 46 e-mail messages carried a virus, Trojan horse program or other malicious content, the company said.

Lost productivity from workers who must sort through the reams of spam e-mail, inconveniences caused by legitimate mail that is incorrectly labeled as spam and blocked and calls to corporate help desks are major sources of spam related expenses, IBM said.

Posted on 03/23