|
 |
|
General Information
|
Add To My Personal Library |
September 9, 2005
• Vol.27 Issue 36
Page(s) 31 in print issue
|
Alive & Well: Unsolicited Commercial Email
Edge Defense & Recurrent Pattern Detection To The Rescue
|
Spam: It’s a bit like being stung by a hornet. You didn’t ask for it, but you’re definitely feeling the sting. No enterprise is spared from the possibility of being spammed. The volume of unwelcome bulk messages is growing more and more every day. But what’s worse than the volume are the techniques being used to lure users into spam traps.
Willy Leichter, director of product marketing at Tumbleweed Communications, says spam has evolved into a nasty beast. “Spam is becoming increasingly malicious and fraud-driven. Spammers have moved beyond just selling questionable products to actively trying to steal valid email addresses, hijack remote systems, and commit identity theft and financial fraud. As mass attacks become easier to detect, spammers are also moving towards more localized, smaller scale, and often more dangerous attacks, trying to trick individual users into revealing account information.”
 Trends & Tools
Leichter says current spamming trends are also heating things up. “The war on spam is rapidly moving beyond just tracking the reputation of known spam senders or scanning the content of spam messages to determine its content or intent. While these techniques continue to be important and most antispam vendors offer them, they miss the growing trend of spammers sending messages from unknown domains or hijacked zombie machines.”
Richi Jennings, lead email security analyst at Ferris Research, says, “The most accurate spam filters are using a cocktail approach. They run a battery of tests on each incoming message, ending up with a score for the message that estimates how likely it is that it’s spam.” Jennings says some of the smarter tools check to see if the sender shows signs of being a zombie or a spam tool. For example, does the sender follow standards correctly, react well to a temporary failure, or react well to being slowed down?
Some of the latest spam fighting trends, Leichter says, include the prevention of spam precursors, such as DHA (directory harvest attacks), that are designed to steal valid email addresses for future spam attacks and the detection of real-time outbreaks of mass spam attacks from multiple sources. Tumbleweed’s strategy, however, is making a big impact on the enemy.
The California-based Internet communication solution provider has recently deployed two new technologies that are proving to be very effective in eliminating spam, reducing false positives, and helping IT departments cope with a huge increase in raw email volume. The two new areas include Edge defense for perimeter protection and RPD (Recurrent Pattern Detection) for outbreak detection.
The Heavy Stuff
Edge defense is new Tumbleweed technology that defends email systems from DHAs, email DoS attacks, malformed SMTP, and other spam precursors. Leichter says, “By protecting the perimeter, organizations can rapidly and inexpensively eliminate over 70% of their raw email traffic without scanning content. Cost savings can be dramatic as organizations no longer have to overinvest in adding email servers or expanding their storage capacity to handle the onslaught of traffic. In many cases organizations that have deployed Edge defense have seen their raw email traffic actually decline over time, as spammers look for more vulnerable sources for DHA attacks.”
Tumbleweed has also recently integrated ground-breaking RPD technology from Commtouch, which provides real-time protection from large-scale worldwide spam outbreaks. RPD technology can detect patterns of mass spam outbreaks in any language, even if they are coming from multiple domains or thousand of zombie systems. Instead of zeroing in on individual messages, RPD technology detects the outbreaks themselves and blocks all messages associated with them. The biggest advantage of RPD is that it overcomes a key industry issue: the response time to new threats.
In the enterprise spam equals lost productivity, clogged email servers, and malware infections. But spam may not be a long lived problem in the enterprise, as some analysts are estimating that email spam will not be a problem by 2007. Jennings actually predicts the death of email spam. “As more people’s mailboxes are protected by antispam filters and as those filters get more accurate, fewer spam messages get delivered, so fewer products get bought from spam, so less commission goes to spammers, so the economic incentive to spam dries up." But until spam meets its demise, stay friends with companies like Tumbleweed. 
by Chris A. MacKinnon
|
|
