With the deluge of unwanted e-mails that flow into corporations showing no signs of easing, anti-spam software maker Brightmail is offering a new service designed to identify IP addresses that send mostly junk mail.

Called the Brightmail Reputation Service, this new feature monitors hundreds of thousands of e-mail sources to determine how much mail sent from these addresses is legitimate and how much is spam, says Ken Schneider, CTO of Brightmail. The company gathers information from user reports and from its Probe Network - a collection of decoy e-mail in-boxes designed to catch spam - to determine whether a given IP address sends valid or junk messages. There are about 300 million end users of Brightmail's software, the company says.

"Enterprises hate seeing the same IP addresses banging them all day long. . . . Now they can terminate the conversation a lot earlier," Schneider says.

The service creates a profile of each e-mail source from which administrators can decide whether to block mail from these sources or allow it into the company. Brightmail also will make available a "safe list" of e-mail addresses that have never sent spam to users of the Reputation Service free of charge, Schneider says.

"If an [IP address] produces 99 to 100% spam day after day . . . our enterprise product uses that as strong evidence" for blocking that address, Schneider says. "On the opposite end, we also track IP addresses that produce nothing but legitimate mail for the last six months. Users might want to route those [messages] around the filters and not pay the processing hit."

With its new service, Brightmail is attempting to strike a balance between blocking IP addresses that send spam and ensuring that legitimate mail gets through to its destination. To avoid "over-blocking," the Reputation Service continuously monitors e-mail sources and will update the profile of a given IP address if its status appears to change, the company says. For example, if an address considered to be a spam source doesn't send unwanted messages for a given time period, Brightmail will update that source's profile, Schneider says. The service will update the status of IP addresses on an hourly basis.

Brightmail says that one form of spam fighting - such as its Reputation Service - isn't enough; companies trying to bring the amount of spam in their in-boxes down to a miniscule level must use many filters.