New technology from IBM is designed to stop spam by identifying the Internet domain it came from, and can help spot online scams such as phishing attacks and e-mail spoofing.

The company Tuesday announced the release of FairUCE, or "Fair use of Unsolicited Commercial Email" for the company's alphaWorks advanced technology program, citing a newly released IBM survey that found spam is 76% of all e-mail and may cost U.S.companies $17 billion to fight this year. The technology uses identity management features to link inbound e-mail back to its original IP address, establishing a connection between an e-mail message, the Internet domain and the computer from which the e-mail was sent, IBM said.

AlphaWorks is a program that distributes technological innovations to developers around the world who sign on as "early adopters" of technology developed by IBM's global research labs. FairUCE will allow alphaWorks software developers and third party vendors to build more effective spam filtering technology, IBM said.

IBM researchers acknowledge that FairUCE is not a fully-blown antispam product, only an early version of technology that could one day be used in the marketplace.

"We'd like to see whether early adopters consider the technology an innovative approach to handling a massive problem," said Mark Goubert , manager of alphaWorks. "We want to find out how innovators and early adopters would use it in their environments and get their feedback."

FairUCE software runs on e-mail servers. It pulls IP address out of e-mail messages, then compares those against one or more databases of known spammers, said Goubert.

Unlike many spam filtering technologies, which use message content to determine whether an e-mail message is spam, FairUCE links inbound e-mail back to IP addresses. That allows IBM to spot messages from compromised, or "zombie" computers, as well as legitimate e-mail servers, IBM said.

Other logic built into the technology allows FairUCE to weed out good and bad IP addresses from large Internet service providers like Yahoo Inc., so that not all mail from those domains is blocked. The product can also flag e-mail from servers based on "longevity" - how long the sending server has been online, Goubert said.

Recent data from e-mail security company CipherTrust suggests that e-mail "bad senders" frequently use new IP addresses, which may not be listed in databases of known spammers. Traffic from those machines is often attributed to zombie PCs that go on and offline frequently.

The IDG News Service is a Network World affiliate.