CipherTrust, Cloudmark develop new spam-catching techniques

As spammers continue to come up with news ways to reach more e-mail users with their unwanted commercial messages, security vendors keep working on new techniques for blocking spam. On Monday, CipherTrust and Cloudmark each announced new twists to their spam-fighting measures.

CipherTrust, slated to become a part of Secure Computing on September 8 once the announced acquisition plans are approved, has added new fingerprinting techniques to its TrustedSource reputation system that is part of its IronMail messaging gateway appliance, says Paul Judge, CTO of CipherTrust.

The company has added fingerprinting techniques, which break a document down into components and assign unique alphanumeric identifiers to each portion so they can be easily identified, giving the reputation system another way to spot spam. Currently the system identifies IP addresses known to have sent spam and can block e-mail coming from them for a certain length of time; with fingerprinting, the system can now also check inbound mail to see if it matches known spam messages that have been fingerprinted, and block them accordingly.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

As spammers continue to come up with news ways to reach more e-mail users with their unwanted commercial messages, security vendors keep working on new techniques for blocking spam. On Monday, CipherTrust and Cloudmark each announced new twists to their spam-fighting measures.

CipherTrust, slated to become a part of Secure Computing on September 8 once the announced acquisition plans are approved, has added new fingerprinting techniques to its TrustedSource reputation system that is part of its IronMail messaging gateway appliance, says Paul Judge, CTO of CipherTrust.

The company has added fingerprinting techniques, which break a document down into components and assign unique alphanumeric identifiers to each portion so they can be easily identified, giving the reputation system another way to spot spam. Currently the system identifies IP addresses known to have sent spam and can block e-mail coming from them for a certain length of time; with fingerprinting, the system can now also check inbound mail to see if it matches known spam messages that have been fingerprinted, and block them accordingly.

“Once we’ve seen messages from known bad senders, when we see [the same message] coming from unknown senders we know they’re spam,” says Judge.

The new feature, called TrustedSource Message Reputation, analyzes thousands of fingerprints for each inbound message, including any embedded images and attachments, looking for a match. This method can be particularly helpful in combating image-based spam, or messages in which the text is embedded in an image and therefore can’t be read by traditional filters, which has jumped from 10% of all spam messages in May to 30% currently, says Judge.

TrustedSource Message Reputation is included with Version 6.1.1 of the IronMail appliance, which is priced starting at $9,995.

Cloudmark on Monday also announced new spam-catching techniques collectively called Content Disposition that are designed to distinguish among the different types of malicious e-mail – including spam, viruses and phishing attacks – so that appropriate actions can be taken for each type of abuse.

Content Disposition has been integrated into Cloudmark’s Authority gateway software and is designed for ISPs that need to manage a wide range of content policies and end-user preferences, according to company officials. By being able to distinguish among these different threats, ISPs can develop automated responses to them, such as automatically deleting e-mail that includes known viruses, they say, and more dangerous mail, such as phishing attacks, can be blocked more aggressively than merely annoying spam.

The new feature also lets ISPs more easily deal with grey mail, or messages that are spam to some and legitimate to others, such as newsletters, by ensuring those customers who want to receive them do while blocking such mail from those who don’t, officials say.