The state of spam: An interview with Jamie de Guerre, Part 2

* Cloudmark CTO gives an update on company's efforts to fight spam

What does the future hold for fighting spam? My two-part interview with Jamie de Guerre, CTO of Cloudmark, concludes today.

How do you see Cloudmark evolving? I know that you issue periodic updates to the software - what have you been doing to improve the product?

For e-mail threats, Cloudmark is continuing to innovate. This includes several new road map areas:

1. Cloudmark Sender ReputationCloudmark just launched the Cloudmark Sender Reputation Service, a feature shipping on our edge mail transfer agent (MTA) solution, Cloudmark Gateway. This service identifies _sources_ of spam almost instantly around the globe, including rapidly evolving botnets. Cloudmark’s solution traditionally worked at the content layer by filtering messages based on the contents of the message and identifying messages sources in the Cloudmark Global Threat Network as spam, phishing or virus.2. Outbound Protection, Zombie Identification and RemediationCloudmark will be offering service providers a Zombie Identification Service that identifies and remediates bots within their network.3. Cloudmark ActiveScanCloudmark ActiveScan enables highly efficient rescanning of messages - so that even if a spam message gets through initially, Cloudmark can still take action on it as soon as the spam is discovered.

In addition to these improvements in Cloudmark’s e-mail security solutions, we are expanding into other messaging markets that need the same leading edge security that Cloudmark provides for e-mail. The first of these markets is mobile messaging. In many parts of Asia, people already get more spam on their mobile phone over Short Message Service (SMS) than they do in e-mail. This problem is going to grow elsewhere with the growing popularity of mobile messaging and as mobile-service providers enable new services like mobile e-commerce.

Cloudmark’s solution is flexible in filtering any messaging threat. Therefore, Cloudmark will evolve into other new markets that are also start to have security issues and are increasingly attacked by spammers, phishers and other attackers. Stay tuned - you may hear some announcements in this area soon.

How do you see the battle against bots? Are you focusing on outbound spam?

Yes, as part of Cloudmark’s sender reputation strategy, we are working to identify zombie PCs and providing a real-time Zombie Identification Service to operators as part of our outbound protection offering. We are also partnering with several companies that provide automated remediation solutions and transparent proxy solutions that can filter outbound spam sent on networks that have not closed port 25 (i.e., open spam relays).

What's your long-term view of the spam fighting project? Do we have any hope?

Fundamentally, spam is all about economics. As long as e-mail is one of the most popular applications on the Internet, attackers will be motivated to evade the latest defenses and find ways to monetize the medium. Therefore, Cloudmark believes in creating security solutions that can evolve and respond quickly to these adaptations and design solutions to enable the fastest possible protection.

Will IPv6 significantly improve our chances of winning the battle?

IPv6 will dramatically increase the addressable IP space for the Internet. With IPv4, there are 4,294,967,296 possible unique addresses. IPv6 increases that to 2^128. As it relates to spam, several orders of magnitude more addresses means dramatically more IP space to hide in, making sender reputation-based techniques for stopping spam much less effective. Support for mobile handsets means more sources and destinations for spam and thereby a bigger pool of devices for spammers to attack. Finally, IPv6 means that spam will have other media to mutate into, including voice and video.

While there are some additional security mechanisms built into IPv6, these do not make a significant difference for spam. So unfortunately, IPv6 increases the threat space and makes things more difficult as opposed to improving our chances of winning the battle on spam. (Compare antispam products)

[Note from MK: for the record, I have no involvement with Cloudmark other than as a paying user of their services.]

* * *

About Jamie de Guerre

As CTO, Jamie is responsible for Cloudmark’s technical strategy and roadmap. Additionally, Jamie manages Cloudmark’s Technology Services, Sales Engineering and ISP Support teams, ensuring a tight bridge between customers and internal technical development.

Since joining Cloudmark in 2003, Jamie has played a central role in shaping Cloudmark’s products and technologies. Jamie started as a core member of the design team writing the first design specifications for Cloudmark Server Edition and multiple versions of Cloudmark Authority. Jamie was also instrumental in dramatically growing Cloudmark's Global Threat Network, with the invention of the Cloudmark Network Feedback System enabling automatic incorporation of feedback from all subscribers within a service provider's network.

Learn more about this topic

 
Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2008 IDG Communications, Inc.