• United States

IronPort looks to be e-mail’s guardian

Sep 27, 20047 mins
MalwareMessaging AppsNetworking

“E-mail is broken, and we’re going to fix it,” says Scott Weiss of his company IronPort Systems. That’s quite a claim, coming from the CEO of a start-up that was founded just three years ago and hasn’t yet turned a profit.

“E-mail is broken, and we’re going to fix it,” says Scott Weiss of his company IronPort Systems. That’s quite a claim, coming from the CEO of a start-up that was founded just three years ago and hasn’t yet turned a profit.

Few people would argue with the first half of Weiss’ statement, given that spamphishingviruses and other abuses are making it difficult to trust e-mail. But fewer still would agree that one company can single-handedly cure all the problems that plague e-mail.

But in the crowded market of companies trying to chip away at e-mail abuse, Weiss says he believes IronPort is poised to take a leading role. “It’s our ball to fumble,” he says.

“We’re looking at [IronPort] as a potential top player in this market,” says Sara Radicati, president of analyst firm The Radicati Group. IronPort’s appliance approach to fighting spam, which the analyst group favors, combined with its strength in U.S. and European corporations and effective channel strategy, make the company a contender.

The anti-spam market is crowded, to say the least – Radicati says there are about 300 companies currently selling some sort of spam protection – as vendors rush to provide solutions to a problem with an exponential growth rate. IronPort’s competition breaks down into three main groups; companies such as CipherTrust, Mirapoint and Proofpoint that also sell appliances armed with anti-spam technology; enterprise software companies such as Symantec, MailFrontier and Cloudmark; and service providers such as Postini and FrontBridge.

However, Radicati says there are a number of companies vying for that spot. It seems this market is not one company’s ball to fumble just yet.

IronPort makes Mail Transfer Agent gateway appliances, which are used mostly by large companies and ISPs to send and receive e-mail while filtering inbound messages for spam and viruses, and outgoing traffic for adherence to corporate and regulatory policies.

Although IronPort’s anti-spam filters are licensed from Symantec and its virus protection from Sophos, the company has developed a number of related offerings in-house. These include a reputation service that rates a sending history of an IP address and its Bonded Sender program that certifies legitimate bulk e-mail senders.

The company also owns, a service it acquired last year that lets e-mail users report spammers. The service has been the target of lawsuits by e-mail senders who feel they’ve wrongly been labeled spammers – in fact SpamCop’s Web site asks for donations to be used in its legal battles. Earlier this month SpamCop settled a case with, in which the e-mail sender charged SpamCop with defamation and unfair trade practices. Terms of the settlement were not disclosed.

Weiss says IronPort is looking beyond just fighting spam to network abuses as a whole because organizations are dealing with more serious threats than the headaches of junk e-mail. So is the rest of the industry; few vendors are selling just anti-spam filters as they jockey to meet companies’ e-mail security needs.

And while anti-spam companies are bulking up their offerings – CipherTrust recently launched a reputation-based authentication tool, and Symantec has relaunched Brightmail’s anti-fraud service – large security vendors that want to sell their customers spam protection would rather acquire existing technology than reinvent the wheel. The result is an industry in transition, as large companies snap up small ones and anti-spam vendors attempt to distinguish themselves in a bid to remain standing after the pending shakeout.

The most notable acquisition so far was Symantec’s $370 million purchase in June of Brightmail, an anti-spam filter maker that many thought would become the first publicly traded company in the sector. More consolidation is expected, but there also will be room for a few independent players, says Forrester Research’s Jonathan Penn, who concurs with Radicati that IronPort could be one of them.

Weiss says he isn’t eager for IronPort to become the anti-spam market’s first public company, a distinction that would generate significant attention and could point to how this market will shake out.

“You can either be first, or you can be best,” says Weiss of going public. “It’s never been a goal at IronPort to be a public company, but a large, profitable company.”

IronPort won’t reveal financial information, other than to say that revenue for 2004 will approach $35 million.

While most anti-spam companies put extensive resources into developing their own technology for detecting and catching unwanted messages, IronPort relies on SenderBase, its reputation service with a database that logs how much e-mail IP addresses are sending, to distinguish its appliances. “We get paid for the appliances. That’s where the revenue comes from, but SenderBase is the brains,” says Tom Gillis, IronPort’s senior vice president of worldwide marketing.

CEO:Scott Weiss
Location: San Bruno, Calif.
Business:E-mail security hardware and software.
Key customers: Aetna, Liz Claiborne, Time Warner, George Washington University.
Financing:$50 million in venture capital from firms including Menlo Ventures, Allegis Capital, Chevron Texaco.
2004 revenue:Roughly $25 million to $35 million.

SenderBase collects data by tracking mail sent to the in-boxes of its appliance users to determine which IP addresses on the Internet are sending the most messages. This information is delivered to IronPort’s customers as a service; organizations can decide whether to block traffic coming from high-volume senders. “We don’t pass any judgment on the data, we present it to the customer in an informed way,” Gillis says.

The company says that by providing this information, SenderBase places IronPort above the competition. But a competitor says that without its own patented e-mail filtering technology, IronPort is in a precarious spot.

“Given that they don’t have expertise around spam [technology] specifically – they license it – puts them in a really challenging position,” says Sandra Vaughan, senior vice president of marketing with Proofpoint, which sells anti-spam appliances and server software. “They’re not really in control of their destiny from that standpoint.”

However, it was this licensing of spam filters that led Key Services, the IT management company for Key Bank, to choose IronPort when evaluating anti-spam products last year.

“I think the fact that they’re willing to partner with [other vendors] rather than come up with everything in-house will work to their advantage,” says Mark Fitzgerald, Key Services’ technology specialist. The company has 20,000 e-mail users and was looking for an appliance approach to fighting spam, but also wanted to use Symantec’s filters because of their low false-positive rate.

Fitzgerald chose IronPort to get this combination, but also because the company focuses on technology such as SenderBase that goes beyond spam filters. Since e-mail passes through IronPort’s reputation filters first, “it’s not slowing down the mail flow by having to check every single e-mail against the Brightmail filters,” he says.

IronPort plans to take what it learns from SenderBase regarding spam and apply it to other network abuses. For example, the company this month will release its Virus Outbreak Filters for its gateway appliances that spot and trap viruses based on a number of clues, such as a high volume of messages sent from a new IP address that also contain the same file type attachment and have similar content. The company is considering a similar approach to catching phishing attacks.

IronPort also sells e-mail appliances dedicated to sending commercial messages that include delivery controls designed to increase the chances of mail being received, instead of caught in spam filters. While IronPort maintains it only sells these appliances to legitimate e-mail marketers, a competitor says IronPort is contributing to the overall spam problem.

“You’re buying Kevlar vests from the people who make bullets, too,” says Mike Rothman, vice president of marketing with CipherTrust, which also makes e-mail security appliances. “IronPort is arming the people we spend all day and night trying to defeat.”

Forrester’s Penn disagrees that selling appliances to mass e-mail senders is a questionable business. “Is it unethical to sell something to Travelocity or American Express? They need to do high-volume messaging,” Penn says. “Just because you send out a lot of e-mail doesn’t mean you’re a spammer.”