Antispam help is on the way

In the last year, spam has grown from a nuisance to a nightmare for corporate network executives, who are scrambling to respond to the increased volume and objectionable content of unsolicited commercial e-mail messages sent to end users. In response, messaging vendors are beefing up their antispam filtering capabilities targeted at corporate customers.

In the last year, spam has grown from a nuisance to a nightmare for corporate network executives, who are scrambling to respond to the increased volume and objectionable content of unsolicited commercial e-mail messages sent to end users.

In response, messaging vendors are beefing up their antispam filtering capabilities targeted at corporate customers. Among the vendors that started shipping new antispam offerings in recent weeks are Lotus, Mirapoint, Sendmail and Tumbleweed.

Meanwhile, Brightmail, a big player in antispam packages for the service provider market, in October stepped up its push into the enterprise market with Version 4.0 of its Anti-Spam software. Brightmail’s enterprise customers include Cypress Semiconductor, Motorola and Lycos.

All these companies sell software designed to identify and stop spam at the edge of corporate networks, before these unwanted messages arrive at corporate e-mail servers or are sent to end users. At the same time, these software packages aim to maintain e-mail system performance and reject as few mission-critical e-mail messages as possible.

“Enterprises are concerned about protecting their networks at the perimeter, at the e-mail gateway,” says James Kobielus, a senior analyst with Burton Group, which in November issued a report on combating spam, and a Network World columnist. “They want a floodwall essentially to catch spam . . . [before] spam becomes a huge consumer of resources, including bandwidth, CPU and mail administration.”

The sheer volume of spam is what’s driving more corporations to purchase antispam filtering software. Spam represented between 8% and 10% of all e-mail messages on the Internet a year ago, but it has grown to as much as 30% to 40% of the messages corporate users receive today, experts say.

“Spam is the No.1 problem facing e-mail administrators and e-mail users,” Kobielus says. “It’s out of control. . . . And the problem has gotten significantly worse in the last year. The volume has grown by a multiple of four to five in a year.”

Pornographic spam, in particular, is on the rise. Kobielus says it has doubled in the last year and now accounts for 10% of all spam.

Network managers are tackling the spam problem because of the potential legal liability associated with pornographic spam and concerns about the negative effects on end-user productivity. High volumes of spam are a drain on network resources such as e-mail server capacity, Internet bandwidth and e-mail archives.

Dave Giaramita, an e-mail consultant working on a project for an energy conglomerate in San Ramon, Calif., sees “staggering” amounts of spam each day. The company has 80,000 e-mail recipients on its three-tiered e-mail system, which uses Sendmail’s software as its Internet e-mail gateway, Tumbleweed’s SecureMail 5.0 as a spam blocker and Microsoft Exchange for its e-mail servers.

Spam blocking 101

Giaramita says the company receives an average of 328,000 inbound e-mail messages each day and that 236,000 of them – or 72% – are blocked as spam. A black list blocks 151,000 messages before they enter the company’s e-mail system. (These are often the same message sent to multiple users.) Tumbleweed’s software catches another 85,000 spam messages per day.

“I estimate it takes about 12 seconds to process a single spam message,” Giaramita says. “At the rate we’re seeing, each employee would spend about five-and-a-half hours a year processing spam. That’s 233,000 hours a year of employee time spent processing spam.”

Giaramita says that if the company didn’t block spam, it would cost $14 million in lost productivity. He arrives at this figure by determining that the volume of spam would require 147 full-time employees to process, and that these employees would earn $50 an hour.

“We’d also have to increase our e-mail bandwidth and our disk servers,” Giaramita says, adding that the company already uses 10 terabytes of disk storage to house its domestic e-mail.

To catch all the spam, the company has set up seven dedicated Tumbleweed servers. These servers were installed in January, when end users started complaining about the amount of spam.

“Tumbleweed is getting about 90% of the spam coming through,” Giaramita says. “Tumbleweed costs us about $100,000 a year, including support and hardware depreciation. But the return on investment is absolutely worth the cost.”

Giaramita quarantines spam for a day in case an important message accidentally is blocked, which happened once with a contract that used the phrase “at no cost to you.”

“Our false positive rate is very, very low,” he adds.

Messaging vendors are improving antispam filtering to address the problems e-mail administrators such as Giaramita see each day. Antispam features are being added at every point in the system: at Internet gateways, between gateways and e-mail servers, at e-mail servers and at desktops.

The most common approach is to put antispam software behind the firewall to filter inbound Internet messages before they are sent to corporate e-mail servers. Providers of message transfer agent software, including Sendmail and Sun, have beefed up their antispam filtering as has message appliance vendor Mirapoint.

Sendmail in November announced an antispam filter built upon technology from Elron Software, which sells Internet content filtering products. Similarly, Mirapoint last month added antispam filtering as an option to the operating system that its mail gateway appliance uses.

Sun has offered antispam filtering for years, including support for black lists and third-party antispam software providers such as Brightmail and Trend Micro. In the first quarter of next year, Sun plans to add antispam capabilities to its instant-messaging server software.

Vendors of special-purpose antispam software also are improving their capabilities. Brightmail in October updated its enterprise offering by improving its accuracy and adding support for Windows 2000 instead of only Solaris. Also in October, Tumbleweed improved the antispam capabilities of its Messaging Management System, which now scans HTML code embedded in messages to look for links to spam sites.

Antispam contingent

E-mail server software vendors Lotus and Microsoft are adding antispam capabilities to provide companies with an extra layer of protection. Lotus recently added support for black lists and antispam rules to its Domino 6 server software.

Microsoft says the next version of Exchange, code-named Titanium, will support real-time black lists and spam “beacon” blocking in Outlook Web access and Outlook 11 clients. Beacon blocking prevents the download of images that send a beacon back to the spammer to verify an address as legitimate.

Antispam filtering software for the desktop also is available, but few companies use it. Instead, desktop packages from vendors such as Cloudmark, MailFrontier and Sunbelt Software are geared toward home computer users.

Regardless of where e-mail administrators place spam filtering, they’re getting positive feedback from end users as the volume of spam declines.

Dave Leannah, IT director at Peltz Group in Milwaukee, installed Clearswift’s new SpamActive filter on his company’s e-mail system a month ago. The filter is an add-on to Clearswift’s Mailsweeper for Simple Mail Transfer Protocol and is free to Clearswift support customers.

“I kept getting more and more complaints from end users who came in to work and had 30 messages of spam instead of the five messages they used to get,” Leannah says. “Women were getting this horrific pornographic stuff and were calling me to say that it embarrassed them.”

Leannah runs an Exchange e-mail system with 130 users. He now blocks 300 to 350 spam messages a day, and 800 to 1,200 over the weekend.