IronMail Upgrade Helps Block Spam

The latest version of CipherTrust's secure e-mail appliance uses TrustedSource technology to help prevent spam for reaching users' inboxes.

CipherTrust Inc. on Monday plans to announce the latest version of its IronMail secure e-mail appliance, which will include the companys own "reputation service" to help stop spam and other unwanted messages from reaching end users mailboxes.

The TrustedSource system, as CipherTrust calls the new technology, relies on data from a variety of sources in order to decide whether a piece of mail should be delivered to the intended recipient. It takes into account the past history of the mails sender, the content of that specific piece of e-mail and data collected from the millions of mailboxes that are currently protected by IronMail appliances.

/zimages/2/28571.gifClick here to read eWEEK Labs review of IronMail.

This approach differs from most of the other reputation-based services and white-list solutions on the market. Offerings based on spam white lists normally will let through any e-mail coming from a sender on the white, or allowed, list, regardless of the content or subject line. This can cause serious problems if a sender on the list is infected by a mass-mailing virus and begins sending large amounts of mail out.

In scenarios like that, IronMail 4.1 could look at the volume of mail suddenly coming from an IP address that typically sends just one or two messages a day and use that data to drop the incoming messages, even though theyre coming from a trusted sender.

"We wanted to judge mail on actual observed behavior and have it be real-time, even when you have a good citizen whose behavior changes quickly," said Matt Anthony, director of product marketing at CipherTrust, based in Atlanta. "We want a lot of pieces of data that help us get more accurate with this. We want the reputation of the sender to be involved, but not for it to be a yes or no decision."

CipherTrust officials also said that the company plans to support the new standard that is expected to emerge from the combination of the Sender Policy Framework protocol for authenticated e-mail and Microsoft Corp.s Caller ID for e-mail specification. Both ideas rely on published data about outbound mail servers in order to judge whether a given e-mail is legitimate or is spam with a spoofed sending address.

IronMail 4.1 is available now.

/zimages/2/28571.gifCheck out eWEEK.coms Messaging & Collaboration Center at for more on IM and other collaboration technologies.


Be sure to add our messaging and collaboration news feed to your RSS newsreader or My Yahoo page