Security

E-BUSINESS SPECIAL REPORT

The Big Business of Fighting Spam

What do Viagra, stock tips, personal ads and activities with farm animals have in common? They are all the subject lines of unwanted, unsolicited e-mail messages, not-so-affectionately known as spam. The sheer volume of electronic junk mail has overwhelmed users’ inboxes and IT managers in the past few years, consuming valuable bandwidth and storage space while embarrassing and annoying its recipients.

According to research firm IDC, in 2002, spam volume jumped 28 percent in North America alone, to 870 billion messages. That figure is expected to surpass 1 trillion by the end of 2003, according to Mark Levitt, vice president of IDC’s Collaborative Computing Program.

Spurred by fear of “hostile environment” employee lawsuits and concerned about lost productivity hours, companies have turned to anti-spam technologies to eliminate — or at least reduce the number of — such undesirable e-mail messages. Several spam-fighting software firms have seen measurable financial benefits as a result, and there is a likelihood that they will follow the same lucrative path blazed by antivirus vendors.

So, who’s making money from fighting spam — and how successful are their efforts?

Phony Messages Lure Real Spam

There is no denying that skyrocketing spam volume has boosted the bottom line for Brightmail, a San Francisco-based company that specializes in anti-spam technology for Internet service providers and enterprise networks. The company counts among its customers six of the largest ISPs in North America — MSN, EarthLink, AT&T Broadband and WorldNet, Verizon and BellSouth. Its two main products, Brightmail Solution Suite 4.0 for ISPs and Brightmail Anti-Spam 4.0 for the enterprise, use similar techniques to nab spammers.

The process works like this: Brightmail distributes thousands of phony e-mail addresses across the Web in both consumer and corporate settings. The decoy addresses then collect unsolicited e-mail and send it to the company’s headquarters. There, the company aggregates the e-mail, seeking to create what CEO Enrique Salem described as a “fingerprint” — essentially, a rule used by filters to recognize spam. Every 5 to 10 minutes, Brightmail sends its customers an updated fingerprint.

“The software running at our customer’s site compares the message coming in to the fingerprint we sent them. And if the fingerprint matches, we say, yes, it’s spam,” Salem told the E-Commerce Times. “That method is almost fool-proof because two messages don’t have the same fingerprint.”

Few False Positives

The company boasts a notable catch rate. In December 2002 alone, Brightmail scanned 40 billion messages, 16 billion of which were designated as spam, and logged a false positive rate — the amount of legitimate e-mail accidentally blocked — of nearly zero. “Maybe one in a million [is a false positive],” said Salem.

According to analysts, that figure is one of the most important numbers. “Because spam as not as easily identifiable as viruses are, any measure you take to block spam has to be careful about not doing something that would block legitimate e-mail,” IDC’s Levitt told the E-Commerce Times.

Salem admitted that some spam can slip past the filters. This occurs largely because spammers have a significant economic incentive to chip away at filters, combined with a vast, underground market of spamming tools. “If the spammers want to send spam to AOL, they sign up for an AOL account, and they start to test it by sending a piece of mail to their own account. And they do that until one gets through,” he explained.

He added that in the future, Brightmail expects to keep up with spammers by using additional decoy e-mail addresses and automating much of the fingerprint creation process. “We’re able to update the rules faster. We’ll send more rules out. It’s all about automation.”

Increase in Spam Good for Bottom Line

Although Brightmail is still privately held and does not publish its financial results, Salem said the company’s revenue doubled in 2002 compared with the previous year. Though he would not disclose last year’s earnings, he pointed to an IDC estimate that in 2001, Brightmail earned about $8 million in revenue. “That’s pretty close, maybe a little low,” he said. As for the coming year, he added, “We doubled [in 2002], and we’ll double again.”

Salem said he expects Brightmail to achieve profitability by the second quarter of this year.

Deersoft Joins Network Associates

But Brightmail is not the only spam-fighter reaping profits from this war. When Network Associates announced in January that it had acquired San Mateo, California-based Deersoft, known for its SpamAssassin Pro and Enterprise software, it took an even deeper stab at the promising and potentially lucrative anti-spam market.

Zoe Lowther, senior marketing manager in Network Associates’ McAfee Security division, told the E-Commerce Times that the company is in the process of rebranding both SpamAssassin products into its own SpamKiller Enterprise for Microsoft Exchange mail servers and SpamKiller Enterprise for the desktop. Both of those products are slated to ship this spring.

SpamAssassin also will be included as an add-on for McAfee’s WebShield — an Internet gateway filter — and GroupShield, an MS Exchange antivirus filter, with releases due this summer.

Scoring Spam

In terms of how SpamAssassin works, Lowther explained that a scoring system is used to determine how likely it is that a message is spam.

“Every time a message is received, it runs 750 tests … looking at the headers of the message, the structure, the subject line,” he said. “Every time one of those rules gets triggered, it receives a point score, and over a certain amount, the e-mail is classified as spam.”

Administrators can set up junk mail folders on the network, or even individual junk mail folders, so that users can sift through the spam to delete it, a better way to ensure that legitimate messages are not filtered out, Lowther added.

The technology boasts a 95 percent accuracy rate with a false positive rate of .05 percent. But those numbers are bolstered, according to Lowther, by the heuristic filtering nature of the software, including its personalization abilities.

Although Network Associates could not provide growth statistics for its anti-spam products or specify the value of the Deersoft acquisition, Lowther said the McAfee SpamKiller team has experienced “fantastic growth in sales, and [is] on an upward trend.”

Ongoing Battle

However, because of the ease with which spam can be sent, the fight against it will remain a constant one for companies, according to Forrester analyst Laura Koetzle. “It costs virtually nothing to get a Hotmail account, or [to] spoof a Hotmail address and send out hundreds of thousands of e-mails,” she told the E-Commerce Times.

Because the rate of return for spammers is so high, and the cost of entry is so low, Koetzle added, “it’s not ever going to be possible for the spam-filtering technology to win the war. The best we can hope for with anti-spam technology is that it at least filters most of it so we don’t have to look at it.”

1 Comment

  • I just wish to post my views on the harassment I have received from 2 websites in particular.
    I have been mailbombed for months by
    mail with forged email headers.
    The subject line usually contains an offer to buy automobiles.
    When the mail is opened there is a link to a webpage on http://www.worldfreehosting.com with a further link to http://www.paymentshopper.com which is where they must get their revenue from I guess.
    I sent polite but firm emails to the abuse addresses of these websites but they have not responded. I know they received the mail and it wasn’t bounced.
    Now heres the worst part.
    I complained using my real name to http://www.paymentshopper.com and now they spam me using my real name. How’s that for a disgraceful behaviour?
    They forge the brand names of reputable companies in the email headers to try to disguise their identities.
    They mailbomb decent people with unwanted offers.
    I checked the latest offer from them today and guess what?www.worldfreehosting.com still hosts their spam.
    I have forwarded hundreds of these mails (by now) to the perceived authorities, but I just hope someone reads this and is influenced by it when legislation is made.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

E-Commerce Times Channels