Cooking spam at Comdex

Dozens of companies at the computing trade show are showing software, services and hardware designed to stem the tide of junk flooding e-mail accounts.

David Becker Staff Writer, CNET News.com
David Becker
covers games and gadgets.
David Becker
3 min read
LAS VEGAS--Forget about transforming IT or building business value--the big push at this year's Comdex is keeping Viagra ads out of your in-box.

Dozens of companies at the computing trade show are showing software, services and hardware designed to stem the tide of junk flooding e-mail accounts.

Microsoft started the action Monday, with Chairman Bill Gates announcing plans for Intelligent Message Filter (IMF), a free spam filtering add-on for its Exchange Server 2003, the latest version of the software giant's application for running corporate e-mail servers.

Special coverage
Comdex gets down to business
Complete News.com coverage of
the technology trade show.

T.A. McCann, group product manager for Microsoft's Exchange server group, said the spam filtering rules in IMF are based on patterns drawn from the hundreds of thousands of messages Microsoft engineers analyze every month from subscribers to the company's Hotmail Web-based mail service. That research helps reversal patterns not just in junk e-mail but legitimate messages, allowing IMF to perform a more complex analysis than the spam-or-not evaluation of most filters.

"We're learning the characteristics of what's in good mail and in the spam mail," McCann said, "You can weigh both of those, and set thresholds."

Microsoft is sharing much of its research with other e-mail related companies, McCann said, including Web-based mail competitors Yahoo and American Online. "We have to address this problem as an industry," he said. "It's threatening the viability of e-mail as a medium."

Start-up Cloudmark is relying on strength in numbers to fight spam. The company's SpamNet desktop software is installed on more the 700,000 consumer PCs. The program filters junk messages and lets users quickly tag a message as spam, and share the results with Cloudmark, which uses the information gleaned from unwanted messages to hone its analytical tools.

The company's new Authority server software use algorithms derived from that research to sort out messages before they reach anyone's in-box. CEO Karl Jacob said SpamNet users can do a better and faster job of identifying suspect e-mail than computer-initiated analysis. Cloudmark does the rest of the work by analyzing submitted messages to find patterns and constructing "spam genes" to identify junk mail, Jacob said.

"The human stuff is distilled in the lab--that tells us when we need to do another DNA update," he said.

Security giant Symantec is blending a variety of approaches to tackle spam, said group product manager Chris Miller, with "whitelisting" showing particular promise as a way to augment text searchers and other common filtering methods. The opposite of blacklisting, whitelisting saves information on e-mail senders the user trusts, reducing the possibility for "false positives" when a spam filter wrongly identifies a welcome message as junk.

"It provides a level of confidence in knowing messages from people you consider important are going to get through," he said.

"I think we'd all like to find the silver bullet that will stop spam," Miller added, "but it's a moving target. No one technique is going to hit everything, so we have to blend the best of different technologies."

IronPort also uses a version of whitelisting in its e-mail gateway appliances, hardware devices that attach to an e-mail server and automatically execute all needed security functions, including spam control and virus protection.

The appliance uses a "reputation filter" to identify good senders and an online database of problem IP addresses to help identify spammers, said Richard Snee, director of marketing.

Putting all e-mail protection services in one box saves considerably on management costs, Snee said, and lets IT administrators react quickly to traffic changes. "Our belief is that today's e-mail infrastructure is bending to the point of breaking just because of volume," he said. "Our stuff just lies on top and adds the layer of security businesses need."