Beefing Up E-Mail Security

Assessing the reputation of the e-mail sender is not enough to block spam and phishing attacks, which are becoming increasingly complex, said Pat Peterson, vice president of technology at IronPort, San Bruno, Calif.

That&'s why IronPort now is tracking URLs within the content of the e-mail and placing a reputation score on the URLs based on criteria such as the length of time they have been registered or the country the site is hosted in. Messages that contain suspicious Web links are filtered out, helping to block spam, phishing attacks, URL-based viruses and spyware spread through e-mail that can look identical to legitimate messages but instead contain malicious URL links.

While IronPort is not the only vendor to use reputation data filtering, its database for analyzing and scoring incoming e-mails&' IP addresses is one of the largest on the market, said Jay Gregg, practice manager at Accudata Systems, a solution provider in Houston. SenderBase filters out so much spam at the perimeter that customers initially don&'t think it&'s working because they no longer see as much spam on a quarantine list, he said.

“It&'s a testament to its accuracy,” Gregg said.

id
unit-1659132512259
type
Sponsored post

IronPort claims SenderBase is populated with data from more than 100,000 participating organizations that track spammers and identify bad URLs.

Dale Mitchell, general manager at Cincinnati-based solution provider Data Processing Sciences, estimated that SenderBase filters out between 88 percent and 92 percent of spam. In one instance, a customers found out that its own IP address was being blocked by SenderBase because the customer had a virus on its network and didn&'t know it, he said.