IronPort in late July added bounce verification technology to its line of e-mail security appliances to deal with the growing problem of bounce spam attacks.
Bounce spam, one of spammers' latest tactics, involves crafting e-mails that are intentionally designed to be returned, or 'bounced,' in order to reach their intended targets. In a bounce spam attack, the spammer crafts an e-mail with a fake, non-working recipient address and then spoofs the return address to make it look like the message is coming from the intended target. The spammer then sends the e-mail to a third party e-mail server, which bounces the message back to the target via the spoofed e-mail address.
"Bounce attacks are one of the last open holes in the network when it comes to e-mail security. The problem is like the 'secondhand smoke' of spam in the way it wreaks havoc on networks," said Peter Schlampp, senior director of product management at San Bruno, Calif.-based IronPort.
Bounce spam is a virus delivery vehicle and enables spammers to evade spam filters by bouncing files through to the destination, Schlampp said. "It's also definitely a threat for denial-of-service attacks, because lots of mail servers can't handle the volume of incoming e-mail," he said.
Bounce spam also can lead to the e-mail servers of legitimate companies being blacklisted and labeled as spam conduits, he said.
IronPort's bounce verification technology puts a signature on each e-mail going out that is checked against all incoming mail, enabling companies to keep bounce spam e-mails from getting through the e-mail gateway, Schlampp said.
Tom MacArthur, principal of Storbase, a Waltham, Mass., solution provider, said many of his SMB customers have been particularly hard hit with performance problems associated with bounce attacks.
"Bounce verification is a cutting-edge technology that addresses a serious threat, and it isn't just another 'me too' technology like a lot of the traditional virus and spam protection tools in the market," MacArthur said.
Bounce verification capabilities are available on IronPort's C-Series and X-Series e-mail security appliances.
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
|
10 Security Predictions For 2012 CRN looks into its crystal ball and sees Android, hactivisim and cyber-espionage as some of the top 10 security threats in 2012. |
|
10 Biggest Security Breaches Of 2011 The Top 10 Security Breaches of 2011 show hackers were relentless in their pursuit of profit, compromising computer systems of universities, video-game makers and the largest banks. |
 More
Slide Shows |
- Insider Threats: The Next Frontier for Security Resellers and SMBs
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
