New technology from IBM is designed to stop spam by identifying the Internet domain it came from, and can help spot online scams such as phishing attacks and email spoofing.
The company has announced the release of FairUCE, or Fair use of Unsolicited Commercial Email for the company's alphaWorks advanced technology program, citing a newly released IBM survey that found spam was 76 per cent of all email and may cost US companies $US17 billion to fight this year.
The technology uses identity management features to link inbound email back to its original Internet Protocol (IP) address, establishing a connection between an email message, the Internet domain and the computer from which the email was sent, IBM said.
AlphaWorks is a program that distributes technological innovations to developers around the world who sign on as "early adopters" of technology developed by IBM's global research labs.
FairUCE would allow alphaWorks software developers and third party vendors to build more effective spam filtering technology, IBM said. Unlike many spam filtering technologies, which use message content to determine whether an email message is spam, FairUCE links inbound email back to IP addresses.
That allowed IBM to spot messages from compromised, or "zombie" computers, as well as legitimate email servers, IBM said. IBM cited results from its February 2005, Global Business Security Index report to support FairUCE.
The company's Security Intelligence Services found that one of every 1.3 email messages was spam, and that one of every 46 email messages carried a virus, Trojan horse program or other malicious content, the company said.
The cost to US organisations of fighting spam had risen sharply in the last two years, from about $US10 billion in 2003 to an estimated $US17 billion in 2005, IBM said. Lost productivity from workers who must sort through the reams of spam email, inconveniences caused by legitimate mail that was incorrectly labeled as spam and blocked and calls to corporate help desks were major sources of spam related expenses.
FairUCE is available through IBM alphaWorks and can be downloaded from the company's website. (See: http://www.alphaworks.ibm.com/tech/fairuce.) Other companies, including Microsoft and Yahoo, have proposed technology to weed out spam by checking the source of inbound email, which is sometimes referred to as "sender authentication."
Microsoft's Sender ID technology framework, for example, closes loopholes in the current system for sending and receiving email that allow senders - including spammers - to fake, or "spoof", a message's origin. With Sender ID, organisations publish a list of their approved email servers in the domain name system. That record, referred to as the sender policy framework record, is then used to verify the sender of email messages sent to other Internet domains using Sender ID.