Brightmail shifts spam/e-mail virus battle to ISPs
March 9, 2001
Spam-busting outfit Brightmail may not have room for new individual subscribers, but it's pressing the battle into the corporate, ISP (Internet service provider) and ASP (application service provider) arenas.
"Free Brightmail reached its quota of eligible accounts. In order to insure the efficiency of spam-filtering for our current users, We are no longer registering new email addresses," the company regrets to say.
Nevertheless, it's still offering services to anyone who handles a large volume of mail, and has recently grabbed a few impressive accounts with such major players as AT&T, Earthlink, MSN and Excite.
Brightmail begins by setting up e-mail accounts at numerous domains and analysing the inevitable buildup of the offending pink substance. Filtering rules are worked out so that legitimate mail with unfortunate similarities isn't blocked.
"The I-Love-You virus is a great example," Brightmail CEO Gary Hermansen told The Register. "'I love you' is a common phrase; lots of mail has a similar header, and we obviously don't want to filter it."
Thus a series of identification tags are used to develop filtering rules so that one's puppy-love pleadings, sighs and spontaneous ejaculations will arrive at their intended destination.
The actual filtering is done on site at the business or ISP using the system, via a dedicated mail server or 'mailwall' as Brightmail calls it. Rule updates are processed in real time and automatically downloaded to the servers, usually at intervals of once every five to ten minutes.
Mail is sorted, not deleted, Hermansen says. A single copy of suspected spam or malicious mail is diverted to a junk directory, which the user can examine for mis-diagnosed items.
Another promising feature is Brightmail's ability to get the jump on anti-virus software when a spam attack such as the Melissa or Love Bug worms are launched. If one's virus definitions aren't up to date, or if one's heuristic features are set low or disabled to prevent false positives, a self-propagating spam blitz will likely nail one.
Because Brightmail-enabled servers are updated automatically and continually, it's a safer bet that companies and ISPs using them will escape with little or no effect.
"The best way to defeat malicious mail is to block it at the gateway," Hermansen says.
According to the Brightmail spam calculator, which Web visitors can play around with, if we assume a conservative estimate of 100 spammers sending 250,000 spam messages a day each, in one year that accounts for 9.125 billion messages, or 120 per Netizen, with an estimated cost of $255 million in wasted bandwidth.
We thought ten thousand spammers worldwide would be a more realistic guess, so we plugged it into the spam calculator along with the more conservative output estimate of only 50,000 messages per day, and came up with the outrageous figure of 182 billion spam messages zipping around the Net each year.
So maybe we got carried away. Give it a go yourself.
© 2001 Thomas C Greene, TheRegister.Co.Uk