Cloudmark takes Napster model to spam blocking

And why not?

ComputerWire: IT Industry Intelligence

Cloudmark Inc came out of stealth mode yesterday with a product that applies Napster-style technology to combating unsolicited commercial email or spam. The company released SpamNet, a free Outlook plug-in that is ultimately expected to leverage the opinions of many thousands of email users in filtering spam.

The San Francisco-based startup was founded by Vipul Ved Prakash, author of the open-source version of SpamNet, Vipul's Razor, and Jordan Ritter co-founder of Napster. The model applies the "approximation of a peer-to-peer network" Napster model to the spam problem, Cloudmark CEO Karl Jacob said.

Users download the software as a plug-in to Outlook 2000, 2002 or XP, which causes 'Block' and 'Unblock' buttons to appear on the interface. When a user receives an email they consider to be spam, they click Block, which notifies Cloudmark's central databases. The software creates a filter that shifts the email to the user's spam folder. Filtered emails can be unblocked just as easily.

Based on a "truth evaluation system", Cloudmark's servers decide whether to flag a particular mail as spam. The system uses criteria such as the length of time a user has been on the system, and their past accuracy record, when decided how to score their flagging of a mail as spam.

"You don't want to say it's impossible [to fool the system]," he said. "But it will be very difficult. There are more people on the internet that don't like spam than people waiting to spoof the system." The larger SpamNet gets, he said, the less chance there is of unscrupulous marketers managing to fool the system.

Jacob identifies his competitors as the likes of BrightMail Inc, which claims to have a 45% share of the antispam market. According to the company, six of the top 10 US ISPs use its software, which is installed on the email server, as opposed to the client.

BrightMail has a team of programmers and automated systems at its operations center writing rules that identify each piece of known spam. The rules are pushed to BrightMail customers' email servers, where every piece of email is checked against them to see if it's spam.

Jacob contends that these rules tend to be written as "regular expressions" - a way of comparing text strings efficiently - which are can be quite processor intensive if every email has to be checked against a large number of rules. SpamNet uses a "cryptographic signature", Jacob said, to match emails against its database of identified spam.

This makes lookups faster, he said, which means the databases can be larger and more comprehensive. "[Competitors] tend to retire their rules quite quickly," Jacob said. "Which means the effectiveness goes down. Or they can keep the effectiveness high, but that slows down mail delivery."

BrightMail CTO Ken Schneider takes issue with some of these claims. "A lot of our matching is based on signatures, which is what these new guys are using," he said. "But we do have the ability to use regular expressions." He said that rules are retired when they are no longer being enforced, because spam attacks have finished.

"It's a more efficient model," Schneider said. "We could keep a much larger set of rules, and still keep performance up. But there's no reason to keep the rules active if the spam attacks are no longer active."

Initially SpamNet will be a free download, but Cloudmark (named after a planet in a Vernor Vinge novel) will shortly release a paid-for premium version, containing extra features, and an enterprise-level product within a couple of months. Further details were not available.

© ComputerWire

Sponsored: Driving business with continuous operational intelligence