Feeds

Cloudmark takes Napster model to spam blocking

And why not?

  • alert
  • submit to reddit

Top three mobile application threats

ComputerWire: IT Industry Intelligence

Cloudmark Inc came out of stealth mode yesterday with a product that applies Napster-style technology to combating unsolicited commercial email or spam. The company released SpamNet, a free Outlook plug-in that is ultimately expected to leverage the opinions of many thousands of email users in filtering spam.

The San Francisco-based startup was founded by Vipul Ved Prakash, author of the open-source version of SpamNet, Vipul's Razor, and Jordan Ritter co-founder of Napster. The model applies the "approximation of a peer-to-peer network" Napster model to the spam problem, Cloudmark CEO Karl Jacob said.

Users download the software as a plug-in to Outlook 2000, 2002 or XP, which causes 'Block' and 'Unblock' buttons to appear on the interface. When a user receives an email they consider to be spam, they click Block, which notifies Cloudmark's central databases. The software creates a filter that shifts the email to the user's spam folder. Filtered emails can be unblocked just as easily.

Based on a "truth evaluation system", Cloudmark's servers decide whether to flag a particular mail as spam. The system uses criteria such as the length of time a user has been on the system, and their past accuracy record, when decided how to score their flagging of a mail as spam.

"You don't want to say it's impossible [to fool the system]," he said. "But it will be very difficult. There are more people on the internet that don't like spam than people waiting to spoof the system." The larger SpamNet gets, he said, the less chance there is of unscrupulous marketers managing to fool the system.

Jacob identifies his competitors as the likes of BrightMail Inc, which claims to have a 45% share of the antispam market. According to the company, six of the top 10 US ISPs use its software, which is installed on the email server, as opposed to the client.

BrightMail has a team of programmers and automated systems at its operations center writing rules that identify each piece of known spam. The rules are pushed to BrightMail customers' email servers, where every piece of email is checked against them to see if it's spam.

Jacob contends that these rules tend to be written as "regular expressions" - a way of comparing text strings efficiently - which are can be quite processor intensive if every email has to be checked against a large number of rules. SpamNet uses a "cryptographic signature", Jacob said, to match emails against its database of identified spam.

This makes lookups faster, he said, which means the databases can be larger and more comprehensive. "[Competitors] tend to retire their rules quite quickly," Jacob said. "Which means the effectiveness goes down. Or they can keep the effectiveness high, but that slows down mail delivery."

BrightMail CTO Ken Schneider takes issue with some of these claims. "A lot of our matching is based on signatures, which is what these new guys are using," he said. "But we do have the ability to use regular expressions." He said that rules are retired when they are no longer being enforced, because spam attacks have finished.

"It's a more efficient model," Schneider said. "We could keep a much larger set of rules, and still keep performance up. But there's no reason to keep the rules active if the spam attacks are no longer active."

Initially SpamNet will be a free download, but Cloudmark (named after a planet in a Vernor Vinge novel) will shortly release a paid-for premium version, containing extra features, and an enterprise-level product within a couple of months. Further details were not available.

© ComputerWire

The Essential Guide to IT Transformation

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple ran off to IBM
But never fear fanbois, you're still lapping up iPhones, Macs
Nadella: Apps must run on ALL WINDOWS – PCs, slabs and mobes
Phone egg, meet desktop chicken - your mother
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
Samsung threatens to cut ties with supplier over child labour allegations
Vows to uphold 'zero tolerance' policy on underage workers
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.