Phishing attack, which was the cause of network penetration RSA last March, showed that the mail remains the weakest link in the chain of corporate security. Even though the filtering system blocks most malicious and simply annoying messages, their own volume demonstrates the potential to be used by the attackers. Now one of the companies engaged in e-mail filtering, ensures that could block at least 99% of incoming spam. But provided that you are not on Google, Apple, Facebook or AOL.
Such a proposal Abaca Technology Corp., The company that created the anti-spam technology which already protects 260 million boxes of Yahoo. At any time when the number blocked by Abaca Cloud Mail Filter spam falls below 99%, the company provides customers with a loan that they can spend to upgrade the license or take into account compensation. Abaca Cloud Mail Filter is available as a gateway device, the virtual server or as a cloud service.
Director General of Abaca Jeff Dzhefferis told Ars Technica, that “the past few years, the company had with Yahoo, improved spam filtering algorithm.” Starting with Europe, Taiwan and Korea, where it is said Dzhefferis, “the language barrier prevented Yahoo to catch spam,” 14 months ago Abaca system switched to U.S. users Yahoo. ”The last region, where we deployed the system, was India. There’s spam in most cases – it just bad link almost any kind was content.”
In close cooperation with Yahoo, the company contracted Abaca prohibited from providing their services to competitors Yahoo.
System out mail from Abaca uses reputation data base to quickly sort out the spammers and phishing attacks. Based on the cloud reputation databases are widely used software vendors, intended to prevent spam and malicious software to track sites and senders of email, which are identified as perpetrators. These databases are compiled by ordinary people. Collected reports and ratings from users and create profiles of sites and domains that contain malicious software and spam. Also, profiles are created well-known “good” senders, ie people with whom users are often linked and attached files in the letters that you can trust.
Reputation filtering system is in the process, which the company calls “in-depth testing environment” in the header of each message and inspects more than 50 characters in the header to identify the source. Then she checked the ratio of “Ham to Spam” in the print sender, ie, number of normal messages and the number of messages tagged as spam. Fingerprint also includes the transfer of mail items, so that if a spammer uses a botnet infected computers to send mail through certain mail agents, all spam that passes through the gateway, can be blocked.
“Our system of time umneet by the entire community,” – said Dzhefferis. ”As soon as someone says to send spam from the compromised box, we will immediately generate a reputation score for him.” People, for the first time sending a message from your mailbox, too, are likely to be blocked, and their messages will be placed in quarantine.
Abaca is hardly the only anti-spam filtering service that uses cloud database. Cisco IronPort Hybrid Email Security, Google Postini service, Cloudmark Authority and the Trend Micro Email Reputation Service is also using them. And Postini and IronPort claim that their system blocks 99% of spam, or more, although the experience of their users are not always able to confirm these statements. According Dzhefferisa, many spam filters are still missing from 5 to 10% of spam.
As he said, the difference lies in the fullness of Abaca spam blocking, and the performance of his system. Dzhefferis added that the filtering engine is capable of handling 100,000 messages per second. This allowed the first customers to significantly reduce the number of used gates. One customer, according to Dzhefferisa, was able to reduce the number of gateways in two data centers from 240 to 40.