02
Sat, Nov
2 New Articles

Anti-Spam and Business Partner Strategies

Commentary
Typography
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

Last February, IBM took a look at what the Internet had wrought and discovered that 76% of all email sent through the Internet could be considered spam. In addition, one in every 46 emails (about 2%) contained a virus, a Trojan horse, or some other form of malware.

The Good News

Think those numbers are outrageous? Well, the good news is that the spam numbers were actually down from January, when IBM recorded that 83% of all email sent was spam. Imagine that: Only 17 % of email sent was actually valuable. No matter how you cut those numbers, the plain fact is that the Internet email network--the way most of us do business today--is rife with junk. And, as users, we have to deal with what we get, day in and day out.

IBM estimates that spam is currently costing U.S. companies up to $17 billion a year in lost productivity. Why? Because somebody has to make decisions about all the spam email. And the biggest problem of all is that recipients cannot automatically validate a sender's address and reject the unsolicited communications. We have to read each one.

Why can't we stop this absurd situation? After all, didn't congress pass an anti-spam law? Well, yes, Congress did. But legal penalties clearly are not sufficient to halt the continual technological hijacking of Internet email. It's just too difficult to track down the culprits.

Why Spam Is So Difficult to Control

The technical cause of this problem is the relatively unsophisticated Internet protocol called Simple Mail Transfer Protocol (SMTP), a protocol that grew out of the early days of Internet email implementation. SMTP is the "sending" protocol of Internet email servers, and though it does an exceptional job, it is not very picky about how it identifies senders.

For instance, SMTP does not require that email indicate who the actual sender is. I can send email with a fake "From" address. This is called "spoofing," and it's the main means by which spammers are able to produce so much garbage through our email systems. However, the IP address of the sender is indeed captured by the SMTP mechanism, and for a while, this seemed like a good enough means of identification, since every IP address is unique.

However, hackers have turned obfuscating their identities into an art. Using a combination of Trojan horses and email viruses to infect unsuspecting Internet users with small, customized SMTP server programs, these hackers have turned thousands of PCs connected to the Internet into zombie spam distribution centers. These machines now represent the infrastructure of an underground spamming network that is largely invisible to authorities. The zombie machines are controlled surreptitiously across the Internet by the owners of the spam networks, and the owners of the zombie machines often don't even know their machines are a part of this underground distribution network. This is why current legal penalties are not working: The technology for hiding the real sender's identity is stronger than SMTP's ability to certify that identity.

How much easier it would be if SMTP contained a requirement for security certificates, much as Lotus Notes email does for internal, non-SMTP mail. By using such certificates, it would be relatively easy for administrators to track down people who are abusing the system and reject their messages from users' inboxes.

Unfortunately, without some sort of built-in SMTP identity check, companies today are forced to use spam filtering mechanisms to sort the garbage from real messages. And too often, those filters fail. That is, until recently.

IBM Introduces FairUCE, a New Anti-Spam Technology

It is against this background of continual email abuse that IBM has introduced a new anti-spam technology to help developers and Internet email system administrators reduce the cost and security risks associated with spam. It's a technology designed to make existing spam filtering solutions more effective. IBM is calling this technology "Fair use of Unsolicited Commercial Email," or FairUCE.

FairUCE is a spam filter technology that stops spam with a novel approach: It figures out a way to check the sender's identity instead of filtering the actual content of each email communication. According to IBM, FairUCE stops the vast majority of spam without the use of a content filter and without requiring a "probable spam" or "bulk folder" that needs to be checked periodically.

IBM says it is one of the first spam filters to use this technique of validating the sender's identity--rather than email content--to determine a message's legitimacy.

Better Than Content Filtering

So why is identity validation better than content filtering?

Content filtering examines what's in the email, checking for key words, phrases, or patterns of content. It's highly sophisticated but prone to mistakes and in need of continual maintenance.

For instance, AOL estimates that spammers often respond within four hours to a change in its content filter. If a message is getting blocked by a content filter, a spammer can usually figure out a new means of slipping the message past the monitor. Moreover, content filters require a great deal of processing horsepower, using complex techniques such as Bayesian filtering, heuristics, and digital fingerprinting. Using a content filter to block spam is equivalent to hiring a policeman to monitor a room to remove people who use specific offensive language: People who want to get their offensive message across quickly learn to use other words to communicate their intent.

That's why FairUCE seems like a better method. According to IBM, FairUCE doesn't try to filter the content of a message. Instead, it attempts to track down who actually sent the message, gathering information about the message transmission, and then selectively checks the validity of that sender.

How Does FairUCE Work?

According to IBM, FairUCE tries to find a relationship between the sender's domain and the IP address of the client delivering the email, using a series of cached DNS lookups. IBM says that for the vast majority of legitimate email, this is easily accomplished. If the appropriate relationship can't be verified, FairUCE then attempts to find one by sending a user-customizable challenge/response. According to IBM, this alone catches 80% of spam and very rarely challenges legitimate email.

Finally, if a valid relationship can be found, FairUCE screens the message against the recipient's whitelist and blacklist--and checks the domain's historical reputation within administrative blacklists--to determine whether to accept, reject, challenge on reputation, or present the user with a set of whitelist/blacklist options.

IBM says future versions of FairUCE will also incorporate Sender Policy Framework (SPF) or similar sender identification systems, as well as use a real domain reputation system.

Implementation of FairUCE

The FairUCE concept is currently implemented as an SMTP proxy that runs between multiple instances of Postfix on Linux. IBM says QMail and Sendmail support are being considered. However, IBM says it should be possible to use existing mail servers on the inside of the SMTP proxy.

What's interesting about IBM's announcement is that end users can't install FairUCE. It's not a "product" but a technology for use by email administrators and by developers of spam filters. (Find more information about FairUCE at IBM's alphaWorks.)

Comparing the Microsoft Partnering Strategy

Now compare IBM's approach of creating a new anti-spam technology with Microsoft's recent announcement that it would buy Sybari Software.

Sybari makes anti-virus and anti-spam software that integrates with Microsoft Exchange, Lotus Domino, and various SMTP gateways across multiple operating system platforms. Sybari was a good partner for Microsoft (as well as other companies), bringing a quality solution to a deeply technical problem. Sybari was gaining significant momentum as a company, and analysts were predicting that soon it would have a stock IPO. Microsoft's acquisition of Sybari has quashed that prospect.

Nonetheless, one might hope that Microsoft's acquisition would continue to foster some kind of technological partnership across all operating system platforms. After all, the problems of Internet spam and viruses are global in nature, requiring coordinated efforts in a standards environment. For instance, Sybari currently makes Linux and UNIX versions of its products.

Unfortunately, however, Microsoft has already announced that it will soon discontinue sales of Sybari products on non-Microsoft operating system platforms. In addition, analysts are predicting that Microsoft will phase out support for non-Microsoft email systems by 2008.

In other words, the Microsoft strategy for partnering seems to be "find the best company with the best solution, acquire it to control its technology, and then make its products proprietary to work only with Microsoft products."

Now, as a software company with only one operating system platform, Microsoft's strategy probably makes good business sense. However, as a partnering strategy, it sends a lot of mixed messages to both customers and business partners. It's a strategy of exclusivity. And while being exclusive may seem like a great opportunity for some companies, it's a problem when customers are seeking technologies to solve global, cross-platform problems.

IBM's Partnering Strategy

IBM's partnering strategy appears to be in stark contrast to Microsoft's. IBM clearly tells its Business Partners that it is not in the "solution space." Instead, IBM provides technological foundations for Partners to use in developing product solutions. IBM also provides marketing support to its Business Partners, helping them crack open new markets and develop lasting customer relationships to build business depth.

In other words, instead of buying up partners to monopolize technology, IBM seems to understand that growing its Business Partner relationships is the key to a win-win scenario for everyone.

Best Practices in a Global Internet Community

There's no question that Microsoft fosters good relationships with many of its business partners. What's not always so clear is how well Microsoft's business strategies work for the betterment of its customers.

As we continue to struggle with the intricacies of Internet expansion--embracing new technologies while fighting off evolving security threats--it gives us pause to reflect that in a truly connected world it should no longer matter to what operating system we are sending our email, nor what operating system is sending mail to us. Who cares if it's IBM's i5/OS SMTP Gateway, Lotus Domino, Microsoft Exchange, or QMail?

Reducing spam is a global requirement, just as SMTP is a global protocol. If email is to continue to provide significant value to our business communications, proprietary software and exclusive vendor relationships simply become obstacles to doing better business.

Thus, it seems that IBM offers best practices for fostering good partner relationships in this new global environment by providing open technology like FairUCE to developers and Business Partners on all operating system platforms. If Microsoft's acquisition of Sybari Systems is any measure, Microsoft has a lot to learn about partnering from IBM.

Thomas M. Stockwell is Editor in Chief of MC Press Online, LP.

Thomas Stockwell

Thomas M. Stockwell is an independent IT analyst and writer. He is the former Editor in Chief of MC Press Online and Midrange Computing magazine and has over 20 years of experience as a programmer, systems engineer, IT director, industry analyst, author, speaker, consultant, and editor.  

 

Tom works from his home in the Napa Valley in California. He can be reached at ITincendiary.com.

 

 

BLOG COMMENTS POWERED BY DISQUS

LATEST COMMENTS

Support MC Press Online

$

Book Reviews

Resource Center

  • SB Profound WC 5536 Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application. You can find Part 1 here. In Part 2 of our free Node.js Webinar Series, Brian May teaches you the different tooling options available for writing code, debugging, and using Git for version control. Brian will briefly discuss the different tools available, and demonstrate his preferred setup for Node development on IBM i or any platform. Attend this webinar to learn:

  • SB Profound WP 5539More than ever, there is a demand for IT to deliver innovation. Your IBM i has been an essential part of your business operations for years. However, your organization may struggle to maintain the current system and implement new projects. The thousands of customers we've worked with and surveyed state that expectations regarding the digital footprint and vision of the company are not aligned with the current IT environment.

  • SB HelpSystems ROBOT Generic IBM announced the E1080 servers using the latest Power10 processor in September 2021. The most powerful processor from IBM to date, Power10 is designed to handle the demands of doing business in today’s high-tech atmosphere, including running cloud applications, supporting big data, and managing AI workloads. But what does Power10 mean for your data center? In this recorded webinar, IBMers Dan Sundt and Dylan Boday join IBM Power Champion Tom Huntington for a discussion on why Power10 technology is the right strategic investment if you run IBM i, AIX, or Linux. In this action-packed hour, Tom will share trends from the IBM i and AIX user communities while Dan and Dylan dive into the tech specs for key hardware, including:

  • Magic MarkTRY the one package that solves all your document design and printing challenges on all your platforms. Produce bar code labels, electronic forms, ad hoc reports, and RFID tags – without programming! MarkMagic is the only document design and print solution that combines report writing, WYSIWYG label and forms design, and conditional printing in one integrated product. Make sure your data survives when catastrophe hits. Request your trial now!  Request Now.

  • SB HelpSystems ROBOT GenericForms of ransomware has been around for over 30 years, and with more and more organizations suffering attacks each year, it continues to endure. What has made ransomware such a durable threat and what is the best way to combat it? In order to prevent ransomware, organizations must first understand how it works.

  • SB HelpSystems ROBOT GenericIT security is a top priority for businesses around the world, but most IBM i pros don’t know where to begin—and most cybersecurity experts don’t know IBM i. In this session, Robin Tatam explores the business impact of lax IBM i security, the top vulnerabilities putting IBM i at risk, and the steps you can take to protect your organization. If you’re looking to avoid unexpected downtime or corrupted data, you don’t want to miss this session.

  • SB HelpSystems ROBOT GenericCan you trust all of your users all of the time? A typical end user receives 16 malicious emails each month, but only 17 percent of these phishing campaigns are reported to IT. Once an attack is underway, most organizations won’t discover the breach until six months later. A staggering amount of damage can occur in that time. Despite these risks, 93 percent of organizations are leaving their IBM i systems vulnerable to cybercrime. In this on-demand webinar, IBM i security experts Robin Tatam and Sandi Moore will reveal:

  • FORTRA Disaster protection is vital to every business. Yet, it often consists of patched together procedures that are prone to error. From automatic backups to data encryption to media management, Robot automates the routine (yet often complex) tasks of iSeries backup and recovery, saving you time and money and making the process safer and more reliable. Automate your backups with the Robot Backup and Recovery Solution. Key features include:

  • FORTRAManaging messages on your IBM i can be more than a full-time job if you have to do it manually. Messages need a response and resources must be monitored—often over multiple systems and across platforms. How can you be sure you won’t miss important system events? Automate your message center with the Robot Message Management Solution. Key features include:

  • FORTRAThe thought of printing, distributing, and storing iSeries reports manually may reduce you to tears. Paper and labor costs associated with report generation can spiral out of control. Mountains of paper threaten to swamp your files. Robot automates report bursting, distribution, bundling, and archiving, and offers secure, selective online report viewing. Manage your reports with the Robot Report Management Solution. Key features include:

  • FORTRAFor over 30 years, Robot has been a leader in systems management for IBM i. With batch job creation and scheduling at its core, the Robot Job Scheduling Solution reduces the opportunity for human error and helps you maintain service levels, automating even the biggest, most complex runbooks. Manage your job schedule with the Robot Job Scheduling Solution. Key features include:

  • LANSA Business users want new applications now. Market and regulatory pressures require faster application updates and delivery into production. Your IBM i developers may be approaching retirement, and you see no sure way to fill their positions with experienced developers. In addition, you may be caught between maintaining your existing applications and the uncertainty of moving to something new.

  • LANSAWhen it comes to creating your business applications, there are hundreds of coding platforms and programming languages to choose from. These options range from very complex traditional programming languages to Low-Code platforms where sometimes no traditional coding experience is needed. Download our whitepaper, The Power of Writing Code in a Low-Code Solution, and:

  • LANSASupply Chain is becoming increasingly complex and unpredictable. From raw materials for manufacturing to food supply chains, the journey from source to production to delivery to consumers is marred with inefficiencies, manual processes, shortages, recalls, counterfeits, and scandals. In this webinar, we discuss how:

  • The MC Resource Centers bring you the widest selection of white papers, trial software, and on-demand webcasts for you to choose from. >> Review the list of White Papers, Trial Software or On-Demand Webcast at the MC Press Resource Center. >> Add the items to yru Cart and complet he checkout process and submit

  • Profound Logic Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application.

  • SB Profound WC 5536Join us for this hour-long webcast that will explore:

  • Fortra IT managers hoping to find new IBM i talent are discovering that the pool of experienced RPG programmers and operators or administrators with intimate knowledge of the operating system and the applications that run on it is small. This begs the question: How will you manage the platform that supports such a big part of your business? This guide offers strategies and software suggestions to help you plan IT staffing and resources and smooth the transition after your AS/400 talent retires. Read on to learn: