Turning the idea of sender reputation on its head, a new e-mail security company called Abaca Technology is announcing a gateway product that determines an inbound e-mail message’s potential to be spam based on how much unwanted e-mail the receiver has gotten in the past.
Abaca’s Email Protection Gateway appliance, which is being launched at Interop New York this week, blocks spam from entering an organization by using the company’s ReceiverNet technology. This technology collects information about how much spam each receiver in an organization has been sent in the past, and uses that ratio of spam to legitimate mail to determine if a new message is wanted or not, says Bill Kasje, director of business development with Abaca.
The system collects information about all the e-mail received using the appliance, giving Abaca a large pool of receivers’ reputations to base its scoring on, Kasje says.
“It sounded intuitive, but too good to be true, so we were extremely hesitant,” says Jay Roberts, network engineer of Community Health Partnership, a nonprofit Medicare and Medicaid care-management company in Eau Claire, Wis., with about 400 users. The company had been using Fortinet’s Fortigate multi-threat appliance, which Roberts says couldn’t keep up with the amount of spam coming into the mail stream. Roberts found Abaca while researching antispam products, and began using its product in June.
At the healthcare company, Abaca’s product started out at about 88 percent effective in catching spam, and is now between 98 percent and 99 percent effective, he says, and is the only antispam product currently in use. Roberts says he knows of only a few false positives — or legitimate messages wrongly labeled as spam — that the appliance has produced so far.
The idea of determining spam based on the receiver’s reputation is a new take, because most antispam companies are focused on catching spam based on the sender’s reputation.
“If you look at what current technology does today, most of the solutions out there focus on the sender’s reputation or the content of the message, but spammers can set up botnets, change IP addresses to spoof others, and change the content to get around current technologies,” Abaca’s Kasje says.
“One of the things we learned early on is users tend to get a fairly consistent amount of spam in their mailboxes. So you can develop a reputation for each receiver and use that reputation to calculate the odds of whether an incoming e-mail is spam or legitimate.”
For example, when an inbound e-mail addressed to five receivers in an organization arrives, if the majority of those receivers have poor reputations the appliance will score the message to likely be spam, Kasje says. This is the appliance’s first line of defense against spam, although it also applies other conditions, such as sender reputation and scanning for URLs that link to bogus Web sites, he says.
The product also includes a Web-based administration console and self-updates with the latest rules for determining spam, Kasje says.
CEO Steve Kirsch, who has founded five technology companies including Infoseek, grew Abaca out of his quest to make the perfect spam filter. The company, which has 22 employees, is initially targeting the small and midsize business market, putting it head to head with vendors including Barracuda, Cisco’s IronPort, Declude, Mirapoint and others. Kirsch is aware that the market for antispam products is an overcrowded one, but maintains that his product will distinguish itself from the others by its effectiveness.
“We offer a performance guarantee that sets us apart from our competitors. The average spam-blocking rate for small to medium businesses is only 80 percent. Our product is guaranteed to deliver at minimum 99 percent accuracy,” he said in a statement.
The appliance is available in two versions. The EPG 100, priced at US$1,495, can handle as many as 100 users, while the EPG 1000, priced at $$3,495, is designed for as many as 1,000 users. Abaca also sells a virtual version of the appliance, priced at $495.