Internet users are about to get a new tool in the fight against spam and fraudulent e-mail. On Monday, security vendor CipherTrust plans to release what it's billing as the first "reputation toolbar" for e-mail clients.
Web surfers can already download browser plug-ins like the Netcraft toolbar or SiteAdviser, which evaluate the trustworthiness of the Web sites they visit, but the CipherTrust TrustedSource Toolbar is the first such product designed for e-mail clients, according to the company.
"It provides you with an extra layer of trust to the e-mail you're getting in your inbox," said Alex Hernandez, director of advanced product development with CipherTrust.
The toolbar will be free for users of Microsoft Outlook and Lotus Notes e-mail software, CipherTrust said. It will be available on the CipherTrust Research Portal, a new community Web site for those interested in spam, phishing and virus information, which is also set to launch Monday.
The lightweight software is designed to run a query against CipherTrust's servers when a user clicks on an e-mail. After CipherTrust analyzes the message's trustworthiness, the toolbar will flash a red, yellow or green icon. A red, "frowny face" icon designates spam or a phishing attack, while a green "happy face" means that the message comes from a reputable sender.
The TrustedSource toolbar makes this evaluation after examining the e-mail and checking the IP (Internet Protocol) address of the e-mail's sender against the TrustedSource reputation engine, used by the company's e-mail gateway appliances. No other information from the e-mail is sent back to CipherTrust, according to Hernandez.
CipherTrust is also working on a browser version of the toolbar, which will work with Web-based e-mail services such as Hotmail or Gmail, Hernandez said. "That is in testing right now and that will be released in the coming months," he said. "It's going into beta testing right now."
The company is also looking into providing reputation software for instant messaging and VOIP (voice over Internet Protocol) clients, according to Hernandez. "We're thinking about it," he said. "We're not to the point where we're doing any formal development of those internally."