McAfee Security, a division of Network Associates, released on Monday McAfee SpamKiller, the first product in the company’s new spam reduction portfolio.
SpamKiller works with Microsoft Exchange Small Business server to address the needs of medium-sized businesses in reducing liability, reclaiming storage space and allowing employees to work more efficiently, according to the company.
SpamKiller works by scanning incoming e-mail as it reaches the server using a pre-defined set of rules to detect and quarantine spam.
According to McAfee, the SpamKiller technology uses a scoring system to determine if an incoming e-mail is spam. A positive or negative score is given to each new e-mail to determine its overall spam rating. Once spam is detected, messages are filtered to the end user’s inbox, personal junk mail folder or a system-wide junk mail folder.
When deciding on an antispam program, Eric Hemmendinger, research director, information security for the Boston-based Aberdeen Group said it is important to consider how well the solution is going to fit with the way a company runs its IT infrastructure.
"You need to look for something that’s going to be 100 per cent compatible with whatever [the company] is using for an e-mail infrastructure," Hemmendiger said.
He added that it is also important when choosing a program for businesses to consider what they’ll be losing along with the spam.
"What do you block that you shouldn’t be blocking?" he said. "Some of that blocked e-mail may result in a loss of revenue…a loss of business relationships."
He added that companies usually decide it’s time for anti-spam solutions when they realize how much storage space the spam is taking up, the legal liability that can occur if workers are unprofessional when opening or distributing spam, and more recently, the security implications.
"This hasn’t been a big [problem] in the past, but I think it’s starting to become more important for organizations," Hemmendinger said. "A certain amount of this spam brings with it some fairly nasty stuff on the desktop and potentially opens up gaping holes from a security perspective."
SpamKiller utilizes five different methods of detection. Integrity analysis examines the header, layout and organization of every incoming e-mail message and applies thousands of algorithms to determine if the e-mail is spam. Heuristic detection uses a set of automated rules based on known spam characteristics to secure the network against spam. Content filtering is used as the administrator and uses a defined set of words and phrases to help further identify unwanted e-mail and inappropriate content.
Also, personalized black and white lists -- a set of standards defined by the administrator and users -- determine both acceptable senders of e-mail as well as unwanted and unacceptable senders. Finally, self-tuning allows SpamKiller to adjust the overall spam score for messages received from known senders by learning the characteristics of e-mail received at the desktop.
Hemmendinger said that because the Internet is largely unregulated, and spam so difficult to define, the problem will probably keep getting worse.
"To some extent, one company’s vision of spam is another company’s vision of legitimate business. Things that I might view as spam, someone in another company might look at it and say, ‘No it’s not spam. It’s not something I’m really interested in, but I don’t view it as spam,’" Hemmendinger said.
Other McAfee SpamKiller products planned for release in 2003 include SpamKiller for WebShield appliances, SpamKiller for IBM’s Lotus Domino and SpamKiller for Exchange.
For more information visit McAffee online at www.mcafeesecurity.com.