Shifting from daily nuisance to serious IT and business concern, uncontrolled spam is prompting customers to arm themselves with tools to fight back against productivity loss, potential liability, and bandwidth-clogging consequences that unsolicited commercial e-mail can bring to an enterprise.

Targeting a growing concern on the anti-spam battlefront, IronPort Systems Inc. on Wednesday introduced technology designed to prevent legitimate e-mail messages from being weeded out by anti-spam filters.

IronPort rolled out two e-mail delivery appliances based on the company's Virtual Gateway technology, which allows users to assign a specific outbound IP address to each message based on campaign or message type. The technology, in essence, creates a separate virtual machine for each mailing, separating critical transaction confirmation messages from other marketing messages that might be snared by a spam filter, according to Scott Banister, chairman and CTO of IronPort, based in San Bruno, Calif.

"Companies are finding that if they send out e-mail marketing newsletters, increasingly ISPs are deploying anti-spam systems that often inadvertently trap messages that are legitimate," Banister said. "No one wants to be throwing out babies with the bath water."

IronPort's Virtual Gateway assures that even if a marketing message is trapped by a filter, other traffic being sent from the same infrastructure will be unaffected, he said. The two new delivery appliances, the A60 and A30, are designed for high and low volume requirements, respectively.

Similarly, last week vendors Postini Inc. and BrightMail Inc. introduced new anti-spam products and services designed to help end-users restore normalcy to workplace operations being hampered by hundreds upon thousands of e-mail messages targeting random inboxes and servers over the Internet.

In fact, most corporate customers and service providers are oblivious to the massive amount of spam proliferation caused by automated e-mail address "harvesting" over the Web, said Joyce Graff, vice president and research director of Stamford, Conn.-based Gartner Inc.

"[Spam] is burning your resources, it's keeping your message transfer agent busy doing stupid things, it's clogging bandwidth, clogging disk space, and most important stealing people's time," said Graff. "Even more important, it's creating a very upset work environment."

Graff said that tools capable of launching a myriad of spam-related attacks are becoming readily available over the Internet. This enables even beginners to send out spam, and fuels con artists to perpetrate hoaxes, identity theft, fraud, bulk junk mail, and mass market advertising. Spammers easily can set up and dispose of multiple free e-mail accounts to hide their tracks.

According to the Gartner analyst, many spam attacks bombarding enterprises feature increasingly vulgar and insensitive content. This raises the question of whether a company is legally responsible for blocking inappropriate spam messages viewed by its employees.

Postini customer Lee Rocklage, IT manager of Redwood City, Calif.-based DPR Construction, estimated about 40 percent of his company's daily e-mails at one time were spam. Before deploying Postini's Security Manager product, he noted that offensive e-mail proved a major distraction and was "the biggest complaint" from his employees.

"It became a concern," said Rocklage. "We're a service-oriented company and having to sort through all of the unnecessary e-mails each morning to identify those that were important or required a quick response can be very time-consuming."

Last week, Postini announced the availability of Postini Perimeter Manager, Postini Security Manager, and Postini Resource Manager, serving as three new service offerings to heighten e-mail protection against spam, viruses, and Directory Harvest Attacks.

BrightMail, which offers a software license as well as a services model, made noise on the spam battlefield last week with the launch of BrightMail Anti-Spam 4.0 Enterprise Edition. Designed to support Microsoft Windows 2000 and Sun Solaris environments, the new version can remove randomness inserted by spammers in the header of an e-mail message body to reduce polymorphic spam attacks and can generate rules against slightly altered attacks, said Ren Chin, director of product development at San Francisco-based BrightMail.

Albert Rodriguez, president of Ann Arbor, Mich.-based ImageMaster Financial Publishing, said the "annoyance" of unwanted e-mails forced him to seek out a product such as SurfControl's Anti-Spam Agent, which could not only filter spam, but also provide his staff the ability to flag or isolate e-mails for further inspection.

"The product is blocking spam but it's doing it by allowing us to have control of exactly what comes through and what doesn't. If it weren't for that, we wouldn't have gotten it," said Rodriguez, who said a queue has been set up to flag key phrases, Web addresses, and re-direction attempts.

Graff, the Gartner analyst, said it is critical that customers stay away from generating false positives that could prevent legitimate business or e-mail messages from getting through even if it appears "off-color."

Toward that concept, IronPort offers a Bonded Sender program, designed to integrate with the appliances, which lets companies use a financial bond to stand behind valid e-mail messages. Described as a kind of first-class postage stamp for e-mail, the Bonded Sender service signifies to ISPs and corporations that the message sender has a legitimate business relationship with the recipients, Banister said.