E-mail security vendor CipherTrust Monday announced version 4.1 of its IronMail gateway appliance that includes a reputation-based authentication tool designed to weed out spam by identifying "good" senders.
The new tool, called TrustedSource, attempts to identify legitimate e-mail by rating the reputation of the sender, which it determines from monitoring the 7.5 million enterprise e-mailboxes that IronMail sits in front of, says Matt Anthony, the company's director of product marketing.
Unlike reputation-based blacklists from other vendors that identify spammers based on their sending behavior (mass mailings, for example) and reject their messages, TrustedSource flags mail coming from what it determines to be valid sources and gives it a positive rating based on that determination.
IronMail keeps its TrustedSource database "pure" by not allowing an e-mail sender to beg or pay their way onto the list, Anthony says.
Unlike other white lists, IronMail runs a piece of mail deemed valid by TrustedSource through the remainder of the appliance's spam filters, says Anthony. "This list is not a bypass for spam filters," he says.
IronMail weighs the rating given by TrustedSource against its other filter ratings before deeming a message valid. "If you're sending a clean message, it's going to be delivered through IronMail; our other tools do a great job at that," Anthony adds. "If you're doing the right thing, you don't need to be on the TrustedSource (database) to get through."
Recognizing that rating an e-mail sender's reputation alone will not give an enterprise enough spam protection, CipherTrust recommends companies take a "cocktail" approach to identifying unwanted messages. TrustedSource is yet another tool to throw in the mix.
"We're at the point where a fraction of a percentage (less spam received) makes a difference," Anthony says.
IronMail 4.1 is priced from US$9,500 to US$30,000, depending on the size of an organization. TrustedSource is implemented in the software included with version 4.1.