Antispam startup targets large enterprises

A new technology startup is focusing squarely on large enterprises and says that its product is a technological leap forward in the fight against unsolicited commercial ("spam") e-mail.

On Monday, Proofpoint Inc. of Cupertino, California, announced its first product: Proofpoint Protection Server, an enterprise-class antispam gateway that company executives say uses a new generation of spam-spotting technology that is more accurate at spotting the unwanted mail traffic.

Featuring separate modules for spam detection, content compliance and virus scanning, the Protection Server sits at the entrance to a corporate network and analyzes all e-mail message traffic, according to Proofpoint.

The integration of antispam, antivirus and content analysis anticipates a future in which companies will need to open and inspect every piece of correspondence that crosses their network for a variety of traits, according to Eric Hahn, Proofpoint's founder and chairman and a former CTO at Netscape.

"Spam is just the top of a bigger iceberg that includes spam, content compliance, regulatory compliance, e-mail archiving, records matching and so on," Hahn said.

Like other antispam products, Proofpoint's spam detection module uses a mixture of proven antispam techniques such as blacklists, whitelists and heuristic pattern matching to spot spam e-mail, the company said.

Unlike other products, however, the Proofpositive antispam module features a specialized antispam engine, the "Proofpoint Proofpositive Engine," that applies advanced statistical machine-learning methods to incoming e-mail messages.

In addition to Bayesian analysis, which has long been recognized as useful for spotting spam, the Proofpositive engine throws lesser known tools such as logistical regression and support vector machines to weed out spam e-mail.

More commonly seen in labs that do complicated analyses such as gene and protein matching, these techniques enable Proofpoint to evaluate incoming messages based on groups of spam "rules," recognizing and learning from patterns in those rule groupings.

That is an advantage compared with other antispam products that just use Bayesian analysis, which typically analyzes antispam rules individually, Hahn said.

In doing so, such products often miss relationships that may exist, for example, between a rule to flag messages containing the words "Buy Now!" and one to flag messages containing the word "Viagra," he said.

That translates into more legitimate e-mail messages being identified as spam, Hahn said.

Using the separate content compliance module, customers can also define content rules based on regulatory regimes such as HIPAA (the Health Insurance Privacy and Accountability Act of 1996), the Sarbanes-Oxley Act, or corporate policies regarding obscene language.

The Proofpositive Engine then monitors e-mail, flagging messages that violate a policy for review.

Proofpoint's antivirus module will use engines supplied by partners Sophos PLC and Network Associates Inc., Proofpoint said.

Antivirus scanning is conducted in parallel with antispam and content scanning, the company said.

Designed for enterprises with between 10,000 and 100,000 users, Proofpoint runs on Linux or Sun Microsystems Inc. Solaris operating systems and uses the open source sendmail product as its MTA (message transfer agent), according to Hahn.

The product's seat at the corporate gateway suits Proofpoint for deployment in heterogenous messaging environments, the company said.

The new company is right to focus on large enterprises and may find a willing market for its content compliance features, but challenges await any company that wants to stand out in the crowded field of antispam companies, according to Laura Koetzle, senior research analyst at Forrester Group Inc.

Proofpoint's use of statistical machine-learning methods may be an improvement over those being used in competing products, she said. However, even first generation antispam technology has improved, and the differences between the two might not be enough to woo away companies that have already made their investment, Koetzle said.

While lucrative, large enterprise customers are also slow to make decisions about technology purchases and expensive to court, Koetzle said.

Finally, most enterprise customers that she surveyed seemed happy with their choice of antispam technology, Koetzle said.

Unless Proofpoint's technology is proven to be significantly more accurate, it will be tough to get companies to drop the products they have, she said.

Join the newsletter!

Error: Please check your email address.

More about GatewaySendMailSophosSun Microsystems

Show Comments

Market Place