New IronMail uses 'genetic' antispam algorithm

A new version of the IronMail secure e-mail gateway contains a so-called "genetic" algorithm for spotting unsolicited commercial e-mail, or spam, that will adapt to changes in spam e-mail content, according to a statement released by CipherTrust Inc., which makes the application.

The new features in IronMail 4.0, released Monday, should reduce the need for customers to modify the product's settings to increase accuracy or decrease the number of false positives, and is one of a handful of new antispam tools added to the IronMail product, CipherTrust said.

The new "genetic" algorithm analyzes incoming spam e-mail for 900 different message characteristics, detecting subtle changes in message content and format. Based on trends that turn up in the spam message flow, the algorithm then automatically changes the way the IronMail correlation engine, named the Enterprise Spam Profiler, weighs those characteristics so as to best stop spam and permit valid e-mail correspondence, a CipherTrust spokeswoman said.

In addition to the new algorithm, IronMail 4.0 adds new security features such as URL (uniform resource locator) filtering and domain blacklists to its list of tools. The product now sports 12 different antispam technologies in its arsenal, CipherTrust said.

The new version of IronMail also allows organizations to assign antispam rules by network user, group or network domain, the company said.

The new features allow customers to do more than stop spam. For example, URL filtering and domain blacklist features, which scan e-mail messages for forbidden URLs or Web domains, can be used to stop inbound spam and also to create security policies that are applied to outgoing e-mail, according to Paul Judge, chief technology officer at CipherTrust.

As spam technology improves, dedicated antispam products are becoming less desirable. Companies now want to apply antispam technology to other pressing business problems, such as preventing the loss of intellectual property or complying with federal regulations governing the handling of personal data, such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in the healthcare industry or the Graham-Leach-Bliley Act in the financial services industry, Judge said.

Baptist Health Care in Pensacola, Florida, is just such a company.

Baptist started using IronMail in November 2002, to protect around 2,500 e-mail users from spam and viruses. Previously, Baptist did not have an antispam application and used desktop antivirus software, said Michelle Boggess , electronic data security coordinator at Baptist.

Happy with the ability of IronMail to stop spam e-mail, the company is now using IronMail to help it comply with HIPAA regulations that protect patient information.

IronMail now monitors outgoing messages from Baptist for company policy violations, like transmitting confidential patient information, Boggess said.

Baptist is also adding a module to IronMail that will secure the company's e-mail with state agencies, which often send correspondences containing sensitive patient information, she said.