Government Computer News
Stocking stuffers
Technology of the Year: Challenge/Response spam filtering
For years the GCN Lab has reviewed filtering technology to see how to best protect e-mail from the increasingly devastating surge of spam. But today, spam has left the realm of the annoying and pushed into where it actually hurts business, making employees spend a lot of time deleting it as well as clogging mail servers and depleting needed bandwidth.
With this in mind, the GCN Lab was thankful to find a new appliance that beats back the tide of spam far more successfully than any other approach we’ve seen, the I.C.E. Box from Sendio Inc. of Newport Beach, Calif. We voted the I.C.E. Box the best product of the year in our yearly wrap-up of best new products.
Overall, when the GCN Lab tested several filtering appliances this year, we found good results. For spam, devices were able to remove 95 percent or more of the junk from the stream. That’s pretty good, unless your volume of spam is extremely high, which was the problem the GCN Lab test network was experiencing.
On any given month more than 500,000 spam e-mails were coming in, overloading the filtering devices and sending on a big load of approved spam to the mail server. Tightening the spam filtering controls helped, but we began generating false positives, losing some of the good mail along with the bad. The answer for us and for an increasing number of agencies and businesses is a challenge/response appliance that really does no spam filtering at all. Each e-mail that comes into the network goes to the appliance, which triggers an automatic challenge e-mail back to each new sender. If the sender spoofed their return address, they won’t ever get the challenge. If the e-mail is addressed to a user that is not on the network, the mail is dropped without a challenge being issued. If the mail comes from a spammer, then the challenge likely goes to a distribution server that can’t respond.
Valid users simply reply to the challenge and are validated by the system and added to the approved list. The velvet rope is always pulled back for them in the future without a challenge being issued. The box still scans for viruses, but never for spam after the sender is verified.
Since we installed this challenge/response appliance on our own network, there have been almost zero incidents of spam coming through. I do say almost because just the other day one got through, a noticeable chink in the challenge/response armor. This is no big deal considering one got through and more than two billion did not, but it brings up an interesting scenario whereby it is possible that spammers might start to take notice of the challenge/response systems and try to defeat them.
It’s possible to circumvent the technology, though it would be difficult to do on a large-scale basis. A spammer would need to set up an automatic mail distribution server and then an automatic response server that simply responds to challenges. At the very least, the response server would need to be public and would expose the spammer to the long arm of the law, but if it were an expendable server sitting on an island somewhere, then it might work. This however adds a level of expertise and expense to spammers that is not required right now. And the challenge/response companies could counter with graphical files representing numbers in the challenge that a machine can’t read, but a human could decipher.
But this game of one-upmanship is not yet being played because there are not enough challenge/response appliances out there. But with an almost 100 percent effectiveness and no way to generate a false positive, it’s only a matter of time. Challenge/response appliances simply work better than filtering ones for killing spam, and moving forward we believe this new technology will begin to encompass and eventually overtake standard filtering.
| |||
| Latest News |  WashingtonTechnology.com |
FCW.com |
|
 |
![1105 Government Information Group [happiness]](/images/1105logo_website.gif "Government Computer News [happiness]")
© 1996-2008 1105 Media, Inc. All Rights Reserved.
