The group, which formed last month, has been drawn from all sectors of the IT community that have any interest in email, said Rob Scott, a product manager at Nokia Corp who is involved in the consortium.
Today’s meeting will see members discuss their experiences of spam and proposed solutions with others in their same vertical – ISPs with ISPs, software vendors with software vendors – before reporting back to the group as a whole.
JamSpam will meet in San Francisco just a few days before and a few blocks away from another, more technically focused, group organized by the Internet Research Task Force, a sister organization of the Internet Engineering Task Force.
This isn’t going to be an organization like the IETF, said Scott of JamSpam. A protocol standard is not the foregone conclusion of JamSpam. It’s going to be issue-oriented… a group of people concerned about the future of email and the threat of spam.
That said, there are likely to be more technical solutions proposed than non-technical, Scott said: It’s obvious that regulators are probably not going to do much, and there’s certainly been no cooperation on behalf of the spammers. Scott said that in his view authenticating email users is the key issue. Digital certificates could be used more widely to prevent spammer activity such as domain spoofing, which is frequently used to avoid spam filters, he said.
JamSpam may end up taking its recommendations to the IETF or a similar standards-setting body, according to jamspam.org. Scott admitted there is some overlap between JamSpam and the IRTF’s Anti-Spam Research Group, meeting at the IETF gathering next week.
Source: Computerwire
Webwasher claims SSL filtering first
Webwasher AG this week claimed to be the first content filtering software firm to offer SSL support in its products.
Calling it the biggest distinguishing feature in the new Content Security Management (CSM) suite, the company said the function will become more important to enterprises as the amount of SSL traffic flowing into their networks increases.
To look inside the SSL traffic and filter, that’s what [competitors] Websense and SurfControl don’t do, Webwasher CEO Horst Joepen said. IDC’s prognosis is that in industries SSL will be 30% of traffic by the year’s end.
While Webwasher is evidently the first filterware firm to offer inspection of encrypted web content, rival companies focus on filtering categorized URLs, rather than inspecting content on the fly, so SSL decryption and scanning is not an essential feature upgrade.
Joepen said that web mail services, such as Hotmail, use SSL, and that content filters usually cannot scan them, representing a potential hole in web security. Some proxy services specifically designed to bypass content filters also use SSL.
CSM can also integrate with compatible iCAP (Internet Content Adaptation Protocol) anti-virus software. It can also strip web content of malicious code, Flash, banners, pop-up ads, web bugs, referral data and cookies.
Webwasher does, however, also have URL filtering. That feature has been improved, the company said, with a new feedback mechanism in the user interface for unrecognized or wrongly categorized URLs, to keep the database fresh.
The email half of the software now also includes an optional spam-filtering module, SpamEquation, using technology provided by a third-party vendor. The module combines blacklists and Bayesian rules to calculate the probability that email is spam.
Webwasher said the software will be made generally available in May. In the meantime, a temporary test version is available for download from the company’s web site. The company offers an upgrade path from its previous modular offerings.
Source: Computerwire
