Your Reputation Precedes You by CipherTrust
A Look at the Past, Present and Future of Email Reputation Systems
“Reputation, reputation, reputation! Oh, I have lost my reputation!
I have lost the immortal part of myself, and what remains is bestial.”
--Spoken by Cassio, in Shakespeare’s Othello (circa 1602)
Though written over four centuries ago, the sentiment behind these words still holds true – you’re nothing without your reputation. Every day, different reputation systems dictate who you are to those who don’t know you. To lenders, you’re a credit score. To insurance companies, you’re a calculated risk. And now, thanks to the next generation of reputation systems, you’re an IP score.
For obvious reasons, spammers, phishers and virus writers would prefer to hide their identities. They use countless techniques to disguise themselves with the intent of sneaking into your enterprise inboxes, robbing you blind or hijacking your network – or both.
On the other hand, those who would fight these senders are well served to know who the senders are and what they’ve been up to. To that end, email reputation systems are used to figure out what sort of behavior senders have demonstrated in the past and make educated predictions of their future behavior, for better or for worse.
Content Inspection Is Not Enough
Unfortunately, many enterprises rely on an email security solution based solely on message content; understanding the source of a particular message never enters the equation. While this approach is moderately effective when dealing with messages that contain specific spam identifiers, it is completely ineffective at stopping spam that employs techniques not yet seen.
Email Security with Reputation
A comprehensive approach to email security involves examining both message content and sender history. By evaluating senders based on their past behavior, a more accurate picture of their intentions and legitimacy can be discerned. Has the sender engaged in spamming, virus distribution or phishing attacks? If they have, an effective reputation system knows and flags the message. Has the sender even been seen before? If not, a reputation system should pay close attention to ensure that the sender is not a “zombie” machine being controlled remotely by a hacker.
First-Generation Reputation Systems
In the “early days” of spam (circa 2001), simple blacklists and whitelists seemed like an appropriate response to the nuisance messages that had begun to show up in inboxes around the world. Blacklists contain the IP addresses of known spammers, phishers and virus senders; whitelists contain the IP addresses of senders known to be legitimate. Referencing these lists allowed companies to filter a segment of their total mail flow, briefly curbing the onslaught of spam messages. However, their shortcomings were exposed relatively quickly.
The very nature of whitelists and blacklists makes them manual by default. In order for a list to be updated, all messages (both wanted and unwanted) must first be received by an end user and then manually reported to a system administrator. With this sort of end-user reliance, it’s easy to see why the glory days of list-only reputation systems were short-lived.
Further compounding matters, lists rely on anecdotal evidence, opening the door to “vigilantes” who add senders to blacklists without first verifying that they’re actually malicious; and spammers, who add themselves to whitelists which take a “pay-to-play” approach, allowing any “bonded” sender to buy their way onto the list.
Other mitigating factors were behind the decline in blacklist and whitelist effectiveness. In the end, the failure of these lists as email security solutions was largely due to their inability to factor message quality into the equation.
Second-Generation Reputation Systems
The next iteration of reputation systems built on the failure of blacklists and whitelists to maintain control over the spam flood. While the lists remained an integral component, new features briefly increased second-generation reputation systems’ efficiency and effectiveness. With time, however, spammers adapted their habits to evade detection.
Among improvements seen in second-generation reputation systems were dynamic lists, necessary to combat the introduction of “zombies” into the email security landscape; automatic updates, which removed the administrative burden of manually uploading lists; and message scoring, which assesses a message’s likelihood of being spam and assigns a corresponding “score.”
The Next-Generation Reputation System
Today’s spammers are more clever than ever, so today’s reputation systems must be equally sophisticated. An effective reputation system must be dynamic, comprehensive and precise, and based on actual enterprise email traffic in order to keep the spammers from gaining any advantage. To that end, CipherTrust developed TrustedSource, the most precise and comprehensive reputation system available. TrustedSource keeps enterprises ahead of the spammers by leveraging research generated by CipherTrust’s industry-leading network of customers. In developing TrustedSource, CipherTrust has succeeded in defining to a reputation for every IP address in use across the Internet (all 4.2 billion!), not just those that have been encountered in the past.
By combining years of industry-leading research with the unmatched capabilities of IronMail’s Message Profiler, CipherTrust has made some ground-breaking discoveries about the email sending behavior of IP addresses. TrustedSource merges CipherTrust’s unmatched knowledge base and global customer network of over 1,400 companies with generally available data such as traffic patterns, white/blacklists and network characteristics. This powerful combination allows TrustedSource to assign accurate scores to any IP address encountered by IronMail, considering both sender history and message characteristics.
Trust Your Reputation to Ours
A traditional email security approach that relies solely on identifying messages based on content and/or characteristics, or an approach that relies solely on blacklists and whitelists, is incapable of generating adequate data about senders. In order to accurately identify messages as wanted or unwanted, corporations must embrace an approach that includes a comprehensive reputation system like TrustedSource. To learn more about TrustedSource and how it can help you take control of your enterprise email security, download CipherTrust’s free whitepaper, “TrustedSource: Reputation Redefined.”
Article Source: http://www.BharatBhasha.com
Article Url: http://www.bharatbhasha.com/email.php/18067
| Other Articles related to "Your Reputation Precedes You" by CipherTrust | |
•Does Your Email Reputation System Have a Bad Rep
Does Your Email Reputation System Have a Bad Rep? by CipherTrustThe recent spike in the volume of spam traveling across the Internet, combined with the dangers of phishing and virus attacks that frequently accompany these messages, has forced enterprises to reconsider how they determine which messages will be allowed into their network. The latest advances in anti-spam technology have been enabled in part by the use of reputation services which determine the “good” and “bad” senders. There...
•Maximizing Email Security ROI Stop Spam and Save
by CipherTrustThis is the first of a five-part series on Maximizing Email Security ROI In the realm of email security threats, the costs of spam are relatively easy to recognize. Although most organizations rarely, if ever, take the time to calculate their spam costs, they can easily account for the losses caused by spam with regards to employee productivity, consumption of IT resources and help desk costs. Harder to measure are the less obvious, and potentially catastrophic, costs incurred...
•Increase Efficiency with Intelligent Email Traffic Control
by CipherTrustWork Smarter, Not HarderCipherTrust’s IronMail has helped some of the largest enterprises in the world stem the flood of spam to their end users, as well as address a host of other e-mail threats. IronMail’s unique Spam Profiler tool provides maximum effectiveness by scrutinizing thousands of characteristics of every message to determine a spam score. But the challenges for enterprises today do not stop at identifying and blocking spam. With spam volumes continuing to increase...
•Maximizing Email Security ROI Part II Stop Viruses Before They Stop You
by CipherTrustThis is the second of a five-part series on Maximizing Email Security ROI. Across the spectrum of information security risks, most casual users understand the dangers posed by viruses and worms. Network administrators have even more reason to fear a virus attack, as a successful assault can cripple corporate networks for days. The lasting damage, however, is much more difficult to determine with precision, as the residual financial impact of a virus infection extends long after...
•Maximizing Email Security ROI Part III No More Mr Nice Guy Enforcing E Mail Policy
by CipherTrustThis is the third of a five-part series on Maximizing E-mail Security ROI.E-mail is an easy, cheap and readily available form of communication. It’s a great tool for businesses, but without proper safeguards in place to regulate the information transmitted it can also be a potential threat. An effective e-mail policy should be all-encompassing, helping organizations comply with federal regulations, protect intellectual property and prevent offensive materials from being...
•Maximizing E mail Security ROI Part IV The Digital Monsters under Your Bed E Mail Intruders
by CipherTrust This is the last of a five-part series on Maximizing Email Security ROI. Remember your kid fears? As soon as the lights went out, the monsters under your bed began plotting ways to get you. Somehow, though, you always managed to outsmart them and make it through the night. Then one night you grew up, and the monsters went away for good. Well, they're back. And they've unionized.International rings of hackers, many backed by funds from organized crime groups, are the new...
•Why Corporations Need to Worry About Phishing
by CipherTrustPhishing is a relatively new form of online fraud that focuses on fooling the victim into providing sensitive financial or personal information to a bogus website that bears a significant resemblance to a tried and true online brand. Typically, the victim provides information into a form on the imposter site, which then relays the information to the fraudster. Although this form of fraud is relatively new, its prevalence is exploding. From November 2003 to May 2004, Phishing...
|
| Articles In LimeLight | Things You Should Know About A Car Loan
By Ajeet Khurana Added on Wednesday, May 14, 2008
A Holiday To Munich For A Brewery Tour
By Jessica Nielson Added on Wednesday, May 14, 2008
How To Store The Car Of Your Dreams Correctly
By Lee Dobbins Added on Sunday, April 27, 2008
Wood Furniture Care: Why Sanding Wooden Flooring Can Help
By Adam Peters Added on Tuesday, May 13, 2008
The Best Way To Help Your Tattoo Heal
By Danny Kevant Added on Wednesday, May 14, 2008
The Benefits Of Using The Credit Risk Scorecard
By Sam Miller Added on Saturday, April 19, 2008
The Impact Of Metrics For Investment Banking Performance
By Sam Miller Added on Thursday, May 15, 2008
Finding The Proper Niche
By Nicholas Added on Tuesday, May 13, 2008
Your Moment Of Power Is Now
By Tim Whiston Added on Thursday, May 15, 2008
A Holiday In Liverpool Filled With Fun
By Jessica Nielson Added on Wednesday, May 14, 2008
Hybrid Tea Roses – Developing A Great Understanding
By K. Finch Added on Tuesday, May 13, 2008
Microwave Oven: Defining Modern Life Style And Cooking Techniques
By Roberto Sedycias Added on Tuesday, May 13, 2008
Personalized And Homemade Baby Gifts
By Mandie Klein Added on Wednesday, May 14, 2008
Tattoo Care: Tattoo Removal Utah
By Matty Mathias Added on Saturday, April 26, 2008
Look Online For Advice If Wanting To Buy A Used Audi
By Louis Rix Added on Saturday, May 3, 2008
Home Electronics: Must-Have Components For Any Home Theater
By Ben Anton Added on Thursday, May 15, 2008
Loving Mexican Food Spices
By Annie Dubois Added on Thursday, May 15, 2008
New Age Spirituality - Inspirational Stories ( Part 37 )
By Vish Writer / Swami Vivekananda Added on Tuesday, May 13, 2008
Kitchen Lighting Tips
By Tim Sousa Added on Thursday, May 15, 2008
Avoid Injuries With Golf Strength Training
By Mike Schlacter Added on Thursday, May 15, 2008
|
|
|
Publishers / Webmasters
|
|
Tell A Friend
|
| Comments / Questions? |
| Download this article in PDF |
|
372 Users Online!
|
| Latest Articles: | - Bronze Casting Information And The Process Of Bronze Casting
- By Kent Klein
- The Ultimate Guide To A Client Conversion System
- By Tracey Lawton
- Brass Casting Information And The Process Of Brass Casting
- By Kent Klein
- Aluminum Information And The Process Of Aluminum Casting
- By Kent Klein
- Iron Casting Information And The Process Of Iron Casting
- By Kent Klein
- Casting Supplies Information And What Casting Supplies Will You Need
- By Kent Klein
- Metal Casting Tools And Definitions Of Metal Casting Tools
- By Kent Klein
- Information On Metal Casting Crucibles
- By Kent Klein
- Information On Casting Sand And Green Sand Or Foundry Sand
- By Kent Klein
- Information On Casting Associations And Metal Casting Groups
- By Kent Klein
- Information On Resin Casting And The Process Of Resin Casting
- By Kent Klein
- Metal Casting Information And Basic Metal Casting Information
- By Kent Klein
- Spin Casting, Sand Casting, And Other Metal Casting Processes
- By Kent Klein
- Chase The Winter Blues With Retirement Hobbies.
- By Carm Paynter
- Metal Casting Furnaces And Metal Casting Furnace Types Described
- By Kent Klein
- DIY Bronze Furnace, Diy Casting Furnaces, And Other Metal Casting Furnaces
- By Kent Klein
- Injector Torch, Cutting Torch, And Other Metal Casting Torches Described
- By Kent Klein
- How To Cast Jewelry, Casting Jewelry, And Cast Jewelry Information Described
- By Kent Klein
- Die Casting Information, Die Casting Defined, And Types Of Die Casting
- By Kent Klein
- Lost Wax Casting Process
- By Kent Klein
|
| |
