It Takes A Community
Cloudmark takes a collaborative approach to fighting spam. They employ the nearly 200 million consumer mailboxes of its service provider customers. The end-users identify, report and corroborate suspect messages in real time. "We give a star rating, based on the number of times that people report spam or block a phishing attempt," explains Champine "They can work up to a gold star. The feedback that we have gotten from consumers has been tremendous. The rating is based on a number of factors such as how many times did you respond, how quickly did you respond, and how often your response agrees with other trusted members within the system." Champine says that people get fanatical about their rating. "There was one time when we tweaked a few parameters, and peoples' ratings dropped. They were not getting as much image spam, and therefore they were not getting the opportunity to report as much. Their trust rating dropped a bit, so they called Cloudmark support and complained saying they needed to maintain their gold star!"
According to Cloudmark, its collaborative approach has proven more effective and faster than traditional blocking or filtering methods. At the core of the Cloudmark Global Threat Network is this Trust Evaluation System (TES). TES ensures the "reputation " of reporters by tracking how often the larger recipient community agrees with their assessment of a message. In addition, Cloudmark uses an automated system of fingerprinting algorithms. Advanced Message Fingerprinting maintains the privacy of the content and reduces the amount of data to be analyzed. Once a message fingerprint is cataloged as spam, all future messages matching that fingerprint are automatically filtered. Because a reputation-based collaborative system does not draw blanket conclusions about terms, hosts or people, it has proven to increase accuracy, particularly as it relates to false positives. "It helps end-users feel like they are empowered," says Champine. "As well as helps them maintain faith and trust in the system."
Trust is indeed a fragile thing. Arvel Hathcock, founder and CEO of Alt-N Technologies, believes the impact of phishing has struck at the heart of peoples' trust in messaging. "How the world has changed in a few short years," observes Hathcock. "You still want to communicate with your customers for legitimate business reasons, but your customers won 't even open your messages. Industry surveys reflect that nearly 80 percent of banking customers are less likely to respond to your communications and 19 percent will not enroll in online banking or bill payment because of the fear of identity theft. Statistics like these make you wonder if trust in email can ever be restored again between you and your customer."
One of the reasons Hathcock has been so active in the development and implementation of Domain Keys Identified Mail (DKIM) from its early beginnings is that Alt-N does not want trust in email to diminish because of the exploits of a few bad characters. Hathcock developed the MDaemon email server back in the mid-1990s because he believed in the benefits that communication via this new medium brought. His motivation is clear: he does not want the bad guys to destroy the trust people have in their ability to freely communicate with others around the globe. "To help rebuild this trust, a layered approach to messaging is progressively making in-roads. Authentication protocols used by email platforms, like Alt-N's MDaemon email server, uses DKIM and Sender ID to provide important steps to confirm a message's authenticity. Hathcock goes on to say that according to the Authentication and Online Trust Alliance (AOTA) nearly 7 million domains and 43 percent of email traffic contains some form of authentication. "But authentication is just one of the many layers of protection needed to restore the confidence email users need," says Hathcock. "Another area to work on is the practice of email certification and reputation services. While there are some forms of proprietary certification available today, an open standards approach will help to move this technology into the mainstream."
"Statistics like these make you wonder if trust in email can ever be restored again between you and your customer." —Arvel Hathcock, Alt-N Technologies