Centurion, 09 May 2008
Spammers often forge legitimate e-mail addresses when sending spam. An upshot of this is that the legitimate e-mail addresses then receive a barrage of NDRs (non-delivery reports) when the spam is rejected, due to a full mailbox or unknown e-mail address, for example. This problem is called backscatter.
Since the NDRs are technically valid messages coming from valid sources, large amounts of them often get through to end-user inboxes and can be a major annoyance.
In a move to address this problem, Proofpoint has rolled out a spam update to all of its customers, which includes significant improvements in their backscatter protection. Prior to this update, Proofpoint blocked approximately 40% of backscatter and since the implementation it is now blocking approximately 65% without the customer having had to take any action.
By tuning a customer setting, Proofpoint can achieve a block rate as high as about 80%. Increasing the aggressiveness can potentially increase the risk of false positives on valid NDRs. However, as it collects more data, the company will adjust the default settings to optimise its block rate out of the box.
Condyn CEO, Jorina van Rensburg, says that while this is an interim solution according to Proofpoint, it is a significant improvement in the organisation's backscatter protection. "Condyn in collaboration with partner Proofpoint is ahead of the pack and is also working on a long-term solution in the product, to block virtually all backscatter, but in the meantime, all of our customers now have significantly increased protection against backscatter.
"This is another example of Proofpoint as Condyn's partner, adapting to new threats without requiring the customer to take any action. We are addressing backscatter and continually optimising and improving our protection against it and other new threats as they appear," Van Rensburg concludes.
Share