A Pattern Language For Spam

Anti-spam vendor Commtouch said it has acquired a patent covering a method of identifying and eliminating spam.

William Cotten, a private inventor who was awarded the original patent (U.S. Patent No. 6,330,590) in 2001, was not using it in an anti-spam service.

The patent covers a system that monitors
live e-mail, identifies certain characteristics of the e-mail message that
appear in more than one e-mail, and blocks other e-mails with the same
pattern.

Commtouch’s own anti-spam services feature what it calls Recurrent
Pattern Detection (RPD), a similar scheme. Commtouch also has a
patent pending on its RPD technology.

“The patent we acquired covers some of the processes we are using today,” said Avner Amram, Commtouch executive vice president. He said
the company felt more comfortable owning the patent, and that this one
seemed to be the earliest to cover analyzing patterns in e-mail. “Based on
our understanding of other patents and prior art applications, this patent
stood out as the earliest and most important patent in the field,” he said.

He said Commtouch will begin offering licenses of the patent to other
anti-spam companies; the starting date for the licensing push and the terms
have not been decided.

Next week, Commtouch will announce Commtouch Enterprise Gateway 4.0,
software that works with all enterprise-messaging platforms. Enhancements
include quicker deployment — the company claims it can be deployed in just
20 minutes — and Lightweight Directory Access Protocol integration so that an administrator can provision
individual users with different policies.

There also are differences in the way the new version handles
quarantines. In version 3.5, suspect files were held within the user’s
e-mail client. Now, the quarantine folder resides within the gateway, so
that administrators can easily view the files and change policies if
necessary.

The RPD process begins on Commtouch’s spam detention center, which
receives millions of e-mails each hour. The software looks for recurrent
patterns of the message, Lev said. “When we see lots of
a recurrent pattern, we start to suspect it’s spam.” Because the software
doesn’t depend on text analysis or key words, he said, it’s not fooled by,
for example, randomly generated misspellings of terms like Viagra.

As e-mail comes into the gateway, the gateway attempts to figure out
locally if it’s spam. If it can’t make that determination, the gateway
generates a signature of the message and sends it to the detention center,
which responds with a spam or not-spam designation. If a message is
determined to be spam, the enterprise gateway can delete it, send it to
quarantine or to user quarantine, as defined by the IT department.

“Because we analyze so much traffic in real time, we detect outbreaks in
less than one minute,” Lev said. “From the moment we have the classification
in our data center, it’s available to protect our customers.”

The 13-year-old company Commtouch is headquartered in Netanya, Israel,
with a subsidiary Commtouch based in Mountain View, Calif. Commtouch
anti-spam technologies are incorporated in software applications of security
and messaging OEMs , including Sybari Software and Blue Cat Networks.

According to Commtouch statistics, there are over 600,000 unique spam
outbreaks each day, with each lasting about eight hours.

Get the Free Newsletter!

Subscribe to our newsletter.

Subscribe to Daily Tech Insider for top news, trends & analysis

News Around the Web