As spam-detection technology reaches its limits so IT managers need to shift their spam-fighting strategies, claims Paul Judge, chief technology officer at CipherTrust in Alpharetta, Georgia. "With spam no longer being a small percentage of messages and now being the majority of e-mail, we need to fight the problem the other way around," he suggests. In short, identify the good messages and let them through, and chuck everything else.

That's part of the logic behind the company's IronMail 4.0 appliance, which is being released today. CipherTrust has boosted the power of its Enterprise Spam Profiler (ESP) tool in IronMail to more accurately distinguish good messages from bad. Geoff Catron, director of networks/security for the Georgia Department of Technical and Adult Education, manages the messaging on 34 campuses and a central office, each of which uses an IronMail 3.0 appliance.

He's looking forward to 4.0 because of the improvements in ESP. Catron says that central office alone gets 12,000 messages a day, of which 92 percent are spam. Getting to that good 8 percent takes some diligent tuning of the ESP, he says.

At central office, where one of Catron's engineers regularly tunes the filtering parameters, that's not a big deal. But separating the wheat from the spammy chaff is more problematic on the campuses, where staff have different skill levels and face different day-to-day challenges. With 4.0, CipherTrust will take over tuning the ESP to locate good mail and regularly download updates to user appliances with improved processing techniques. IronMail 4.0 also adds Bayesian and URL filtering. Pricing starts at US$27,000.

Paid to reject Spam
The imperfection of traditional spam filters has led other vendors to look at different strategies for fighting spam. "We know the perfect filter is the pocketbook of the spammer," says Phil Raymond, the CEO of Vanquish Inc. in Marlboro, Mass. Raymond anticipates that Vanquish will later this year unveil a new anti-spam system that's driven by economics. He says the planned service and software offering, while complex, will let legitimate bulk e-mailers offer users a financial incentive to reject unwanted messages. The legit crowd, such as newsletter publishers, will put up a bond for each mailing and bet that very few recipients will reject them. However, if you do get an unwanted message, you can reject it with a button that's attached to each e-mail and, say, pocket a buck in a PayPal account.

Under this scheme, a tally is kept of every time you reject an e-mail (and pocket the money) so that other mailers can determine your sensitivity to unsolicited messages and drop you from their lists. Raymond hopes that over time, legitimate bulk mailers will embrace a system like this so completely that any bulk e-mail from an unknown source will automatically be rejected by all mail systems.

Spam free - get secure
When you're done fighting spam (yeah, right), you can return to securing your data, which is most at risk from internal malcontents. That's the logic behind OmniTrust Security Systems Inc.'s Trusted Environment. It lets you set policies dictating who can see what documents and when, based on where they are and what device they're using. Michael Mansouri, CEO of the Mountain View, Calif., company, which is changing its name from Probix Inc. tomorrow, says you can have policies for remote laptops and handhelds that are different from those for desktop PCs.

Remembering that one in 17
Are your users having trouble managing their passwords? According to Greg Fournier, product line manager at American Power Conversion Corp. in West Kingston, R.I., the average employee has about 17 of them. And help desk experts say the No. 1 request from callers is for assistance with forgotten passwords. Biometric devices can consolidate your passwords and add security to a PC. But they're pretty pricey. Or have been. In early March, APC will release its Biometric Manager for under $50. It will remember all of your passwords (except for the one to its master file of encrypted passwords) and apply them to the right applications. Right now, it's Windows only, but you second-class Macintosh citizens will get a version later in the year.

Rich Internet Apps
Laszlo Systems Inc. in San Francisco this week will release Laszlo Presentation Server 2.0 with its new Krank Optimizer. The upgrade is ideal for online, transaction-based programs. It combines Macromedia Flash and XML to deliver interactive, high-performance applications. It's free for developers at www.lazlosystems.com/developers. Enterprises deploying it will fork over $22,500 per server CPU.