IBM recently release a report on security threat trends, letting everyone know that 2006 is expected to be a period of leveling off. Big Blue noting over a billion (yes, a BILLION) computer security threats in 2005. Is this “leveling off” supposed to mean we are out of the woods?

This isn’t exactly late breaking news, but Yahoo! posted an article on some new anti-spam technologies, entitled IBM And Symantec Look To The Sources To Try Slowing Spam, which gives a pretty good explanation of how IBM’s FairUCE and Symantec’s appliance-based traffic shaping technologies work. It is worth a read, particularly if you are still under the impression IBM is planning on “spamming spammers.” It is also worthy of a few comments.

The gist of FairUCE is spoof checking. “Return Path:” and “From:” domains are checked against domain registration information; email that doesn’t check out is queued up for a challenge-response. The key to this solution is front end efficiency - if you can’t check registration information (which may include entire Class C’s and more), then the system will eat up too much resources to be cost effective. This may become particularly challenging as IPv6 gains wider use (many more addresses will exist that have to be checked).

On Symantec, appliance-based throttling isn’t a full-fledged solution, but then again, Symantec doesn’t claim it is. Giving email that comes from “high-abuse” IP addresses less bandwidth isn’t much different from blocking DDOS and directory harvesting attacks. And where does the delivery backlog occur? Does the sender receive notification of what is going on, or does the receiver simply start dropping packets?

While neither option will reach widespread adoption for some time, we will just have to wait patiently for the jury vote.

Even though the facts were straightened out roughly an hour after CNN reported IBM going into the vigilante spam business, some folks still don’t get the hint, including ITBusiness.ca.

For those who still haven’t caught the true story, here is another: IBM unveils anti-spaming technology, from PakTribune. This article doesn’t mention that the inititive includes the ability to return a challenge-response to the unverified sender, which is where all the knuckleheads got the idea IBM would be spamming everyone.

Meanwhile, ITBusiness.ca has just been taken off my reading list.

There has been a lot of chatter regarding IBM’s latest foray into the anti-spam marketplace. At first, the talk was primarily bunk. IBM was being accused of spamming back the spammers. Now, a few days later, the record has been set straight on FairUCE.

CNN reported that IBM would be “attacking” spammers (see IBM set to use spam to attack spammers).

I don’t think being a spam vigilante was or is going to solve many problems, and it seems Techdirt had the same notions (see IBM Believes In Spam For A Spam Vigilante Revenge).

Stop.

FairUCE IS NOT a way just to “spam the spammers” back. Simply put, Fair UCE provides a means for validating sender IP addresses against domain IP information, at least in theory (I haven’t seen the product in action yet). If an email is not validated, FairUCE gives the sender a second chance at delivery, by returning a challenge-response notification.

Now challenge-response has come under a lot of heat, much of which I suspect is FUD from the spamming community. It is virtually impossible to thwart, and is a generally pain for users as well. Even if it didn’t work, the call for response on a message is enough to keep any bulk mailer writhing in agony (being that they would get flooded with millions upon millions of them a day).

Here are a couple of additional articles explaining FairUCE. Not all of them shed a shining light on the new product, but it will give you a better idea of what the product/system really is..at least better than CNN did!

See IBM releases FairUCE anti-spam technology from NetworkWorld, and

IBM’s New FairUCE Takes On Spam from LinuxWorld, and

Analysts Shrug at IBM Anti-Spam Release from TechNews (keeping in mind that most technology analysts work at competing firms to IBM’s anti-spam group).

Still wondering? Then catch the Slashdot response here: IBM Unveils Anti-Spam Services to Stop Spammers.