Microsoft Focuses on Antispam for Exchange 2003

With spam on track to become one of the biggest drains on companies’ network resources, Microsoft Monday used the RSA Conference in San Francisco as a platform to introduce a new antispam tool for Exchange Server 2003.

The tool opens up Exchange Server to allow partners to integrate their own antispam modules with the server, and Microsoft said that integration will drive better content filtering with fewer false positives. In addition, Microsoft unveiled an updated version of its virus-scanning application protocol interface (VSAPI 2.5), which also allows partners to integrate their complementary offerings with the product.

“We know customers’ pain,” said Kevin McCuistion, director of Exchange marketing and business development at Microsoft. “Security and privacy are more important than ever right now and, as an industry leader, we know Exchange and its industry partners have to offer an end-to-end solution to customers that will help fend off security threats at the gateway, on the mailbox server and at an end user’s mailbox. Microsoft’s philosophy is to stop viruses and spam at the network perimeter, keeping end users focused on the task at hand.”

Research firm Gartner, in its November 2002 report “E-Mail in 2003: The Risk Level Rises,” said spam is increasing at a rate of 1,000 percent per year, and is on track to become more than 50 percent of e-mail message traffic by 2004. The report “Anti-Spam for Businesses and ISPs: Market Size 2003-2008,” by Ferris Research, found that spam will cost U.S. businesses more than $10 billion in 2003.

Even leading anti-virus software vendors like Network Associates, Symantec and Trend Micro are recognizing the trend and adding antispam products to their lineups. All three are working on antispam products that integrate with Exchange Server 2003, and Network Associates used Microsoft’s Exchange 2003 announcement Monday as an opportunity to unveil its own McAfee SpamKiller line.

“Spam clogs users’ inboxes and e-mail storage devices, and creates significant security and liability concerns for the enterprise,” said Eric Hemmendinger, research director for security and privacy at Aberdeen Group. “IT buyers should evaluate antispam solutions in terms of fit with the existing infrastructure, detection rates, and false positives rates. Ignoring one or more of these factors may well lead to a choice that is hard to use, and does not solve the problem for the customer.”

To answer the spam threat, which promises to become a drain on network resources and productivity, Microsoft’s new antispam tool for Exchange Server 2003 allows partner offerings to scan incoming e-mail messages and then attach each one with a numeric score dubbed a Spam Confidence Level (SCL). The SCL denotes the probability that a particular message is spam, and network administrators will be able to set a threshold SCL which will determine whether a message is forwarded to a recipient’s inbox or junk mail folder.

A number of partners have already signed on to integrate their offerings, including: Brightmail, GFI Software, Network Associates, Sybari Software, Symantec and Trend Micro.

“Spam has become the No. 1 pain point for our enterprise messaging customers due to its negative impact on messaging infrastructure as well as end-user productivity,” said Chris Miller, group product manager at Symantec. “Microsoft’s antispam innovations in Exchange 2003, such as the Spam Confidence Level, will make it easier for vendors like Symantec and customers to address this challenging and complex problem.”

In addition to the new antispam tool, Exchange 2003 has been architected to work directly with the junk mail filters in the forthcoming Microsoft Office Outlook 2003 application. Microsoft said the filters will allow users to block HTML content by default, assign “safe” and “block” lists, automatically file junk mail to the trash, and profile spam by assigning points or scores to identifiers such as keywords or patterns. Additionally, the company said users will be able to save Outlook 2003 and Outlook Web Access “safe” and “block” senders lists on the Exchange server, allowing the preferences to work for mobile users on any desktop or device connected to the network.

Finally, for the network administrator, Exchange 2003 allows the assignation of enterprise-wide allow/deny lists and the integration of real-time black hole list (RBL) services.

On the viruses front, VSAPI 2.5 will allow partners’ antivirus offerings to scan e-mail messages at the entry point of customer networks, before it even reaches the Exchange mailbox server. In addition, with VSAPI 2.5, Microsoft said it is possible to prevent infected e-mail from leaving an organization by scanning outgoing mail. The API will give antivirus products more options when it comes to deleting infected messages, and the ability to automatically send a warning message back to the sender that a virus was detected and the mail deleted.

GFI, Network Associates, Panda Software, Symantec and Trend Micro are already designing their products to take advantage of the capabilities of VSAPI 2.5.