Nathaniel Borenstein and Jason Crawford are presenting INV102 . Jason is the fellow I ranted at yesterday about the futility of economic solutions. He's also the leader of the SpamGuru team. Nathaniel started right off by affirming what I had said: that spammers are engaging in anti-social or criminal behavior, though I would skip the anti-social. He emphasizes that there's never going to be a single-vendor solution to spam. He went on to describe a five part IBM strategy, of which I only managed to capture the first four. The first part of IBM's strategy is to lead the industry toward a comprehensive strategy. The second is to provide platforms (Notes/Domino and Workplace) that are capable of implementing multiple coopoerating technologies. The third part of the strategy is to contribute technology to the the community whereever possible, The fourth is education, to help reduce the number of users who enable spammers.
SpamGuru is a classic multi-step, multi-classifer, scoring filter. It was mentioned yesterday that it will be integrated into Domino, but I'm not sure if a specific release was mentioned.
IBM is deeply involved in the DKIM standardization effort, but it is one of many identity technologies and none is likely to become the authentication technology. Which is better? Nathaniel says that's the wrong question. We need both.
Here's something I hadn't heard. Spammers have figured out how to get around challenge/response by setting up free porn sites and getting visitors to pass the Turing tests that have been sent back to them by challenge systems!
Now we're into the economic solutions, and Nathaniel is saying exactly what I ranted, at least with respect to computational challenges. I.e. that they're not that useful since spammers don't use their own machines. He does seem to think that micropayments are feasible. I'll have to beat him up for this in Q&A.
Micropayments aren't a new idea. Their application to spam is. There are very few obstacles to micropayments. Nobody knows why they didn't catch on previously. There are multiple models. The postal model sends money to third parties to get mail through, and there are lots of volunteers to be the third party. Another model is the "attention bond", in which money is escrowed and only claimed if the mail is judged as spam. The "direct payment" model is simple: pay the receiver. The "charity stamps" model, which comes from IBM, allows you to document that you;ve made a charitable donation which Nathaniel says "mitigates the social evil:" of spam. IBM is promoting ways to explore all of these models.
The Lotus product strategy is continuous improvement, mamimum openness, and guarding the commons. There will be new anti-spam features in each release, IBM will use the best of what is out there, and IBM will not use patents to keep others from using their anti-spam technology.
IGS is offering IEMS: Integrated Email Security. It's designed for SMB, modula, outsourced.
1. Jon Johnston01/24/2006 10:14:35 PM
What? IGS has an offering? Shocking. Designed for SMB? It'll fail.
Does SpamGuru implement at the gateway at all? If not, I think it'll be worse than worthless.... people will think they have some level of protection, but it'll let the crap into their systems beyond the point of entry. That's bad.
I'm really skeptical of IBM's ability to do anything really wonderful in this area. What's your impression, Rich?
BTW, thanks for blogging this stuff, I appreciate it.