Reflexion Networks: Using Address Control to Combat Spam

Monday, 20 August 2007 03:00 Written by Peter Brockmann

brockmann-reflexionlogo One of the more interesting implementations to control spam is from the Woburn Massachusetts email security service provider, Reflexion Networks. Since Woburn (pronounced Wu-burn), is only 20 miles down route 90 & 95/128 from Northborough, it was most convenient for Brockmann & Company to meet with David Hughes the CEO and Scott Barlow the VP of Sales and Marketing at their offices.

Like other in and outbound messaging management services, Reflexion requires an adjustment of the MX records to point to their data center. Outbound messages are secured by configuring the email server (or outgoing SMTP server on the email client), to relay messages through Reflexion. The firewalls should also be adjusted to require all SMTP services to transit the Reflexion service.

Using a blend of technologies, Reflexion claims to significantly reduce the quantity and time spent dealing with spam for protected users. Founded in 2001, the company aims to address the needs of ISPs and small medium businesses through an international network of 300+ VARs, SIs and IT Solutions providers; the company supports 4,000 businesses in 33 countries.

With mail processing logic flexibly defined by the user and the ISP, users can fine-tune their experience. Key components include:

Refusing acceptance of messages to unknown users which eliminates the barrage of a huge quantity of dictionary attacks.
Anti-virus inspection using ClamAV - no point in delivering a virus, instead vaporize it.
Senders on allow lists (challenge-response is an optional service parameter) are accepted
Permitted language - have you ever received an email in Chinese or Cyrillic characters? Chances are these are spam, unless you can read these other languages. Users can determine their corporate policy or their personal preferences wrt language.
Permitted country - using a database of IP addresses-geography mapping, Reflexion is able to allow a business to restrict incoming messages to only those within their serving area, country or region. This could be used to block many of the more popular 419 phishing attacks.

One of the coolest features of the Reflexion service is the Address-on-the-Fly^TM feature. It gives users more complete control over protecting their primary address and assures delivery by eliminating the need for content filtering. The method is based on the analysis of how spammers get addresses. Address-on-the-Fly allows a protected user to create a unique email address using a specific rule while visiting a site. For example, if user (at) domain.com were completing a form at merchant1.com, they might use the address user.merchant1 (at) domain.com to complete the registration process.

Merchant1's automated confirmation message, addressed to user.merchant1 (at) domain.com would be automatically recognized by the Reflexion service and delivered to the user's email account. At the bottom of the email is a control panel strip that provides information about the history of that email alias and contextually-sensitive choices for dealing with the sender in future communications. The first time the message is flagged that the "sender is using an Address-on-the-Fly", but its when the send-from and address pair is not the expected result that things get interesting. Should that address be shared with another organization, its history becomes more clear to the user.

aotf2

Here the address history is shown at the bottom of the control panel, and context sensitive options are presented - block the sender, ignore the control options (do nothing) or protect the address. When protected, user-level security is applied and only legitimate senders can use the address in question.

dsf Another cool feature is the Delegated Spam Folder, so that a designated person such as the duty sales person, or the departmental secretary or the VP's administrative assistant can quickly scan the quarantined messages folder, releasing those deemed good email and otherwise managing the suspect messages for an executive, a workgroup or a broader function.

It's about Controlling the user Experience

By offering intelligent options for address control and providing meta data about the use of an email address, Reflexion is offering a uniquely fine level of control of email address use. This enables early detection of email privacy abuse, and affords users a variety of mechanisms to reduce frustrating encounters with spammers and their email. Users have control over which protection service to engage including challenge-response or flagging or quarantining or vaporizing options. Successive and different techniques to reduce the frequency of bad messages arriving and minimizing the necessity of challenging legitimate senders, are exactly what leading email integrity vendors are doing to improve the email experience.