SpamCop Survives Under New Owner

E-mail security hardware maker IronPort Systems will announce next week it is buying antispam firm SpamCop for an undisclosed sum, and plans to invest more than $1 million into the company to keep it running.

The deal is scheduled to be announced on November 25, according to information obtained by the IDG News Service from sources close to the company. Company officials declined to discuss the matter Wednesday.

SpamCop's spam "blacklist" will continue to be available at no cost to the public after the purchase.

Existing Partnership

Founded in 2000, IronPort sells networking hardware that enables network administrators to manage e-mail traffic and protect corporate networks from e-mail-borne threats.

IronPort already had a partnership to use SpamCop's blacklist data in its SenderBase service. The service compiles information about e-mail senders that enables network administrators to assign a trust level for the source of e-mail messages arriving at their company's messaging gateway, akin to a "credit rating" for e-mail correspondents.

The company also uses spam filtering technology from Brightmail and mail flow-monitoring technology to stop spam messages.

The acquisition is designed to shore up SpamCop, which survives on volunteer help and fees from spam reporting services.

Under Attack

Recently, several prominent antispam blacklist providers, including SpamCop, have been forced to close after suffering sustained distributed denial-of-service (DDoS) attacks believed to have been launched by spammers.

Antispam blacklists Monkeys.com and Osirusoft have both ceased operations in recent months after being crippled by the attacks.

By absorbing SpamCop, IronPort hopes to keep its valuable spammer blacklist and sender reputation data public, and enhance its products' capability to stop spam e-mail at the network gateway, before they reach users' inboxes, sources say.

SpamCop was also one of a handful of anti-spam organizations that recently prevailed in a lawsuit by a group of e-mail marketers. The plaintiffs complained that the blocklists and anti-spam activists interfered in their business operations. However, the plaintiffs backed off the suit, saying pending federal anti-spam legislation would render it moot.

Spam's Enemies Applaud

One member of the antispam community welcomed the news.

"I think, over all, it's good news. IronPort is a well-run company with a reasonable understanding of the spam problem," says John Levine, who chairs the Anti-Spam Research Group and the author of "Internet for Dummies."

SpamCop was staggering under the weight of DDoS attacks and a never-ending flood of new spam submissions, he says.

"Julian [Haight, SpamCop's founder] was spending 100 hours a week working on it and dealing with technical issues. I don't know how he was eating," Levine says.

IronPort's $1 million investment will provide much-needed bandwidth and computing resources so that SpamCop can withstand DDoS attacks. Without such an infusion of cash and resources, SpamCop was on the verge of collapse, Levine says.

Other surviving blacklists, including MAPS and The Spamhaus Project, have also had to find wealthy backers or begin selling services to continue operating, he notes.

"These days, because of the increasing criminality of spammers doing DDoS attacks, the only way to run a black list that works is to have multiple locations and big data pipes. In practice, large, well-funded companies have that kind of spare capacity," Levine says.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
  
Shop Tech Products at Amazon