CipherTrust reveals success of email authentication at Microsoft implementation summit

July 13, 2005 – CipherTrust, Inc., the leader in messaging security, today announced its support and success of email authentication standards in stopping email bourne threats including spam, zombies and phishing attacks. CipherTrust is participating in today’s Microsoft Email Authentication Summit in New York, where the company will provide statistical information gathered from its customer base of more than 1500 enterprises worldwide. CipherTrust® incorporated email authentication protocols into its award-winning IronMail® email security appliance in early 2004. The numbers demonstrate the rapid increase in adoption of standards by major consumer brands and the benefits of Sender ID Framework over Sender Policy Framework (SPF).

In March 2004, CipherTrust was the first email security vendor to incorporate email authentication standards into their email security appliance and since then have been able to track the effectiveness and implementation of those standards. During the month of June 2005, CipherTrust researchers found that approximately three percent of email messages failed SPF, while 10 percent were SPF verified. In addition, researchers found that six percent of email messages failed Sender ID, while 20 percent verified.

This research verifies that Sender ID has overtaken SPF in enterprise adoption and is providing a more meaningful indication of the impact that email authentication can have. During the month of June, Sender ID identified twice as many emails from spoofed domains and authenticated twice as many non-spoofed messages. Sender ID authenticates the information users see, and blocks a greater percentage of unwanted mail, including dangerous phishing attacks. In addition, Sender ID is able to provide verified feedback to reputation systems, helping ensure accuracy in message scoring.

Jay Chaudhry, CEO, chairman and founder at CipherTrust, said: “Every single CipherTrust customer is a user of email authentication protocols such as Sender ID, Microsoft’s email authentication standard. The true test for any standard is when it is deployed on a wide scale and thousands of customers have already embraced Microsoft’s Sender ID. Our customers are seeing the benefits of email authentication, as they have Sender ID incorporated into their email security appliances. IronMail uses the check as part of its evaluation of whether a message is legitimate, and ultimately can better protect its customers from phishing attacks and certain spam outbreaks.”

Sender ID is a part of overall email security. Ultimately, the most precise protection comes from reputation systems such as CipherTrust’s TrustedSource. TrustedSource is based on real-time observation of enterprise email, leveraging CipherTrust’s network of enterprise email customers. TrustedSource assigns a highly precise behaviour-based reputation to every message and then sends those scores to IronMail units in the field to provide accuracy and effectiveness in fighting spam, viruses, phishing and other email bourne threats. Additionally, TrustedSource responds immediately to changes in senders’ behaviour to shut down zombie attacks.

Chaudhry said: “We are committed to adopting any standard that will keep our customers’ messaging systems more secure. What is remarkable about email authentication is that a number of vendors that would not normally work together are co-operating on a standard approach for verifying the email sender. We were part of this process at the beginning when we adopted SPF. Last year, we helped shape the standards, and this year we are seeing how that demand has made the standards a reality.”

About CipherTrust, Inc.
CipherTrust, Inc. is the leader in messaging security. Recognised by IDC as the market leader, the Company’s award-winning IronMail appliance protects the messaging systems of more enterprise e-mail users than any other solution, including more than 30 percent of the Fortune 100. CipherTrust pioneered messaging security by uniquely combining the five critical e-mail security components of spam and fraud prevention, virus and worm protection, policy and content compliance, e-mail privacy, and intrusion prevention into a single easy to deploy and manage platform. The Company is backed by top tier investors including Battery Ventures and Greylock Partners. For more information about CipherTrust, please visit www.ciphertrust.com