The Penguin and the Assassin
Based on the popular SpamAssassin software, Roaring Penguin offers a cheap and customizable solution to ISPs that provides a simple interface for end users and solves SpamAssassin’s one fatal flaw.
Based on the popular SpamAssassin software, Roaring Penguin offers a cheap and customizable solution to ISPs that provides a simple interface for end users and solves SpamAssassin’s one fatal flaw.
“ISPs are telling us their customers now expect it,” says Bill White, vice president of sales and marketing at carefully named Roaring Penguin Software. White is referring to anti-spam solutions. His assertion is that, since residential customers expect not to pay for anti-spam software, only a cheap and effective solution will be suitable. That solution, he argues, is his company’s.
Roaring Penguin’s CanIt Spam Trap is built around the popular SpamAssassin open source solution. SpamAssassin, however, is too popular. Spammers often pre-scan their email against it to make sure that the spam will be delivered. Says David Skoll, Roaring Penguin’s founder and president, “we modify the rulset to catch spammers who pre-scan against the SpamAssassin ruleset.”
He acknowledges that, as with all solutions, his will not catch 100 percent of spam. “We do tune SpamAssassin to prevent many tricks, but content filtering is an arms race. The top few percent of spammers will always get through, but those are a very small minority.”
He adds that his software takes anti-spam measures that are not common in other software. This is an important point, because while there are about six or eight good anti-spam methods and ideas, there are several hundred anti-spam companies—a recipe for needless duplication of effort in the anti-spam war.
For example, CanIt Spam Trap leaves spam on the sender’s server, storing only a brief summary on the ISP’s servers. In a low margin business, and with ISPs handling millions of spam emails each day, small kilobit-sized bandwidth savings per email add up quickly into megabits of bandwidth and gigabits of usage per month.
The company adds a third category to mail, grey mail (where “blacklisted” is bad and “whitelisted” is good). Grey mail gets a temporary failure code (i.e. “unable to send in the past four hours”). Notes Skoll, “most legitimate servers will try again, certainly within four hours.” Most spam identified as “grey mail” will, however, be blocked by this strategy.
The server employs a “mismatch rule” so that it checks, for example, that hotmail.com mail comes from a hotmail server. As this is customizable, it need not reject all mail that fails this test—some important legitimate commercial mail would fail this test, so it is important to be able to receive it all.
The company’s easy-to-understand interface should also be a plus to ISPs. ISPs know that a system must not be difficult—because if it is, customers won’t use it. The admin interface (above) and the user interface (below) should be easy to use and to explain.
Skoll brought his company to the attention of the Linux community with his company’s first press release on Oct 10, 1999, a rebuttal of Microsoft’s anti-Linux claims of the time. Since then, the company, based in Ottawa, Ontario, has developed a variety of open-source products, most of them related to anti-spam and anti-virus efforts. Most successful was MIMEDefang, a product built to protect Windows clients served by Linux machines.
MIMEDefang was the basis for the new anti-spam product, CanIt Spam Trap. So although the product is new, it has a pedigree stretching back several years.
Public acclaim
Today, the company has a wide variety of customers of all sizes, including ISPs and enterprises. We spoke to Laird Cummings, co-founder (with his wife Viv) of Public Systems Access, Inc., in New York City. The company is an ISP and systems integrator that specializes in serving non-profit corporations of all sizes.
“We’ve been in this business for fifteen years,” says Cummings, “and we’ve never had to advertise, although our referrals are fewer than they were in the past. Anti-spam is a way of keeping current clients happy; it’s not going to be a revenue-generating tool for us. We adopted the software because we were tired of trying to cope individually with filters and stuff was getting through.”
Cummings learned of Roaring Penguin from a former employee. “He went on to become network manager for the international consulting firm Razorfish but he still does some work for us. He put it on some of our servers and we liked what we saw.”
Cummings likes being able to delegate authority to customers who want it. “Most of our clients are without technical resources, but a few larger non-profits have an in-house managers. Their MIS manager runs their own filter.”
Pricing and availability
Prices for residential ISPs start at $1.50 per user. The source code is included, and subsequent maintenance fees are about 20 percent of the purchase price. (Enterprises can pay a flat fee of $20,000 or pay $6 per user.)