IronPort Study on Email Authentication Reveals Significant Adoption

First Comprehensive Study on Sender ID and DomainKeys Technology shows Adoption Increase -- More Than 35 Percent of All Mail Now Authenticated, Including 9 of the Top 10 Most Phished Sites on the Internet

April 19, 2006; 08:57 AM
SAN BRUNO, CA - IronPort® Systems Inc., leader in gateway security, announced today the results of a comprehensive study by analysts at the IronPort Threat Operations Center, addressing adoption rates and effects of email authentication technologies. Findings from the study will be presented today at the Email Authentication Summit, being held in Chicago, IL (http://emailauthentication.org/summit2006/) by Patrick Peterson, Chief Technology Officer at IronPort Systems. The study, "Email Authentication: Sender ID Framework (SIDF) and DomainKeys Identified Mail (DKIM) Scorecard," was written by IronPort analysts after examining global email traffic patterns using IronPort's unique SenderBase® traffic monitoring network which monitors over 25% of the world's Internet traffic. Key findings from the study include:

** 35% of ALL Internet email is now authenticated using SIDF

** 10% of ALL Internet email is now using DKIM

** 75% of all Fortune 100 companies use SIDF for marketing related email, 45% use DKIM

** Adoption of DKIM has increased from an negligible value in just 9 months

** 9 of the top 10 most phished domains use SIDF, 5 out of 10 use DKIM

"Email authentication is a 'chicken or egg problem,' with senders dependent on receivers and receivers on senders to get value from email authentication. This study proves we have achieved critical mass and the benefits are accruing today," said Patrick Peterson, Chief Technology Officer at IronPort Systems. "We are thrilled with the results of the study which show the addition of reputation will help rebuild trust in the Internet experience."

A Drastic Change in Landscape

The authentication landscape has changed drastically in the last 12 months. Overall adoption has increased 60 percent, with more than 35 percent of all mail sent using Sender ID Framework. 12 months ago, email authenticated with DomainKeys technology was barely measurable at less than one percent. Today, nine percent of all email is authenticated with DomainKeys technology. In the same time period, adoption of Sender ID Framework by Fortune 500 companies has increased 125 percent. 45 percent of the Fortune 100 has sent DomainKeys email, showing that many enterprises have begun the adoption cycle.

Adoption Today and Tomorrow

Industry leaders who are willing to implement new technology to fight spam and phishing attacks are driving the adoption of authentication standards. 75 percent of marketing email and five of the ten largest ISPs now use authentication technology -- creating the necessary critical mass needed to propel the standards forward. In addition, both senders and receivers are seeing real results for their efforts. IronPort customers signing with DomainKeys technology have seen zero false positives. In fact, the study did not detect any spam sent using DomainKeys. Based on the results of the study, IronPort anticipates at least 50 percent growth over the next 12 months. In late 2007, market adoption should level off at approximately 50 percent, with adoption by most major enterprise and marketing senders in US and Western Europe. Beyond this point adoption will slow as smaller domains and worldwide adoption continues at a 10 percent rate.

The study, "Internet Email Authentication: Sender ID Framework (SIDF) and DomainKeys Identified Mail (DKIM) Scorecard," published by The IronPort Threat Operations Center, will be available to download on April 24th at www.ironport.com/authentication

About the Email Authentication Summit

Authentication Summit II is a full-day conference designed for marketers, IT Professionals and business decision makers who are looking to reduce the volume of spam hitting their networks, improve deliverability and confidence in email, protect users from phishing attacks and protect their domains and brands from online exploits. With user confidence being tarnished by spam, phishing and ID theft, this event provides an opportunity to help ensure the viability of the Internet and secure messaging. Attendees will learn about the latest advances in email authentication, including the Sender ID Framework (SIDF) and DomainKeys Identified Mail, (DKIM) and the importance of authenticating both inbound and outbound email.

The Summit is being organized and underwritten by the Email Authentication Summit steering committee that includes AOL, the Anti-Phishing Working Group, Cisco Systems Inc., Digital Impact Inc., the Direct Marketing Association, the Email Sender and Provider Coalition, Epsilon Interactive, Goodmail Systems, Habeas Inc., IronPort Systems, Microsoft Corp., Return Path Inc., SKYLIST Inc., StrongMail Systems Inc. and Symantec Corp.

About IronPort Systems

IronPort Systems is the leading gateway security provider for organizations ranging from small businesses to the Global 2000. The company has developed a family of security gateway appliances, including the IronPort C-Series email security appliance, and the IronPort S-Series Web Security Appliance. All IronPort application-specific security gateway appliances offer breakthrough performance, and utilize SenderBase, the world's largest email and Web threat detection network and database. For more information on IronPort products and services, visit: http://www.ironport.com/.

David Oro IronPort Systems 415.885.9898 Email Contact Suzanne Matick IronPort Systems 831-479-1888 Email Contact