Email security provider Postini has been awarded a patent covering its approach to identifying threat patterns in IP traffic. The news underlines the growing popularity of such so-called ’reputation’ services to help block spam, viruses and other internet-borne attacks.

The approach has been part of Postini's email security hosting service for three years, helping to monitor the activity of roughly 6.5m IP addresses. Now, with patent in hand, the company plans to commercialise its SMTP threat protection, making the information the service collects available to third parties including other security companies and ISPs.

"Since we're sitting in the middle of 400 million SMTP transactions per day, we can look at things like volume, whether a sender is sending mail to a known or fake recipient, whether they've sent legitimate mail or spam," a spokesperson says. "We're looking at data points about the type of mail a sender is trying to send, and doing analysis on it."

Postini isn't alone in using this method as a way to fight abuses. IronPort, CipherTrust, Symantec, Trend Micro and others include similar capabilities in their offerings. Postini's spokesperson wouldn't comment on whether any of the company's competitors are infringing on the recently awarded patent.

Observers say it's likely that Postini will use the patent defensively, in case a competitor attempts to claim rights to reputation services, as opposed to actively pursuing royalties or litigation against rival companies.

Reputation services are emerging as an effective way to block unwanted messages without scanning the message's content, which means less spam is getting through to customers’ networks. "The volume of spam is so high now, there's no way content filters can keep up," said a security specialist. "Everyone has recognised the need to use the reputation of IP addresses as a way to tame down the overall volume of mail."

This marks the second patent Postini has been awarded related to its email security service. Last year the company patented its method of providing messaging services in an email network.