Prepared by R.R. Donnelley Financial -- Amended & Restated Symantec Service Provider Agreement dated 03/28/2003

EX-10.10 3 dex1010.htm AMENDED & RESTATED SYMANTEC SERVICE PROVIDER AGREEMENT DATED 03/28/2003 Prepared by R.R. Donnelley Financial -- Amended & Restated Symantec Service Provider Agreement dated 03/28/2003

EXHIBIT 10.10

CONFIDENTIAL TREATMENT REQUESTED

AMENDED AND RESTATED

SYMANTEC SERVICE PROVIDER AGREEMENT

THIS AMENDED AND RESTATED SYMANTEC SERVICE PROVIDER AGREEMENT (The “Agreement”) is entered into by and between Symantec Corporation, a Delaware corporation maintaining its principal place of business at 20330 Stevens Creek Boulevard, Cupertino, California 95014, and Symantec Limited, an Irish corporation maintaining its principal place of business at Ballycoolin Industrial Park, Blanchardstown, Co. Dublin 15, Ireland (collectively, “Symantec”) and Brightmail, Inc., a California corporation maintaining its principal place of business at 301 Howard Street, Suite 1800, San Francisco, California 94105 (“Brightmail”) (the parties collectively referred to herein as the “Parties” and individually as a “Party”).

In consideration of the mutual covenants which follow, Symantec and Brightmail agree:

I.	DEFINITIONS

The capitalized terms below shall have the following meanings when used in this Agreement:

“Affiliate(s)” shall mean any wholly owned, meaning one hundred percent (100%) stock ownership, subsidiary of an Authorized Sublicensee. Brightmail covenants that it will enforce on Symantec’s behalf, the terms of this Agreement as to all Affiliates under Existing Business agreements that Brightmail has in place on the Effective Date of this Agreement that do not meet this definition. All renewals or extensions of Existing Business agreements and all New Business must comply with this definition.

“Amended Date” means the date on which the original Agreement was amended and restated, which is March 28, 2003.

“Americas” means both North America and South America geographical regions.

“Application Service Providers or “ASP” means an entity that provides application services remotely for a fee or other consideration to its Authorized Users, none of whom are under the ASP’s immediate employ or the employ of any parent or subsidiary, except in the situation where the employee purchases or subscribes to the Service as an Authorized User outside of its normal business usage, but not in the case where the ASP utilizes its own email system internally as the default option for all employees, which scenario then requires the ASP to obtain an enterprise, internal use license from Symantec.

“AsiaPac/EMEA” means both the Asian Pacific rim countries and EMEA which consists of Europe, Middle East and Africa geographical regions.

“Authorized Users” means and is calculated as follows: (A) for all New Business and Internal Users, each and every (i) unique consumer or (ii) home office at a residential address, (iii) small businesses which are up to one hundred (100) Authorized Users, but not including any medium or large Enterprises of one hundred (100) or more Authorized Users, except where allowed for under the license grant Section III(2)(v), and (iv) each Internal User of an Authorized Sublicensee, per the license grant set forth in Section III(2)(vi), wherein in each of the foregoing, the Authorized User is either counted as an unique mailbox being scanned and protected using the Licensed Product, or as an email address, or an account that is subscribing to, the Licensed Product, which is active at any time during the Term, and which is as clearly indicated in the

CONFIDENTIAL TREATMENT REQUESTED

reporting to Symantec, and (B) for all Existing Business and Enterprises, each and every unique e-mail box being scanned and protected using the Licensed Product, or as an email address, or an account that is subscribing to, the Licensed Product, which is active at any time during the Term or as determined by an alternative definition which was approved in writing by Symantec prior to the Effective Date and specifically detailed on Exhibit B.

“Authorized Sublicensee” means a firm, company, organization, or other third party that provides, for a fee or in certain situations, for no fee but pursuant to some other subscription arrangement or agreement, Internet services, online application hosting services, or similar on-line electronic services to its Authorized Users, which may include ISPs, ASPs, and wireless operators that offer Internet access and other similar Services to its own Authorized Users but only pursuant to its right to use the Licensed Products on such Authorized Sublicensee’s own servers subject to and in accordance with the terms of this Agreement. All Authorized Sublicensees are Service Providers. Authorized Sublicensee shall include its Affiliates.

“BMI Product” means Brightmail’s own Antivirus scanning and Antivirus cleaning components and analysis and filtering systems that enhance the integrity and security of electronic mail systems for the benefit of the Authorized Users.

“BMI Service” means the service provided by which consists of incorporating the Licensed Product with Brightmail’s own anti-virus product and providing support for the same which is for the ultimate benefit of the Authorized Users as provided by the Authorized Sublicensees and is run on servers owned or maintained by the Authorized Sublicensee.

“Converted Business” means those certain Authorized Sublicensees under existing contracts prior to the Effective Date, which are set forth in Exhibit F, and only consists of business wherein Brightmail generates thirty percent (30%) or less on the margin (or as otherwise specifically approved by an officer of Symantec in writing as indicated on Exhibit F) based upon the royalty schedule set forth in the Prior Agreement as of the Effective Date and which royalty schedule is restated and set forth in Exhibit A of this Agreement.

“Documentation” means written guides describing the use and operation of the Licensed Product provided by Symantec to Brightmail.

“Effective Date” means July 1, 2002.

“Enterprise” means individually and collectively those legal entities which are commercial businesses, other than ISPs, ASP and wireless operators, that would use the Licensed Product for its own internal use only, in conjunction with that entity’s internal business needs and are typically consisting of one hundred (100) or more Authorized Users.

“Existing Business” means (i) all Authorized Sublicensees that provide the Licensed Product to Authorized Users or (ii) all Enterprises, which were counted and defined as “Mailboxes” under an agreement pursuant to the Prior Agreement and existing prior to the Effective Date, to receive the BMI Services. Such existing agreements were entered into as a result of either a direct sale from Brightmail or one of its authorized Resellers, under the Prior Agreement and prior to the Effective Date of this Agreement. This definition excludes all Converted Business, New Business and all accounts listed in Exhibit B.

CONFIDENTIAL TREATMENT REQUESTED

“First Date of Use” means the first date after the termination of the Evaluation Period if the Authorized Sublicensee accepts the BMI Service and commercially deploys the BMI Product which incorporates the Licensed Product.

“Internal User(s)” means for purposes of Section III(1), only those employees, consultants and/or contractors who work, and board members of Brightmail, located within the Territory, not to exceed a total of one twenty-five hundred (125) employees initially, with a twenty percent (20%) increase per every twelve (12) months of the Term, starting on the first anniversary date of the Term and for purposes of Section III(2)(vi) those employees, consultants and/or contractors who work for the Authorized Sublicensee, wherein in both cases, each Internal User is counted as a single Authorized User.

“Internet Service Provider” or “ISP” is an entity that provides Internet access and messaging services for a fee or other consideration to its Authorized Users, none of whom are under its immediate employ or the employ of any parent or subsidiary, except in the situation where the employee purchases or subscribes to the Service as an Authorized User outside of its normal business usage, but not in the case where the ISP utilizes its own email system internally as the default option for all employees, which scenario then requires the ISP to obtain an enterprise, internal use license from Symantec.

“Licensed Product” means the proprietary antivirus scanning and decomposition software code and program(s) as described in Exhibit A and all versions and updates thereto, and includes any corrections, bug fixes, enhancements, virus definitions, anti-virus rules or other modifications, in each case as made generally available by Symantec to its customers during the Term.

“Minimum Commitment” means both the Minimum Commitment Payments for Existing Business and the Minimum Commitment Payments for New Business, as outline in Exhibit A, under Section III.2.

“New Business” means and includes (i) all Authorized Sublicensees with agreements to provide the Licensed Product to their Authorized Users under an agreement with Brightmail or Reseller that is entered into on or after the Effective Date of this Agreement, (ii) all renewals, amendments that extend the time period of the agreement with the Authorized Sublicensees and extensions for Authorized Users and Authorized Sublicensees receiving BMI Services after the Effective Date, and (iii) all Converted Business.

“Payment(s)” means all amounts due under the terms of this Agreement, which include any Minimum Commitment Payments, any license and other fees related to the Licensed Products, as calculated based upon the number of Authorized Users and any other prices for the Licensed Product(s) and support, as indicated in Exhibit A hereto.

“Prior Agreement” means that agreement superseded by this Agreement, known as the Software Manufacturer License and Reseller Agreement by and between Symantec Corporation and Brightmail, Inc., effective April 3, 2000, as amended thereafter by Amendment One, with an effective date of July 31, 2000, Amendment Two with an effective date of August 31, 2000 and Amendment Three with an effective date of December 6, 2001.

“Reseller(s)” means those authorized resellers of Brightmail that have (i) entered into the standard reseller agreement with Brightmail, a copy of which is attached hereto as Exhibit G or an equivalent agreement with substantially the same terms as the copy attached hereto as Exhibit G, (ii) an agreement with Brightmail that requires the reseller to comply with same terms that Brightmail is required to comply with under this

CONFIDENTIAL TREATMENT REQUESTED

Agreement, in all respects, including but not limited to, reporting and protection of Symantec’s intellectual property rights, and (iii) an agreement with Brightmail that names Symantec as a third party beneficiary; and is an authorized Reseller of Brightmail wherein Brightmail agrees to fully enforce all of the foregoing requirements set forth in this provision on Symantec’s behalf.

“Service” means the service provided by Authorized Sublicensees as a Service Provider to its Authorized Users, using the Licensed Product provided pursuant to Brightmail’s own service (as defined in the “BMI Service” definition) for the ultimate benefit of the Authorized Users and are run on servers owned or maintained by the Authorized Sublicensee.

“Service Provider” means a firm, company, or organization that provides, for a fee or in certain situations, for no fee but pursuant to some other subscription arrangement or agreement, Internet services, online application hosting services or similar on-line electronic services to its Authorized Users or other hardware or software products or applications and related support, which can be utilized therein. This definition excludes entities that are providing such Internet services solely to persons under the entity’s immediate employ or the employ of any parent, subsidiary, or affiliate firm, company, or organization of the entity. This definition specifically includes all franchise arrangements wherein franchisees are provided Services by franchisors.

“Term” means the time period in which the arrangement between the Parties is in place, as determined and defined in Section IX of the Agreement.

“Territory” means world-wide.

II.

BRIGHTMAIL OBLIGATIONS

1. Other Products.

During the Term of this Agreement, Brightmail shall not market or sell as part of its BMI Service any products that provide anti-virus scanning or repair services other than those which are Symantec products or contain the Licensed Products.

2. Term or Subscription License, Reseller Rights.

Brightmail specifically represents and acknowledges that any use by any third party of any Licensed Product must be pursuant to the terms under the license grant set forth in Section III and the related Payment terms and cannot be handled as an actual sale of a perpetual license under a Reseller transaction.

3. No Further Sublicensing.

Brightmail may not authorize, and must contractually prohibit all Authorized Sublicensees and Authorized Users from further sublicensing the Licensed Products to another third party other than as specifically allowed in the grant of license Section III, below.

III.

GRANT OF LICENSE AS SERVICE PROVIDER FOR SERVICES

Brightmail represents and warrants (and hereby acknowledges that the following licenses are conditioned upon the following representations and warranties) that Brightmail is, as of the Effective Date and during the Term of the Agreement will be, a Service Provider and a “Licensee” under the terms of this Agreement.

CONFIDENTIAL TREATMENT REQUESTED

1. Internal Use.

2. Service Provider Use.

In accordance with the terms of this Agreement, Symantec grants to Brightmail, and Brightmail accepts from Symantec, a limited, nonexclusive, non-transferable license to use the object code version of the Licensed Product consisting Norton Antivirus scanning and decomposition libraries for the Term of this Agreement only, for the purpose of sublicensing an integrated product with the BMI Product solely to provide the BMI Service through Authorized Sublicensees to Authorized Users located in the Territory as follows: (i) to create an antivirus module from the Norton Antivirus scanning and decomposition libraries, and upload this antivirus module, in executable form only, on Brightmail’s own servers to detect messages containing viruses and separate infected messages, (ii) to create an antivirus cleaning component that attempts to clean the infected messages using the Norton Antivirus scanning and decomposition libraries of the Licensed Product, (iii) obtain antivirus updates from Symantec Security Response ftp servers when available by automatic download into Brightmail’s BLOC, which can automatically test it for consistency and then encrypt and distribute the updates to the Authorized Sublicensees (all of the foregoing collectively referred to as the Licensed Product), (iv) directly or through Resellers, allow Authorized Sublicensees to upload the Licensed Product, in executable form only, onto its own servers to provide the Service, (v) as of the Effective Date, with Payments starting from the Amended Date, for a period of one (1) year from the Amended Date, unless renewed per the renewal terms in Section IX, allow Authorized Sublicensees to provide the Licensed Product to Enterprises where the Authorized Sublicensees hosts the email services of the Enterprise and Enterprise is not hosting any part of the Service and has no access to the actual Licensed Product software itself, and (vi) as of the Effective Date, with Payments starting from the Amended Date, for a period of one (1) year from the Amended Date, unless renewed per the renewal terms in Section IX, allow all Authorized Sublicensees to use the Licensed Products for the benefit of their Internal Users. The Service will be deemed to be provided in the countries in which the Authorized Sublicensee’s servers are located for purposes of Payments and Taxes under the terms of this Agreement. Brightmail is further granted a license to use the Documentation solely in its capacity as a Service Provider to provide the BMI Service to Authorized Sublicensees and to allow Authorized Sublicensees to use the Documentation to provide the Service to its own Authorized Users, including product support, as necessary. Brightmail may make copies of the Licensed Product and the Documentation solely for the purpose of providing the BMI Service to its Authorized Sublicensees, either directly or through Resellers, as authorized in this Section. Brightmail and the Authorized Sublicensees are authorized to run the Licensed Product on the mail STMP operating systems and platforms of Win2000 and Solaris, only. If and only if Symantec ever supports NAV API, Decomposer and the definition set on AIX or specific variations of Linux operating systems for SMTP gateways under Symantec’s standard support programs, then Brightmail will be given the right to leverage those environments. The foregoing shall only be distributed through a Reseller if the following conditions precedent are met: (i) the Reseller and Brightmail have executed a reseller agreement in a form substantially similar to the one attached hereto as Exhibit G with Brightmail, (ii) Brightmail has contractually obligated the Reseller to comply with the terms of this

CONFIDENTIAL TREATMENT REQUESTED

Agreement as they are applicable to Brightmail in regards to all sales of BMI Product which incorporate the Licensed Product, and that such Resellers have contractually agreed to and possess a copy of the redacted version of this Agreement, attached hereto as Exhibit H, which Brightmail agrees to so provide and document as part of a formal notice to the Reseller, (iii) Brightmail names Symantec as a third party beneficiary to its agreements with the Reseller and (iv) Brightmail hereby covenants and warrants to Symantec that it will enforce the terms of this Agreement on Symantec’s behalf as to such Reseller.

3. Evaluation Licenses.

In addition, Symantec grants Brightmail, a limited, nonexclusive, non-transferable license to sublicense during the Term of this Agreement, only, the Licensed Product as incorporated into the BMI Product to the Authorized Sublicensee, which will not cumulatively exceed ninety (90) days, which period starts on completion of installation of the Licensed Product for evaluation and ends on the designated ending date of evaluation which requires Brightmail to ensure that all use is completely terminated by Brightmail actively stopping the virus and rules definitions; and such time period again shall resume on the signing of a contract for the BMI Services and ending on the completion of the installation (the “Evaluation Period”). The evaluation of such BMI Product may be provided in a pre-production testing or production environment; provided that Brightmail operates the evaluation as follows: (i) a standard written evaluation license protecting the intellectual property rights and interests of all licensors (including Symantec) of the product provided under the Service is fully executed in each case, and (ii) such an evaluation agreement requires either the return of the evaluated software product or a signed certification of destruction under penalty of perjury of the evaluated software product, and (iii) continued use after the Evaluation Period is under a final agreement to receive the BMI Service having been executed and a final version of the BMI Product containing the Licensed Product is then provided for continued Service (the “Evaluation(s)”). At the end of the Evaluation Period, Brightmail will require Authorized Sublicensee to remove or Brightmail shall disable the BMI Product which incorporates Licensed Product in its entirety, unless such Authorized Sublicensee has agreed to purchase the BMI Service from Brightmail or a Reseller and Brightmail makes the applicable Payments to Symantec. If an Evaluation continues past the allowed Evaluation Period, Brightmail will be fully responsible for Payment to Symantec in accordance with Exhibit A. Brightmail shall not authorize more than one (1) Evaluation or any extended Evaluation Period per Authorized Sublicensee, per each version of the Licensed Product. Brightmail must provide Symantec with monthly reports which indicate the (i) date and identity of an Authorized Sublicensee who is under Evaluation, (ii) date and identity of an Authorized Sublicensee who has just ended an evaluation with a total of time such entity was under Evaluation, (iii) the date and identity of any Authorized Sublicensee who has signed an agreement for BMI Services and has the Licensed Product for installation and (iv) the date and identity any Authorized Sublicensee who has signed an agreement for BMI Services and has completed the Licensed Product installation and identify the total Evaluation Period applied to such Authorized Sublicensee (the “Evaluation Report”). Such Evaluation Report shall be sent to such address and person as Symantec provides via the notice provisions of this Agreement, which may change from time to time.

4. Restrictions Applicable to License Grants.

Symantec will deliver to Brightmail the non-serialized copy of the Licensed Product in an acceptable form. Brightmail is obligated to create a reliable tracking system for tracking and reporting to Symantec the worldwide usage of the Licensed Products by all Authorized Sublicensees and their provision of the Service to the Authorized Users, including those who are Authorized Users receiving the Service from Authorized Sublicensees of Brightmail that are Service Providers and receive a copy of the Licensed Product, and

CONFIDENTIAL TREATMENT REQUESTED

including all Evaluations and all distributions of the foregoing through Resellers. Such tracking system may consist of manual tracking of contracts and their reporting requirements, audit rights and other contractual provisions which Brightmail shall enforce. In accordance with the requirements of Exhibit E, Brightmail shall require the same reporting requirements set forth in this Agreement in its agreements with the Authorized Sublicensees and Resellers, and obtain reports from the Authorized Sublicensees and Resellers meeting the requirements of the terms of this Agreement and provide reports setting forth such information received from the Authorized Sublicensees and Resellers to Symantec.

Brightmail agrees that it will contractually bind the Authorized Sublicensees to (i) de-install the Licensed Product when: (a) the Authorized Sublicensee discontinues the Service using the Licensed Product, and/or (b) the related BMI Service agreement between Brightmail and the Authorized Sublicensee concerning the BMI Service is terminated for any reason whatsoever, and/or (c) this Agreement terminates and (ii) comply with the terms and conditions of this Agreement surrounding the use of the Licensed Product, including but not limited to, those provisions concerning the protection of Symantec’s proprietary rights in the Licensed Products, but not including terms concerning the pricing and license fees to be paid to Brightmail, which is set solely by Brightmail. Brightmail will enforce as to Authorized Sublicensees and Resellers, on Symantec’s behalf as a third party beneficiary, (i) the contractual provisions of this Agreement that indicate that Licensee must require contractual compliance of the Authorized Sublicensees and Reseller with certain terms of this Agreement and elsewhere in this Agreement which generally concern either the use of the Licensed Product, the protection of Symantec’s proprietary rights in the Licensed Product and such other intellectual property of Symantec, such as trademarks, but not concerning the terms concerning pricing charged by Brightmail, which is set solely by Brightmail, and (ii) those in the agreement Brightmail enters into with the Authorized Sublicensees and Resellers concerning the use of the Licensed Products to provide Services to its Authorized Users and of the use of the Licensed Product, which are the license grant language and all protective provisions which relate to the proprietary rights of the Licensed Product.

If Brightmail elects to distribute the Licensed Product via electronic download or physical media, or under such other arrangements as allowed herein where Brightmail gives access to the Licensed Product to an Authorized Sublicensee or the Licensed Product otherwise leaves the sole control of Brightmail, Brightmail must provide a secure infrastructure for the process and for the protection of Symantec’s intellectual property rights in the Licensed Product that meets the requirements listed herein, which requirements may be modified, from time to time by Symantec upon written notice to Brightmail, as well as any further guidelines that Symantec may provide to Brightmail from time to time. If at any time during the Term of this Agreement, Symantec determines Brightmail’s security policies are not sufficient to comply with the standards that Symantec requires or otherwise determines they are inadequate to protect Symantec’s intellectual property rights in the Licensed Products, Symantec will have the right to terminate Brightmail’s ability to distribute the Licensed Product in that manner. Brightmail agrees to comply with the following security guidelines, as modified and added to, from time to time:

1) All servers hosting the Licensed Products for download must be secure from both internal and external exploits and/or hackers and the servers must meet the requirements set forth in Exhibit C, which Symantec can change from time to time in its sole discretion, and which Symantec shall provide Brightmail notice of such changes pursuant to the notice provisions of this Agreement. Brightmail must contractually require Authorized Sublicensees and Resellers contractually, and enforce the same on Symantec’s behalf, to meet the foregoing requirements if they host the Licensed Product for download. Symantec agrees that Brightmail shall not be required to expend more than Ten Thousand Dollars ($10,000) annually to comply with the audit requirements set forth in Exhibit C.

CONFIDENTIAL TREATMENT REQUESTED

2) Brightmail must ensure each Authorized Sublicensee is actually under a contractual arrangement with Brightmail and that the access to the download of the BMI Product is protected by such other technology and other measures designed to prevent unauthorized downloads and copying of the Licensed Products.

3) When providing the Licensed Products to an Authorized Sublicensee via physical media, Brightmail must contractually require the Authorized Sublicensee receiving the physical media read and fully understand the applicable licensing usage terms. Brightmail is responsible for contractually requiring that Authorized Sublicensees and Resellers to not abuse Symantec’s licensing terms when receiving and using the Licensed Products in any form, which includes but is not limited to, unauthorized copying and/or distribution and enforce the foregoing on Symantec’s behalf. Brightmail has no authorization to duplicate its own CD-roms containing only the Licensed Product.

Brightmail is not allowed to transfer or otherwise sublicense the Licensed Product(s) to any Enterprise or third party, including but not limited to, any non ISP or non ASP entity that procure the Licensed Product for use in conjunction with the entities’ internal needs, other than as specifically provided for in this section of this Agreement. This Agreement specifically prohibits Brightmail from authorizing or to knowingly allowing any Authorized Sublicensee to utilize the Licensed Product(s) to provide Services as a Service Provider, except as specifically provided for in this Section III of the Agreement. All such licenses and authorizations provided by Brightmail under the terms of this Agreement must be obtained pursuant to a direct, written end user license agreement between Brightmail and the Authorized Sublicensee and/or a direct, written and fully executed agreement with the Authorized Sublicensee and/or Reseller, authorizing such use of the Licensed Product(s) as a Service Provider or End User or otherwise and requiring full compliance with the applicable terms of this Agreement, including but not limited to, those protecting Symantec’s intellectual property rights and meeting all the requirements set forth in Section III. Brightmail must promptly notify Symantec of the name of each Authorized Sublicensee, Enterprise and each Reseller in its reporting that is granted a license and also promptly notifies Symantec of any improper use of the Licensed Product(s) by any Authorized Sublicensee, Enterprise or Reseller.

IV.

PRICES, PAYMENTS, AUDIT AND ORDER PROCEDURE

1. Tax Issues and Other Fees for Licensed Product(s) as Service Provider. The prices for the Licensed Products, and, therefore Payments, do not include any state or federal (U.S. or foreign government) taxes or fees. Brightmail is responsible for any and all such Payments due to Symantec and any and all taxes and fees imposed upon Brightmail. Except for Symantec’s income taxes, Brightmail agrees to pay any and all sales, use, value added, withholding, excise and similar taxes on Payments under this Agreement (the “Taxes”). Symantec will be responsible for its own income tax and fee obligations. If Brightmail claims an exemption from Taxes, Brightmail will provide to Symantec an acceptable copy of all documentation showing the legal exemption from such Taxes. If a foreign government requires Brightmail to withhold Taxes on Payments to Symantec, then Brightmail must: 1) provide Symantec with official receipts for reflecting the actual amount of Taxes withheld, which are adequate to meet the needs of Symantec, in order for Symantec to receive credit for such Taxes paid; and 2) minimize withholdings to the extent possible. The minimization requirement is to protect Symantec’s exposure to the limitation imposed by the Irish Commissioners of Revenue for such credit.

CONFIDENTIAL TREATMENT REQUESTED

2. Payment Terms.

a. By Brightmail as a Licensee and Service Provider. All Payments for Licensed Products are non-refundable and due regardless of Brightmail’s ability to collect from its Authorized Sublicensees and Resellers. Brightmail will receive an invoice for all Payments related to the Licensed Product(s). Payments are due when specified in Exhibit A regardless of receipt of invoice. If any Payment is not received within net thirty (30) calendar days after the end of each calendar quarter or in accordance with the terms of the Minimum Commitment Payment, by the specified Payment date in Exhibit A, Symantec may impose interest and late charges of one and one half percent (1-1/2%) per month until all Payments are current. Brightmail may charge its Authorized Sublicensees such license fees as it so determines for the BMI Services incorporating the Licensed Products. Brightmail must pay all Payments which represent license fees for the Licensed Products net thirty (30) days from the last Friday of the calendar quarter in arrears for BMI Services provided to the Authorized Sublicensees which are Existing Business, which timing does not apply to Minimum Commitments. The Payment and terms for the Bulk License, Minimum Commitment Payments and Existing Business are set forth in Exhibit A.

b. Currency and Place of Payment. All of the foregoing described Payments due to Symantec will be paid in the appropriate currency to the appropriate region. Payments will be made to Symantec Corporation in US Dollars, free of any withholding tax, currency control, or other restrictions for all transactions in the Americas. Payments will be to Symantec Limited in U.S. Dollars, free of any withholding tax, currency control, or other restrictions for all transactions in AsiaPac/EMEA. As to any portion of the Payments for the Bulk License which are for future Authorized Users and not actual Authorized Users, Brightmail shall pay the unknown Authorized Users portion as if they were Authorized Users within the Americas and pay in U.S. Dollars. All Payments and reports for the Americas region should be sent to Symantec Corporation, Revenue Manager, 20330 Stevens Creek Boulevard, Cupertino, CA 95014. All Payments and reports for the AsiaPac/EMEA region should be sent to Symantec Limited, Revenue Manager, Ballycoolin Industrial Park, Blanchardstown, Co. Dublin 15, Ireland.

3. Audit and Records.

Brightmail will maintain its records relating to the provision of BMI Services with the Licensed Products as a Service Provider for at least three (3) years after their creation. Brightmail agrees to permit an independent third party (“Auditor”), to be mutually agreed upon by both parties, to examine such records upon reasonable notice, but not more often than once every twelve (12) months, during all normal business hours during the Term of this Agreement and for twelve (12) months after expiration or any termination of this Agreement. Symantec (or an independent third party representative), upon reasonable written notice of no less than ten (10) calendar days, will have the right to conduct an audit of Brightmail’s books of account, records, contracts or other information which relate to this Agreement and the Licensed Products, in order to verify compliance with this Agreement. Brightmail will immediately pay any overdue Payments revealed by such audit(s). Symantec will bear the costs of the audit; provided, however, if the audit reveals overdue Payments in excess of five percent (5%) of the Payments owed for any six (6) month period, Brightmail will pay the costs of such audits(s). All information obtained by Symantec (or its independent third party representative) during any such audit will be confidential and Symantec (and its independent third party representatives) will keep it confidential, except to the extent it is reasonably necessary to disclose such information to enforce this Agreement or as otherwise required by law.

CONFIDENTIAL TREATMENT REQUESTED

V.	NOTIFICATIONS AND REPORTING

1. Notification.

Brightmail will notify Symantec in writing of any claim or proceeding involving Licensed Product(s) and/or the BMI Service within ten (10) days after Brightmail learns of such claim or proceeding. Brightmail will report promptly to Symantec all claimed or suspected product defects in the Licensed Product. Brightmail will also notify Symantec in writing not more than thirty (30) days after any change in control of Brightmail or any transfer of more than twenty-five percent (25%) of Brightmail’s voting control or a transfer of substantially all its assets.

2. Reporting.

At the end of every calendar quarter, Brightmail agrees to provide Symantec with a preliminary quarterly report in the same format as the Regional Report, as detailed below, for the estimated total number of Authorized Users as totaled on the last Friday of the calendar quarter under (i) New Business, with a break out of the subtotal for the Converted Business and Evaluations, and (ii) Existing Business with a break out for the subtotal for Enterprises. In addition, Brightmail agrees to furnish Symantec with a final total quarterly “sell through” report in an electronic format but in Excel only, meeting all the content and format requirements set forth in Exhibit E, attached hereto and incorporated by reference: (i) by Authorized Sublicensee, showing the names of each Authorized Sublicensee, and if through a Reseller, categorized by Reseller with the name and address of each Reseller, and the number of Authorized Users for each Authorized Sublicensee; (ii) reporting each geographic country and by region which consists of the (a) Americas for Symantec Corporation, and (b) AsiaPac/EMEA for Symantec Limited; (iii) the total number of Authorized Users as totaled on the last Friday of the calendar quarter shall also be set forth under (a) New Business, with a break out of the subtotal for the Converted Business and Evaluations, and (b) Existing Business per Authorized Sublicensee and with a break out for the subtotal of Enterprises per Enterprise; and (iv) the total of Internal Users (the “Regional Report”). The final Regional Report is due no later than thirty (30) calendar days from the end of the last Friday of the previous calendar quarter. While Brightmail shall require Authorized Sublicensees and Resellers to comply with the Regional Report requirements in all New Business and all extensions or renewals of Existing Businesses, Brightmail shall use reasonable commercial efforts to obtain the by country reporting for the Regional Report for all Existing Business.

VI.

SUPPORT

Brightmail shall provide all support to the (i) Authorized Sublicensees and require the Authorized Sublicensees to provide support to their own Authorized Users (including Evaluations), and (ii) Internal Users for Licensed Products and under no condition shall Symantec take any calls from any of the foregoing. Symantec will refer the Authorized Users back to the Authorized Sublicensee and refer the Authorized Sublicensees to Brightmail for support at (1-800-453-2577). Symantec shall provide separate support to Brightmail pursuant to a separate agreement.

VII.

NON-DISCLOSURE

1. Agreement.

Both Parties covenants and agrees not to disclose the terms of this Agreement or any other details as to its relationship with the other to any third party without Symantec’s prior written consent.

CONFIDENTIAL TREATMENT REQUESTED

2. Confidential Information.

a. The Parties acknowledge that in the course of performing their obligations hereunder each may receive information (“Information”), which is confidential and proprietary to the other. Such Information includes non-public information or materials, including without limitation written or printed documents and computer disks or tapes, whether machine or user readable containing such information, that: (i) relates to released or unreleased Symantec software products or processes, including updates, patches, bug fixes or other modifications; the marketing or promotion of any Licensed Product or Symantec product or BMI Product; and either Party’s business policies or practices, (ii) is disclosed by one Party to the other in tangible or written form and clearly marked “Confidential” (or with a similar proprietary legend), or is of a nature that a reasonable business person would know or suspect it is of a confidential nature or (iii) is disclosed by one Party to the other in confidence in connection with this Agreement and the Parties’ performance hereunder.

b. Information does not include information or materials that the receiving Party can demonstrate (i) is on the date hereof, or hereafter becomes, through no act or failure to act or violation of this Agreement on the part of the receiving Party, generally known or available to the public, (ii) was known or possessed by the receiving Party before its receipt from the disclosing Party, (iii) is hereafter rightfully obtained by the receiving Party from a third party, without breach of any obligation to the disclosing Party, or (iv) is independently developed by the receiving Party, without use of or reference to the Information, by persons who had no access to the Information.

c. Each Party covenants and agrees that neither it nor its agents, employees, officers, directors or representatives will (i) use any of the Information except in performance of this Agreement or (ii) disclose any Information to third parties other than Authorized Sublicensees and/or Resellers, as necessary to sublicense the Licensed Product from the Effective Date of this Agreement and during the Term and for a period of five (5) years from the termination of this Agreement, whether terminated by Symantec or by Brightmail, unless required to be disclosed by law or a judicial authority. Each Party further covenants and agrees to protect the Information obtained from the other with the same degree of care as it uses to protect its own confidential information of like importance, but in no event less than reasonable care. The receiving Party may disclose Information only to its employees and contractors having a “need-to-know” for the purposes of this Agreement. The receiving Party will notify and inform those employees and contractors of the receiving Party’s obligations regarding use of Information and will obtain or have obtained from its employees and contractors agreements requiring them to comply with these obligations. Each Party will provide notice to the other Party immediately after learning of or having reason to suspect a breach of any of the confidentiality obligations set forth in this Agreement.

IX.

TERM OF AGREEMENT

This Term of this Agreement shall commence on the Effective Date and shall continue for a period of three (3) years (the “Term”). This Agreement shall automatically expire at the end of the Term and nothing contained herein shall be interpreted as requiring either Party to renew or extend this Agreement, and neither Party expects this Agreement to be renewed; provided, however, that this Agreement may be terminated prior to the expiration of its stated Term as set forth below. This Agreement may be extended by an amendment extending the Term and updating the Price, which is signed by the authorized signatory of each Party. There are limited Run Off Periods provided for in this Agreement and therefore, Brightmail is advised to negotiate its renewal and extension of the Term, pursuant to an amendment, in sufficient advance of its needs for its Authorized Sublicensees. The license grants in Section III(2)(v) & (vi) are for one (1) year from the

CONFIDENTIAL TREATMENT REQUESTED

Amended Date, and shall automatically renew unless cancelled by Licensee, which can only be done by providing Symantec a written notice of non-renewal which must be received no later than March 26, 2004; and thereafter, on an annual basis, Brightmail may provide a notice of non-renewal to Symantec no later than by the last Friday of the calendar quarter.

X.	TERMS AND CONDITIONS

1. Restrictions on Use.

a. Allowed Business Use of the Licensed Products. Brightmail covenants and agrees to use the Licensed Product only with BMI Products as part of the BMI Services as provided to Authorized Sublicensee for making the Service available to Authorized Users in accordance with the terms of the Agreement. Brightmail shall not permit any person or party other than Authorized Sublicensees to use the Licensed Product; provided, however, that Brightmail may use the Licensed Product internally for testing purposes and to provide support to Authorized Sublicensees.

b. Modifications, Reverse Engineering. Brightmail covenants and agrees that only Symantec shall have the right to alter, maintain, enhance or otherwise modify the Licensed Products, and all of the related Documentation, except as specifically provided for in this Agreement. Brightmail shall not disassemble, decompile, decrypt, reverse engineer, or create derivative works based upon, or make any attempt to discover the source code of, the Licensed Product or any portion thereof. Brightmail shall not adapt, modify, translate, distribute, duplicate, copy, transfer possession of, loan, lease, or resell for profit the Licensed Product except as specifically provided for in this Agreement. Brightmail shall immediately report to Symantec and halt unauthorized copying, use, distribution, installation, or transfer of possession of the Licensed Product, by any person or entity of which Brightmail has knowledge. Prior to disposing of any media or apparatus containing the Licensed Product or any part thereof, Brightmail will ensure that any Licensed Product contained on such media or stored in such apparatus has been completely erased or otherwise destroyed.

c. Protection of Information. Brightmail acknowledges that the Licensed Product and all related Documentation are proprietary to Symantec and comprise (i) works of original authorship, including compiled information containing Symantec’s selection, arrangement, and co-ordination and expression of such information or pre-existing material it has created, gathered or assembled, (ii) confidential trade secret information, and (iii) information that has been created, developed and maintained by Symantec at great expense of time and money such that misappropriation or unauthorized use by others would unfairly and irreparably harm Symantec. In addition to Brightmail’s obligations outlined in Section VII, Brightmail shall not commit or permit any act or omission that would impair Symantec’s proprietary and intellectual property rights in the Licensed Products, and all of the Documentation.

d. Trademarks, Trade Names and Copyrights.

(i) Trademark Use and Co-branding Guidelines. At all times in every advertisement, promotion and branding of the BMI Service, Brightmail will do the following and contractually require the Authorized Sublicensee to do the same in regards to the Service, and enforce the same on Symantec’s behalf, to do the following: (i) use either or both: (a) the trademark “Powered by Symantec” including any related logos, or (b) the Symantec logos and trademarks associated with the Licensed Products; and (ii) ensure that all statements (written or oral) concerning the Licensed Product shall be strictly in accordance with the Documentation or otherwise be approved by Symantec in writing prior to distribution in any form.

CONFIDENTIAL TREATMENT REQUESTED

Brightmail’s use, (and Brightmail shall contractually require and enforce the same with the Authorized Sublicensee’s use) the of such trademarks and logos will be in accordance with Symantec’s trademark policies and usage guidelines in effect from time to time. Brightmail is obligated to comply with the following and to contractually require its Authorized Sublicensees to do the following, and shall name Symantec as a third party beneficiary of these contractual requirements and enforce the following provisions on behalf of Symantec: (i) Any co-branding of products, marketing materials or other communications that refer to the functionality or the existence of the Licensed Product shall state “Powered by Symantec” and be subject to the co-branding guidelines that Symantec provides to Brightmail, as modified, from time to time, in Symantec’s sole discretion, as well as Symantec’s general trademark guidelines, attached hereto as Exhibit D, both as modified, from time to time, in Symantec’s sole discretion; provided that any Authorized Sublicensee shall have up to thirty (30) business days after receipt by Brightmail of updated guidelines to update any marketing materials and to cease distributing marketing materials that are no longer in compliance with such new guidelines, (ii) the initial user interface in the version of the Brightmail’s software offering, provided as part of its BMI Service (or Service in reference to an Authorized Sublicensee), must contain the words “Powered by Symantec” and the wording “Powered by Symantec” will be present in the footer of all warning pages or messages concerning notice of virus detection in all versions of Brightmail’s software offering as part of the BMI Service (or Service in reference to an Authorized Sublicensee), and (iii) Authorized Sublicensee shall not make any false representations as to the relationship of Symantec to the Authorized Sublicensee, concerning the Licensed Product, or concerning the source of the Services offered by the Authorized Sublicensee. Further, if any Authorized Sublicensee has any concerns about compliance, Brightmail should inform them that they may contact Symantec’s Legal Department directly to obtain review and approval. Notwithstanding the foregoing, Brightmail and its Authorized Sublicensees may do general marketing using common industry descriptive words that indicate the existence of virus detection, but which are general references to the Service and/or BMI Service and do not mention or otherwise reference the components, features or technical aspects of the Licensed Products, such as, but not limited to, “Internet services with virus detection”, “e-mail virus scanning”, “e-mail virus filter services” and/or “e-mail protection and such others as fall within the foregoing requirements, without including the Symantec logos and trademarks, as required above. Brightmail agrees and acknowledges that no description of any BMI Service provided or offered by Brightmail or Service by its Authorized Sublicensees shall in any sense mislead the consumer into believing that the Licensed Product portion of such BMI Service and/or Service is created or owned by any party other than Symantec and that Symantec shall make the final determination of such on any such issues, in its sole discretion. Brightmail shall contractually require its Authorized Sublicensees to comply with all of the foregoing obligations and name Symantec as a third party beneficiary of the contracts it enters into with Authorized Sublicensee. Symantec shall solely control all litigation matters and related decisions, and be responsible for such costs, in regards to the subject matter of this provision.

(ii) No Rights in Trademarks or Copyrights. Brightmail has paid no consideration for the use of Symantec’s trademarks, logos, copyrights, trade names or designations, and nothing contained in this Agreement will give Brightmail any interest in any of the foregoing. Brightmail acknowledges that Symantec owns and retains all copyrights and other proprietary rights in all Licensed Products and documentation including patent, copyright, trade secret, trademark and other proprietary rights, in and to the Licensed Products and the Documentation and any corrections, bug fixes, enhancements, updates or other modifications, including custom modifications, to the Licensed Products, whether made by Symantec or any third party, and Brightmail shall have no right, title or interest in such proprietary rights. Brightmail agrees that it will not at any time during or after this Agreement assert or claim any interest in or do anything that may adversely affect the validity or enforceability of any trademark, trade name, copyright or logo belonging to or licensed to Symantec (including, without limitation, any act, or assistance to any act, which may infringe

CONFIDENTIAL TREATMENT REQUESTED

or lead to the infringement of any copyright in the Licensed Products). Brightmail agrees not to attach any additional trademarks, logos or trade designations to Licensed Product or BMI Products which violate any terms of this Agreement. Brightmail further agrees not to affix any Symantec trademark, logo or trade name to any non-Symantec product and/or non-Symantec service, except as provided for in this Agreement. Brightmail shall contractually require the Authorized Sublicensees to comply with the foregoing requirements, and enforce the same on Symantec’s behalf.

(ii) Obligation to Protect. Brightmail agrees to use reasonable efforts to protect Symantec’s proprietary rights and to cooperate without charge in Symantec’s efforts to protect its proprietary rights. Brightmail agrees to notify Symantec of any known or suspected breach of Symantec’s proprietary rights that comes to Brightmail’s attention.

(iii) Transfers. Except as specifically provided for under the terms of this Agreement, under no circumstances shall Brightmail sell, license, publish, distribute, or otherwise transfer to a third party the Licensed Product or the Documentation or any copy thereof, in whole or in part, without Symantec’s prior written consent.

e. Obligation to Use Most Current Version of Licensed Product. Brightmail acknowledges that Symantec may, from time to time, release updated versions of the Licensed Product. Brightmail covenants and agrees, within thirty (30) days after written notification by Symantec of the release of any such updated version for the operating platform(s) utilized by Brightmail, to upgrade to, and use exclusively, the updated version of the Licensed Product in its BMI Product to provide the BMI Service and provide the updated BMI Product to the Resellers. Brightmail will use commercially reasonable efforts to notify and request its Authorized Sublicensees to use the latest version of the Licensed Product as it is incorporated into the BMI Product. Brightmail acknowledges that it understands that support services are only available to customers of Symantec who have purchased support and are on a particular version of the Licensed Product for a time period of one (1) full year after the date of the next “Major Release” which is defined as any new version of the Licensed Product that contains features or capabilities that are different from the current version (typically denoted with a new version number in front of the decimal point such as 5.0, 6.0, 7.0, or a year number such as 2001, 2002, 2003 but it could be designated otherwise) as opposed to an in-line update or modification or patch that is designed only to improve the current version of the Licensed Product, and that Symantec licenses to its licensees and customers generally for a fee as opposed to the free update, modification or patch. Brightmail agrees that the support services will end one (1) year after the next Major Release of the Licensed Product and thereafter in order to obtain support services, Brightmail must upgrade to the most current version of the Licensed Product, (i.e. the Major Release) as outlined above.

f. Obligation to Update. If the Licensed Product requires updates such as new virus definitions, new content filtering lists or new rules of any type, Brightmail and Authorized Sublicensee shall update its copies of the Licensed Product used to provide the BMI Service and/or Service, respectively, at least once daily.

2. Disclaimer of Warranties; Limitation of Liability and Related Matters.

a. Special Warranty and General Disclaimer of Warranties. SYMANTEC WARRANTS THAT THE LICENSED PRODUCT WILL SUBSTANTIALLY COMPLY WITH THE SPECIFICATIONS SET FORTH IN THE CURRENT APPLICABLE DOCUMENTATION PUBLISHED GENERALLY WITH RESPECT THEREOF. IF AT ANY TIME DURING THE TERM OF THIS AGREEMENT, BRIGHTMAIL CAN SHOW A DEFECT IN THE LICENSED PRODUCT SUCH THAT THE LICENSED PRODUCT DOES

CONFIDENTIAL TREATMENT REQUESTED

NOT SUBSTANTIALLY COMPLY WITH THE DOCUMENTATION, SYMANTEC SHALL WITHIN THE TIME PERIOD AGREED BETWEEN THE PARTIES, OR IF NO TIME PERIOD, WITHIN A REASONABLE TIME, EITHER REMEDY THE DEFECT OR REPLACE THE LICENSED PRODUCT, WHICH CHOICE IS IN SYMANTEC’S SOLE DISCRETION AND WHICH IS THE SOLE REMEDY FOR THIS BREACH OF WARRANTY. IF SYMANTEC HAS PROVIDED IN ADVANCE ANY BETA OR OTHER TEST VERSIONS OF THE LICENSED PRODUCT TO BRIGHTMAIL AND HAS NOT AUTHORIZED BRIGHTMAIL TO RELEASE SUCH AS FINAL LICENSED PRODUCT, THEN THIS WARRANTY IS VOID IF BRIGHTMAIL RELEASES ANY BMI PRODUCT CONTAINING SUCH LICENSED PRODUCT THAT SYMANTEC HAS NOT GENERALLY AND PUBLICLY RELEASED TO ITS OTHER CUSTOMERS. SYMANTEC MAKES NO WARRANTY THAT ALL ERRORS OR FAILURES WILL BE CORRECTED.

b. Limited Liability. EXCEPT AS SET FORTH ABOVE, THE LICENSED PRODUCT AND DOCUMENTATION ARE PROVIDED “AS IS” AND WITHOUT WARRANTY OF ANY KIND. ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED, ARE DISCLAIMED AND EXCLUDED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND INFRINGEMENT. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF LICENSED PRODUCT IS WITH BRIGHTMAIL.

c. No Warranty. Brightmail will make no warranty, guarantee or representation, whether written or oral, on Symantec’s behalf.

d. Breach of Warranty. If Symantec is not able to cure any breach of the warranty section set forth in subsection (a) above within the allowed cure period set forth in the termination provisions of this Agreement, then Brightmail may terminate this Agreement.

3. Limitation of Liability.

NEITHER PARTY SHALL BE LIABLE TO THE OTHER OR ANY OTHER PERSON OR ENTITY FOR INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES OR THE LOSS OF ANTICIPATED PROFITS ARISING FROM ANY PERFORMANCE UNDER, OR BREACH OF, THIS AGREEMENT EVEN IF NOTICE IS GIVEN OF THE POSSIBILITY OF SUCH DAMAGES. IN ADDITION, THE LIABILITY OF SYMANTEC FOR ANY DAMAGES RELATING TO ANY LICENSED PRODUCT SHALL BE LIMITED AS SET FORTH HEREIN. SYMANTEC’S LIABILITY HEREUNDER OTHER THAN RELATING TO AMOUNTS DUE UNDER THE INDEMNITY PROVISIONS SET FORTH IN SECTION 5A, SHALL BE LIMITED TO THE TOTAL PAYMENTS RECEIVED FROM BRIGHTMAIL PURSUANT TO THIS AGREEMENT DURING THE TWELVE (12) MONTHS PRIOR TO THE EVENT GIVING RISE TO SUCH LIABILITY. IN ADDITION, THE TOTAL LIABILITY OF BRIGHTMAIL FOR ANY DAMAGES DUE UNDER THIS AGREEMENT, BUT NOT INCLUDING RELATING TO ANY PAYMENT OBLIGATIONS OR PROVISIONS, AMOUNTS DUE UNDER THE INDEMNITY PROVISIONS SET FORTH IN SECTIONS 5A AND 5 B BELOW, AND DAMAGES FOR ANY BREACH OF THE GRANT OF LICENSES PROVISIONS SET FORTH IN SECTION III, SHALL BE LIMITED TO THE TOTAL OF SEVEN MILLION DOLLARS.

CONFIDENTIAL TREATMENT REQUESTED

4. Compliance with Law.

Brightmail covenants and agrees to comply with all applicable international, national, state, regional and local laws and regulations in its performance hereunder and in any of its dealings with its Resellers, Authorized Sublicensees and Authorized Users with respect to the BMI Service. Symantec covenants and agrees to comply with all applicable international, national, state, regional and local laws and regulations in its performance hereunder and in any of its dealings with Brightmail.

5. Indemnification.

(A) Indemnification by Symantec. Notwithstanding anything contained herein to the contrary, Symantec hereby indemnifies, defends, and holds Brightmail and its officers, employees, board members, and contractors harmless from and against any and all third party claims, actions, or demands alleging that the Licensed Product and/or any update provided by Symantec infringes any patent, copyright, trademark, trade secret or other intellectual property right of any third party. Subject to Symantec receiving prompt written notice from Brightmail of any actual or threatened claim, and further subject to Brightmail providing Symantec with complete control of the settlement and defense thereof, Symantec shall pay resulting costs, damage awards, legal fees finally awarded, and any settlement amounts in such actions which are attributable to such claims. Symantec shall have no liability to Brightmail for any claim to the extent based upon modification of the Licensed Product by Brightmail or combination of the Licensed Product with the Brightmail’s own software solution or any other software or hardware not provided by Symantec, approved by Symantec for combination with the Licensed Product, or otherwise identified in the Symantec Documentation as intended for combination with the Licensed Product (if the claim would not survive but for the modification or combination). In addition, should the Licensed Product become, or is likely to become, in Symantec’s reasonable opinion, exercising sound commercial judgment, the subject of a claim of intellectual property infringement then Brightmail shall permit Symantec to replace or modify the Licensed Product so as to avoid infringement, or to procure the right for Brightmail to continue use of such items. If neither of such alternatives is reasonably possible, the infringing items shall be returned to Symantec and Symantec shall refund to Brightmail all amounts paid by Brightmail in excess of actual usage.

(B) Indemnification by Brightmail. Notwithstanding anything contained herein to the contrary, Brightmail hereby indemnifies, defends, and holds Symantec and its officers, employees, board members, and contractors harmless from and against any and all third party claims, actions, or demands arising out of this Agreement that: (i) allege that the BMI Service infringes any patent, copyright, trademark, trade secret or other intellectual property right of any third party, however excluding any and all claims based on the Licensed Product (but including claims to the extent based upon Brightmail’s modification or unapproved combination of the Licensed Product with third party products, solely to the extent such claim would not survive but for the modification or combination); or (ii) to the extent that they are due to any unauthorized warranty made by Brightmail or any Authorized Sublicensee regarding the Licensed Product. Subject to Brightmail receiving prompt written notice from Symantec of any actual or threatened claim, and further subject to Symantec providing Brightmail with complete control of the settlement and defense thereof, Brightmail shall pay resulting costs, damage awards, legal fees finally awarded, and any settlement amounts in such actions which are attributable to such claims.

CONFIDENTIAL TREATMENT REQUESTED

6. Termination.

a. For Cause Termination. Either Party may terminate this Agreement at any time in the event that the other Party fails to perform any obligation, warranty, duty or responsibility or is in default with respect to any term or condition under this Agreement and such failure or default continues unremedied for a period of thirty (30) days (fifteen (15)) days in case of failure to make Payment) after notice of failure or default from the other Party (a “For Cause Termination”) which termination shall be effective immediately after the time period to cure the default as set forth in this section has expired if the nonbreaching party has affirmatively elected to terminate the Agreement. If the resolution of the breach requires more than thirty (30) days, the breaching Party may request the other Party for additional time to remedy the breach, and both Parties agree to discuss such an extension in good faith.

b. Automatic Termination. This Agreement terminates automatically, with no further act or action of either Party, if a receiver is appointed for either Party or over either Party’s property, either Party makes an assignment for the benefit of its creditors, any proceedings are commenced by, for or against either Party under any bankruptcy, insolvency or debtor’s relief law, or either Party is liquidated or dissolved. Notwithstanding the foregoing, if Brightmail is reorganizing its entity under the bankruptcy laws and is not in breach of this Agreement, the Agreement shall not automatically terminate. If Brightmail has any change in the management or control of, or any transfer of more than twenty-five percent (25%) of Brightmail’s voting control or a transfer of substantially all its assets to a competitor of Symantec, which Symantec determines in it sole discretion is a competitor, then this Agreement shall automatically terminate on the date of a notice by Symantec of such decision as provided in writing by Symantec to Brightmail. The foregoing shall be referred to hereafter as “Automatic Termination”.

c. Disruption to Symantec’s Small Business Revenue. Symantec may terminate the Agreement, but not sooner than six (6) months from the Effective Date, if Symantec determines in its sole discretion, that Brightmail has entered into any agreement that disrupts Symantec’s anti virus small business revenue.

d. Effect of Termination.

(i) Effect on Payments and Licenses. Upon any termination of any kind and any expiration of the Term, no refunds of Payments due and/or Minimum Commitment Payments will be made to Brightmail. Further, the license granted under this Agreement to use the Licensed Product and the Documentation is immediately revoked other than subject to any applicable Run Off Periods.

(ii) Obligations of Brightmail as to Licensed Products. Brightmail, within ten (10) days, shall, at Symantec’s option, either destroy all licensed copies of the Licensed Product and Documentation, and all backups, or return them to Symantec, and certify in writing by an authorized officer of Brightmail that all copies have been destroyed and/or returned. In each instance where Brightmail has distributed the Licensed Product and/or Documentation to Authorized Sublicensees and Resellers, then Brightmail shall contractually require and enforce the requirement that the Authorized Sublicensees and Resellers destroy the Licensed Product and Documentation, and all backups, or return them to Brightmail, and certify in writing by an authorized officer of Brightmail that all copies have been destroyed and/or returned and/or that Brightmail has by way of its technology effectively prevented all further use of the Licensed Product. This obligation shall survive the termination of this Agreement.

CONFIDENTIAL TREATMENT REQUESTED

(iii) Outstanding Invoices. The due dates of all outstanding invoices to Brightmail for Licensed Product(s) automatically will be accelerated if the termination is based on a For Cause Termination caused by Brightmail or an Automatic Termination triggered by conduct of Brightmail, so they become due and payable by immediate wire transfer on the effective date of termination or expiration, even if longer terms had been provided previously, except in the case that Symantec terminates for any disruption to its small business revenue pursuant to the terms set forth under Section X.6.c.

(iv) Cease Use of Marks and Run Off Period. Brightmail will forthwith cease, and cause each of its Authorized Sublicensees and Resellers to also cease, all use of all Symantec trademarks, and will not thereafter use any mark which is confusingly similar to any trademark associated with any Licensed Product(s) with the BMI Products or BMI Service or any other products or services and contractually require the Authorized Sublicensees to do the same and also with regard to its Service and enforce the same on Symantec’s behalf. Notwithstanding the foregoing, if the Term of this Agreement expires and is not renewed, or there is any termination other than (i) an Automatic Termination for bankruptcy only or (ii) a For Cause Termination caused by Brightmail, then and only then, pursuant to the provisions set forth in this Section, Brightmail may continue for up to three (3) months after termination of this Agreement to sublicense the Licensed Product under existing agreements with Authorized Sublicensees and conditioned on the continuation of Brightmail making any Payments due to Symantec for such period of additional time, per the terms of this Agreement (the “Run Off Period”). The foregoing Run Off Period applies only if Symantec is able to deliver a functional Licensed Product and related virus definitions which shall mean for purposes of this Agreement, that the Licensed Product and the delivery of virus definitions meet the special warranty provisions set forth in this Agreement. So provided that a functional Licensed Product and virus definitions are available and Payments are current, and that no other breaches of the Agreement exist, Symantec agrees that the Run Off Period is automatically extended for another three (3) months unless Brightmail indicates it no longer needs the Run Off Period. Thereafter, given the same conditions are met again, in that a functional Licensed Product and virus definitions are available, Payments are current, and no other breach of the Agreement exists, then Symantec agrees that the Run Off Period automatically renews for yet another three (3) months, providing no more than a total of nine (9) months of Run Off Period unless Brightmail indicates it no longer needs the Run Off Period. Brightmail agrees that support is only available in any Run Off Period to Brightmail if Symantec is then supporting the Licensed Product and Brightmail is current on its support payments, if any. Brightmail agrees that the Payment obligations continue to apply to all Run Off Periods. Upon the termination of this Agreement, the Licensed Product will be promptly destroyed by Brightmail, if so approved in writing by Symantec and Brightmail will then will certify to Symantec in writing the destruction of such Licensed Product in accordance with the terms and conditions set forth in writing pursuant to which Symantec so approved such destruction. If Symantec does not approve destruction, Brightmail must return the Licensed Product at its own expense.

e. Limitation of Liability for Termination. Symantec shall not be liable to Brightmail on account of termination or expiration of this Agreement for reimbursement or damages for loss of goodwill, prospective profits or anticipated orders, or on account of any expenditures, investments, leases or commitments made by Brightmail based upon or growing out of such termination or expiration. Brightmail acknowledges and agrees that; (i) Brightmail has no expectation and has received no assurances that its business relationship with Symantec will continue beyond the stated Term of this Agreement or its earlier termination in accordance with this clause other than for any applicable Run Off Periods, that any investment by Brightmail in the promotion of the BMI Service, BMI Products or the Licensed Products will be recovered or recouped, or that Brightmail shall obtain any anticipated amount of profits by virtue of this Agreement; and (ii) Brightmail shall not have or acquire by virtue of this Agreement or otherwise any vested, proprietary or

CONFIDENTIAL TREATMENT REQUESTED

other right in the promotion of the BMI Service or in any goodwill created by its efforts hereunder. The Parties acknowledge that this clause has been included as a material inducement for Symantec to enter into this Agreement and that Symantec would not have entered into this Agreement but for the limitations of liability as set forth herein.

9. Survival of Warranties and Covenants.

The warranties, covenants and agreements contained in this Agreement, which by their nature should survive the termination of this Agreement, shall survive the termination of this Agreement and remain in full force and effect.

10. Relationship of the Parties.

Brightmail is a customer of Symantec, and will not have, and will not represent that it has, any power, right or authority to bind Symantec, or to assume or create any obligation or responsibility express or implied, on behalf of Symantec or in Symantec’s name. Nothing stated in this Agreement shall be construed as making partners of Brightmail and Symantec, or as creating the relationships of employer/employee, franchisor/franchisee, or principal/agent between the Parties. In all matters relating to this Agreement, neither Brightmail nor its employees or agents or Resellers are, or shall act as, employees of Symantec within the meaning or application of any obligations or liabilities to Symantec by reason of an employment relationship. Brightmail shall make no warranty, guarantee or representation, whether written or oral, on Symantec’s behalf, about the Licensed Product, the BMI Service, BMI Product or otherwise. Brightmail shall require, and enforce on Symantec’s behalf, that the agreements it has with the Authorized Sublicensee and/or Authorized Users and the agreements that the Authorized Sublicensees have with the Authorized Users, pursuant to which they receive the Service, contain commercially standard provisions for disclaiming warranties and limiting liability, which protect Brightmail’s licensors, including Symantec.

11. General.

a. Complete Agreement; Amendment. Each Party acknowledges that it has read this Agreement and all exhibits, understands them, and agrees to be bound by their terms, and further agrees that they are the complete and exclusive statement of the agreement and understanding of the subject matter of this Agreement between the Parties which supersedes all prior proposals, understandings, and all other agreements, oral and written, including the Prior Agreement, between the Parties relating to the subject matter of this Agreement. This Agreement and all exhibits hereto may not be modified or altered except by written instrument duly executed by the authorized signatories of both Parties.

b. Order Forms. In the event of any conflict between the terms and conditions of this Agreement and the terms and conditions of any order form, the terms and conditions of this Agreement and all exhibits shall control.

c. Governing Law; Consent to Jurisdiction; Costs. This Agreement and performance under this Agreement shall be governed by California law, without regard to its conflict of laws provisions and principles, regardless of the domicile of any Party. Brightmail hereby submits to the jurisdiction of the Courts in Santa Clara County, California and agrees that these shall be the sole fora to resolve all disputes under this Agreement. Brightmail agrees to pay all costs associated with the collection of any sums due under this Agreement, including attorney’s fees. Brightmail agrees that any export or re-export of Licensed Product shall be done in accordance with the United States Export Administration Regulations, and hereby takes full

CONFIDENTIAL TREATMENT REQUESTED

responsibility therefore and agrees to indemnify Symantec for any violations by Brightmail thereof in accordance with such terms set forth in this Agreement. Diversion contrary to U.S. Law is prohibited. The Licensed Product is prohibited for export or re-export to Cuba, North Korea, Iran, Iraq, Libya, Syria and Sudan or to any person or entity on the U.S. Department of Commerce Denied Persons List or on the U.S. Department of Treasury’s lists of Specially Designated Nationals, Specially Designated Narcotics Traffickers or Specially Designated Terrorists.

d. Severability. If any provision of, or clause within, this Agreement is deemed invalid by a court of competent jurisdiction, it is to that extent to be deemed omitted, unless the court can modify said provision or clause to make it valid and enforceable, in which case the provision or clause shall be so modified. The remainder of the Agreement shall be valid and enforceable to the maximum extent possible.

e. Assignment. Brightmail may not assign or sublicense, without the prior written consent of an authorized officer of Symantec, its rights, duties, or obligations under this Agreement to any person or entity, in whole or in part, and any such assignment or sublicense shall be void.

f. Waiver. The waiver or failure of Symantec to exercise in any respect any right provided for in this Agreement shall not be deemed a waiver of any further right under this Agreement.

g. Headings. The headings appearing at the beginning of the several clauses contained in this Agreement have been inserted for identification and reference purposes only and shall not be used in the construction and interpretation of this Agreement.

h. Notices. Notices shall be sent to the person at the address on the signing page, with a copy to General Counsel, Symantec Corporation, 20330 Stevens Creek Boulevard, Cupertino, CA 95014. All notices shall be written and sent by facsimile, overnight courier or first-class certified mail, and shall be deemed received on the earlier of actual receipt or seven (7) business days after being mailed by first class certified mail or one (1) business day after being dispatched by an internationally recognized express courier service.

i. Authority. Each Party warrants that the person signing below is authorized to bind that Party to this Agreement.

j. Counterparts. This Agreement may be signed in counterparts and delivered by facsimile, each of which will be deemed an original.

k. Symantec Company or Product Acquisitions. Brightmail understands and agrees that during the term of this Agreement, or its renewal, Symantec may acquire rights to additional products. In the event that Symantec acquires any company (or the products of any company) which has in force a reseller or distribution agreement or any other agreement with Brightmail, Brightmail hereby agrees that this Agreement shall automatically, without further action, supersede such other agreement with such other company in regard to such products after the time of Symantec’s acquisition of such company and/or product.

l. Release of Claims. Any and all known claims against Symantec arising under any prior agreements or understandings, whether oral or in writing, between Symantec and Brightmail are waived and released by Reseller by acceptance of this Agreement.

CONFIDENTIAL TREATMENT REQUESTED

IN WITNESS WHEREOF, the Parties hereto have caused this Agreement to be executed on the date set forth below.

Brightmail



Signature:		/s/ Michael Irwin

Print Name:		Michael Irwin
Title:		Chief Financial Officer
Date:		March 28, 2003
Address:		301 Howard Street, Suite 1800 San Francisco, CA 94105

Symantec Corporation



Signature:		/s/ Dieter Giesbrecht

Print Name:		Dieter Giesbrecht
Title:

Date:		March 28, 2003
Address:		20330 Stevens Creek Blvd. Cupertino, CA 95014

Symantec Limited



Signature:		/s/ Art Courville

Print Name:		Art Courville
Title:		Sr. VP, General Counsel
Date:		March 28, 2003
Address:		Ballycoolin Industrial Park, Blanchardstown, Co. Dublin 15, Ireland

CONFIDENTIAL TREATMENT REQUESTED

EXHIBIT “A”

I. PRICES AND LICENSED PRODUCTS:

1. Existing Business:


Licensed Product	Price Per Authorized User for Existing Business other than Enterprise (which is per the Enterprise Schedule below).

	Number of Authorized Users	$/Authorized User (i.e. Mailbox/year
NAV API, Windows 2000 and Solaris	0-99,999	$*
	100,000-499,999	$*
	500,000-999,999	$*
	1,000,000 - 1,999,999	$*
	2,000,000 - 3,999,999	$*
	4,000,000 - 5,999,999	$*
	6,000,000+	$*

The Price per Authorized User for Existing Business applies cumulatively to each group of Authorized Users (also referred to as “Mailboxes” under the Prior Agreement) per Authorized Sublicensee throughout the entire Term of this Agreement; e.g. if an Authorized Sublicensee account has 600,000 Authorized Users, Brightmail would pay Symantec:

$*/user/year for each of the first 99,999 Authorized Users of such Authorized Sublicensee;

$*/user/year for each of the next 400,000 Authorized Users of such Authorized Sublicensee;

$*/user/year for each of the next 100,000 Authorized Users of such Authorized Sublicensee; and so on.

2. Enterprise:

Price per Enterprise Schedule


Number of Mailboxes		$/ Authorized User (i.e. Mailbox)/Year
0-1,999		*
2,000-4,999		$*
5,000-9,999		$*
10,000-24,999		$*
25,000-49,999		$*
50,000-99,999		$*
100,000 plus		$*

CONFIDENTIAL TREATMENT REQUESTED

basis. For example, if an Enterprise has 30,000 Authorized Users, Brightmail would pay Symantec $* ($*/Mailbox/year). If that same Enterprise increased its number of Authorized Users by 5,000 additional Authorized Users, Brightmail would pay Symantec an additional $* ($*/Mailbox/year) per the terms of this Agreement.

Payment for a minimum of * Authorized Users is required per Enterprise.

3. New Business:


Licensed Product		Price Per Authorized User for New Business

NAV API		Symantec will provide Brightmail, and Brightmail will purchase, * for * Authorized Users for * a year (the * and the “Minimum Commitment Payment for New Business”). Brightmail will receive the * from Symantec upon the Effective Date. If Brightmail’s New Business exceeds the * Authorized User threshold at any time during the * then Brightmail must purchase additional * in * Authorized User increments for a total of * (*“Incremental ”*). The and Incremental * are co-terminus for the same * period in which they are purchased but the Incremental * will be prorated as to the remaining time period in * period.

For example, upon the Effective Date, Payment will be * (which is paid per the terms of this Agreement) for up to * Authorized Users. If Brightmail then exceeds * Authorized Users in * of that * period, and has an additional * Authorized Users. Brightmail will purchase an Incremental * for a pro-rated amount of $* for the remaining * of the * period for that particular *, for up to * additional Authorized Users which exceed the allowed under the *.

II. PURCHASE ORDER:

Immediately after execution of this Agreement, Brightmail shall provide Symantec with a purchase order for the full amount of the fees under this Agreement for the * and Minimum Commitment Payment for New Business. Symantec shall invoice Brightmail per the terms of the Agreement. The purchase order shall be for the amount of * and should specifically state: “NAV API for a total of *, which represents the Minimum Commitment for New Business and for the purchase of an * at the * rate of * for a total of * Authorized Users, for a total of * per the terms of the Agreement and for the Minimum Commitment for Existing Business of *.”

No later than the Amended Date, Brightmail shall provide Symantec with a purchase order for the full amount of the Minimum Commitment Payment due under this Agreement, the signature pages of this Agreement and the check for the full amount due. The purchase order shall specifically state: “Additional license grant rights for NAV API for both limited Enterprise and limited Internal User rights, with a new Minimum Commitment for * totaling *, which is *.”

CONFIDENTIAL TREATMENT REQUESTED

III. PAYMENT SCHEDULE AND REPORTING:

1. General

For the purposes of this Agreement a twelve (12) month annual period is any consecutive twelve (12) calendar months starting with the first month of the Effective Date, whether or not it is a full calendar month. For purposes of this Agreement, a quarter is any three (3) calendar months starting with either January, April, July, or October.

All Payments, for purposes of both Existing Business and New Business which are not received within * days from the indicated Payment due date will be subject to late payment penalty fees. All Minimum Commitment Payments are due on the date indicated on the schedules below without net thirty (30) being applied unless otherwise indicated.

2. Minimum Commitment Payments.

For the first three (3) quarters after the Effective Date, a Minimum Commitment of * for each calendar * shall apply to the Existing Business. In terms of New Business, the Minimum Commitment Payment is the * payable over * for the Term of the Agreement, in the amount of * per calendar *, starting on the Effective Date of this Agreement. The Minimum Commitment Payment for the additional licenses added as of the Amended Date is payable initially on an * basis for the first year, starting on the Amended Date; and then thereafter, unless not renewed per the terms of Section IX, is paid *, starting March 26^th, 2004 until the end of the Term of the contract. The Minimum Commitment Payments shall be due in full according to the Minimum Commitment Payment schedule set forth below.

The Minimum Commitment Payments for the Existing Business do not include any Existing Business Adjustment in the first three (3) quarters from the Effective Date of the Agreement, Incremental * purchases through out the Term, or Existing Business in the fourth quarter of year one (1), all of year two (2), or year three (3).

* Only the * payments indicated by asterisks will be on payment terms of * days from the following *, * & * all other payments set forth above will remain as stated herein.

3. Reporting and Payments for the Price In Excess of the Minimum Commitment Payments.

(i) Existing Business: All Payments other than Minimum Commitment Payments, which are made in * shall be calculated on the last calendar Friday of the last * of the end of the calendar *, using the then existing Authorized User total, and shall be payable *. The Regional Report showing the Authorized User total for each * and the calculations of Payments due based on such totals shall be due from Brightmail within * days after the end of each calendar * during the Term for the *. Brightmail shall only be required to remit Payments for the Price so calculated to the extent that such Payments exceed the amount of any * portion of the Minimum Commitment Payment actually paid with respect to the applicable calendar * (the “Existing Business Adjustment”). Brightmail shall remit the amount of any Payments due as shown on each Regional Report with the Regional Report. In no event will the amount by which any Minimum Commitment Payment exceeds the actual Payment due calculated on the number of Authorized Users be refunded or carried over to any subsequent *.

CONFIDENTIAL TREATMENT REQUESTED

(ii) * and Incremental *. Incremental * at the Price indicated above must be purchased for any Authorized Users exceeding the number of Authorized Users indicated under a * and shall be due per the payment terms above. A Regional Report showing the Authorized User total for New Business, as totalled on the last Friday of the calendar * and the need for the purchase of an Incremental License based on the actual number of Authorized Users shall be due from Brightmail within * days after the end of each calendar * during the Term for the preceding calendar *. Brightmail shall only be required to purchase an Incremental License and remit Payments for the Price of the Incremental License so calculated to the extent that such actual number of Authorized Users exceeds the total of the * actually paid with respect to the applicable calendar *. Brightmail shall remit the amount of any Payments due as shown on each Regional Report with the Regional Report. Minimum Commitment Payments payable at the end of each * based on the Payment schedule set forth above will be applicable for that * only of the Term. In no event will the amount by which any * Payment or any additional Payment for an Incremental * exceeds the actual number of Authorized Users in any given * or * or * be refunded or carried over to any subsequent time period. In addition, the additional Payment for the Incremental * is prorated for the period remaining in any * payment period and only applies to that co-terminus *period.

IV. TERRITORY

The Territory shall be Worldwide.

V. SUPPORT

Brightmail shall continue to provide all direct technical support to (i) Authorized Sublicensees and contractually require the Authorized Sublicensees to provide such to the Authorized Users (regardless of whether they are Evaluations), (ii) Internal Users and (iii) Resellers of the Licensed Products through its standard technical support program. Symantec shall provide no support under the terms of this Agreement

EXHIBIT “B”

ALL PRIOR APPROVED ARRANGEMENTS WITH A UNIQUE DEFINITION OF

AUTHORIZED USER APPROVED PRIOR TO THE EFFECTIVE DATE


Name of Authorized Sublicensee	Effective Date of Agreement with Brightmail	Ending Date of Agreement with Brightmail	Approved Definition of Authorized User	Date Approved and Symantec Person Approving

*	December 15, 2000	December 14, 2002	User End shall mean the individual holder or authorized user of one or more email accounts * of the * Service.	* March 2002

*	April 19, 2001	April 18, 2004	“End User(s)” shall mean the individual holder or authorized user by Company’s . For purposes of determining the * number of End Users, the parties agree to the following: * The Parties agree that the following * will be used to * of End Users each : The number of End Users per will . The to determine the total number of End Users for the * will consist of: *.	* March 2002

			BI will monitor and provide the * by COMPANY based on the * and BI will also determine the number of End Users each . BI will and *to COMPANY.

*	April 18, 2001	March 8, 2004	“End User(s)” is the individual holder or authorized user of the email account hosted by Aristotle Email Service.	* March 2002

*	March 20, 2001	August 19, 2005	“End User(s)” is the individual holder or authorized user of the email account hosted by Company Email Service.	* March 2002

*	March 29, 2002	May 20, 2005	“End User(s)” is the individual holder or authorized user of the email account hosted by the Company Email Service	* March 2002

*	June 20, 2000(term.); June 5, 2002	3 years from AV Acceptance	“End User(s)” is the individual that * hosted mail service * Company reports such data to Supplier (“Reporting Period”). An End User will also be the number * by Company’s * customers who are using Company’s * where such usage includes the Product AV Product).	* May 2002

CONFIDENTIAL TREATMENT REQUESTED

EXHIBIT “C”

SERVER SECURITY REQUIREMENTS

[GRAPHIC]

Information Technology

Security Requirements for ISPs and ASPs Providing Services on Behalf of Symantec

Revised December 3^rd, 2001

Version 1.4

CONFIDENTIAL TREATMENT REQUESTED

TABLE OF CONTENTS


1. Network-Level Requirements		2
2. Operating System-Level Requirements		2
3. Application-Level Requirements		3
4. Use of Encryption		3
5. Audit Requirements		3

Revision history:


Date	Author	Description
17/11/00	*	-Updated format -Updated BS 7799 reference (now ISO Recommendation 17799) -Updated phone number for Tim Mather
1/1/01	*	-Updated logos -Andersen Consulting now Accenture
3/13/01	*	-Added section on use of encryption
9/22/01	*	-Revisions to requirements in all sections

Page 1

CONFIDENTIAL TREATMENT REQUESTED

Introduction

These security requirements pertain to non-Symantec organizations, which will be providing services to, or on behalf of, Symantec. This might include product information that is relied upon by our customers, electronic delivery of products or Certified Definitions for viruses, or the collection of registration information.

There are five (5) sets of requirements for providing services to, or on behalf of, Symantec. Those requirements are:

1.	Network-Level Requirements: Vendor shall have * addresses network-level requirements * dealing with issues such as *

1.1. * shall be used to protect * Symantec information. *.

1.2. *.

1.3. *.

2.	Operating System-Level Requirements: Vendor shall have * addresses operating system-level requirements, , dealing with issues such as

2.1. *.

2.2. *.

2.3. Operating system(s) * shall *.

2.3.1.

Several organizations and vendors have documentation, checklists, or tools designed to facilitate this security configuration process, and are generally recognized as “best practices”. For example,

2.3.1.1. *.

2.3.1.2. *.

2.3.1.3. *

2.4. Vendor shall have *.

2.5. Service provider shall have *.

3.	Application-Level Requirements

3.1. *.

3.2.

Service provider shall have a documented *, and shall adhere to application vendor’s recommendations for “best practices”.

4.	Use of Encryption

4.1. Encryption shall be used under the circumstances listed below.

4.1.1.

4.1.1.1. *.

4.1.1.2. *.

4.1.2.

4.1.3.

5.	Compliance Verification Requirements

5.1. Service provider shall *.

5.1.1.1. * shall be:

5.1.1.1.1.*, or

5.1.1.1.2.*, or

5.1.1.1.3.*.

5.2. Small contracts

5.2.1.

Vendors whose contracts are less than * with Symantec may chose * to fulfill * verification of all security requirements.

Questions concerning these requirements should be directed to * Symantec’s Director of Information Security. He can be reached at *.

Page 2

CONFIDENTIAL TREATMENT REQUESTED

[GRAPHIC]

EXHIBIT “D”

Guidelines for Using Symantec’s Trademark/Logo

Brightmail or Authorized Sublicensee shall use Symantec’s Trademark/Logo in accordance with these guidelines made by Symantec concerning the appearance, placement or use of the Trademark/Logo.

Brightmail or Authorized Sublicensee shall:

(a)	use only approved Trademark/Logo artwork provided by Symantec;

(b)	not display the Trademark/Logo more prominently, or larger than, or before the Brightmail or Authorized Sublicensee’s company name/logo and product name/logo, wherever displayed;

(c)	not refer to Brightmail or Authorized Sublicensee’s products in which the Trademark/Logo is referenced as “Symantec software” or imply that Symantec produced, endorsed, or supports the Brightmail or Authorized Sublicensee’s Products;

(d)	not display the Trademark/Logo in a manner or location disparaging to Symantec;

(e)	not display the Trademark/Logo in any publication or on a web site that is pornographic, violent in nature, is in poor taste or unlawful, or which has a purpose or objective of encouraging unlawful activities;

(f)	not use the Trademark/Logo as a possessive or in the plural form;

(g)	use the Trademark/Logo as an adjective followed by generic descriptors;

(h)	include a ^TM symbol after the first or most prevalent use of the Trademark/Logo on each page in which it appears, and attribute the Trademark/Logo as a U.S. trademark of Symantec Corporation in a legend on packaging, splashscreens, web pages, and other materials where the Trademark/Logo appears;

(i)

not include the Trademark/Logo in Brightmail or Authorized Sublicensee’s company name, business name, or in the name of Brightmail or Authorized Sublicensee’s product, technology, services, web page, or in any manner suggesting an affiliation or endorsement by Symantec of Brightmail or Authorized Sublicensee or its beliefs, ideas, products, technology, or services;

(j)	not use the Trademark/Logo in connection with any product competing with a Symantec product, including, without limitation, the sale or advertisement thereof;

(k)	supply Symantec with suitable specimens of Brightmail or Authorized Sublicensee’s use of the Trademark/Logo at any time upon reasonable notice from Symantec; and

Page 3

CONFIDENTIAL TREATMENT REQUESTED

(l)	comply with Symantec’s request to correct, remedy, or discontinue any use by Brightmail or Authorized Sublicensee of the Trademark/Logo which is determined by Symantec to be improper under these Guidelines.

(m)	The following suggestions and guidelines will help to make the review and approval process of marketing material more effective and timely.

To help expedite the approval process, Brightmail’s marketing can:

•

Appoint a marketing point of contact within Brightmail to work with Symantec on the review and approval on marketing material and to determine appropriate branding/messaging with regard to Symantec products.

•

Brightmail to provide marketing pieces to Symantec for upcoming Authorized Sublicensee deals no less than one (1) month in advance of planned launch date so Brightmail’s timelines can be accommodated as much as possible by starting to review the promotional material in advance of the launch.

•

On all future launches, provide Symantec with marketing launch plan and timeline, so Symantec has advance notice of what marketing pieces will need review and approval and when, thus helping to accommodate Brightmail’s timelines as much as possible.

•

Use Symantec’s standard word descriptions for Norton AntiVirus 2002 and Norton Person Firewall 2002. See attachments (nav2002_wd.doc and npf2002_wd.doc). The updated 2003 word descriptions will be provided when available.

•

Follow our “Guidelines for Using Symantec’s Trademark/Logo”, see attached document (Guidelines for Using Symc Trademarks.Logos.053102.doc), also exhibit D in the contract.

•

Follow guidelines as set forth in the contract, see Terms and Conditions, section d.

(n)	The following Trademarks and footnotes are to be used:

[GRAPHIC]

Trademark/Logo footnote:

Symantec and the Symantec logo are U.S. registered trademarks of Symantec Corporation. Powered by Symantec^TM is a trademark of Symantec Corporation.

Page 4

CONFIDENTIAL TREATMENT REQUESTED

(o)	The following phrases are approved by Symantec for use in the following manner:

The following examples are approved for use by Brightmail:

With Brightmail AntiVirus, powered by Symantec^TM, you can feel secure that all your e-mail is protected.

The Brightmail Anti-Virus Solution, powered by Symantec^TM anti-virus technology, protects users from the increased threat of infection via email.

The following examples are approved “powered by Symantec” messages relevant to Authorized Sublicensees of Brightmail:

[INSERT AUTHORIZED SUBLICENSEE’S SERVICE NAME HERE] combines the virus detection and repair technology from Symantec, with the proven rapid response messaging system filtering technology of the Brightmail Logistics and Operations Center (BLOC) to identify, redirect, clean then deliver the emails.

With Powered by Symantec’s AntiVirus technology, Brightmail is able to provide enterprise customers with top-level security from viruses. By combining Symantec’s unrivaled virus detection and repair technology with Brightmail’s real time rule delivery and message filtering technology, Brightmail brings [INSERT AUTHORIZED SUBLICENSEE’S NAME HERE] fast, most thorough virus-protection available, combined with an ISP-strength anti-spam solution.

When a virus threat occurs, experts at Symantec Security Response deliver to Brightmail the anti-virus definitions, services and response to combat the outbreak.

Brightmail’s proprietary Anti-Spam technology and Brightmail’s Anti-Virus technology, powered by Symantec, together filter out spam and viruses at the gateway.

[INSERT AUTHORIZED SUBLICENSEE’S NAME HERE] is deploying Brightmail^{^®} Anti-Virus software, powered by Symantec. Brightmail is a technology leader in spam management software. The virus-identifying and blocking technology prevents contaminated e-mails from causing damage to computer files and to the network. The antivirus software will scan all incoming e-mail messages to [INSERT AUTHORIZED SUBLICENSEE’S NAME HERE]’s subscribers, clean infected messages, and notify the recipient if a virus is detected and removed.

[INSERT AUTHORIZED SUBLICENSEE’S SERVICE NAME HERE] with junk-email filtering powered by Brightmail, and e-mail virus filtering powered by Symantec^TM, starts at just $X, a month. One hundred percent filtering is not guaranteed.

Access your email from anywhere around the world. [INSERT AUTHORIZED SUBLICENSEE’S SERVICE NAME HERE] provides filtering for junk e-mail and email viruses. No software to install! Filtering for junk e-mail is powered by Brightmail, and filtering for e-mail viruses is powered by Symantec^TM.

Page 5

CONFIDENTIAL TREATMENT REQUESTED

EXHIBIT “E”

“REPORTING REQUIREMENTS”

No later than thirty (30) days following the end of each calendar quarter, during the Term, Brightmail will provide Symantec with a report containing certain transaction information, including but not limited to the following:

(i) Basic Licensee Information. Report should indicate Brightmail’s corporate name and corporate address, indicating a contact person if there are any questions.

(ii) Identify Authorized Sublicensees. Provide corporate name of the Authorized Sublicensees of the BMI Service as well as those provided by the Reseller. Also provide the name (and if possible, address) of the Reseller.

(iii) First Date of Use of the Licensed Product as incorporated into the BMI Product Date. Indicate First Date of Use each Authorized Sublicensee initially signed up for the Service, how long of a term the contract between Brightmail and the Authorized Sublicensee is for, and indicate the total of new Authorized Users for the calendar quarter by Authorized Sublicensee.

(iv) Authorized User Information. Indicate how many Authorized Users are active by the last Friday in each calendar quarter time period per Authorized Sublicensee. How Authorized User is being defined with each Authorized Sublicensee. The Minimum Commitment and number of Authorized Users by which the Minimum Commitment is exceeded.

(v) Excel Format. All reports should be in Excel format and indicate the final net amount to be received from the Authorized Sublicensee.

(vi) Regional reporting as outlined in the Agreement under Section V.2 As this is an international contract, the reporting must also be by geographic country so that Symantec can properly account for tax purposes.

(vii) Brightmail has provided a mock report which is attached hereto as Exhibit E-1 and obtain Symantec’s written approval of the format of such report.

Page 6

CONFIDENTIAL TREATMENT REQUESTED

Exhibit E-1

Page 1

Brightmail, Inc.

301 Howard Street

San Francisco, CA 94105

contact: *

phone: *; email *

* Preliminary Royalty Report

CONFIDENTIAL TREATMENT REQUESTED

Authorized
Service
Provider

Customer
Type

Definition
of
Authorized
User

Region

Acceptance
Date

Contract
End Date

EULA
Term
in Months

Royalty Rate

* Royalty

Feedback
Notes

Users

Minimum
Commitment
or
Authorized
Users

Effective
Rate

Proration

Est.
royalty

XSP

Americas

11/15/2001

New

XSP

Americas

8/12/2002

New

minimum

ENT

Americas

9/28/2001

Converted

minimum

ENT

Americas

9/12/2001

Converted

minimum

ENT

Americas

7/1/2001

Converted

minimum

XSP

Asia/EMEA

3/1/2002

Converted

minimum

XSP

Americas

12/31/2001

Converted

minimum

XSP

Americas

3/4/2002

Converted

minimum

XSP

Americas

12/31/2001

Converted

XSP

Americas

10/17/2001

Converted

XSP

Americas

9/28/2001

Converted

minimum

XSP

Americas

12/27/2001

Converted

minimum

XSP

Americas

12/1/2001

Converted

XSP

Asia/EMEA

4/30/2002

Existing

minimum

XSP

Asia/EMEA

1/1/2002

Existing

minimum

XSP

Asia/EMEA

2/1/2002

Existing

est based
on Q2 AU

Minimum Commitment Payment

Additional Amount Due

XSP

Americas

5/16/2002

Existing

XSP

Americas

5/1/2001

Existing

minimum

XSP

Americas

5/1/2001

Existing

minimum

XSP

Americas

3/1/2001

Existing

minimum

XSP

Americas

12/7/2001

Existing

XSP

Asia/EMEA

1/1/2002

Existing

minimum

XSP

Asia/EMEA

1/1/2002

Existing

minimum

XSP

Asia/EMEA

7/29/2002

New

minimum

XSP

Asia/EMEA

7/15/2002

New

minimum

XSP

Americas

3/5/2002

Existing

minimum

XSP

Americas

3/1/2001

Existing

minimum

XSP

Americas

3/15/2002

Existing

minimum

XSP

Americas

12/17/2001

Existing

minimum

XSP

Americas

5/17/2001

Existing

minimum

XSP

Americas

8/20/2001

Existing

XSP

Americas

3/1/2002

Existing

minimum

XSP

Americas

5/20/2002

Existing

minimum

XSP

Americas

3/1/2002

Existing

minimum

XSP

Americas

12/31/2001

Existing

minimum

XSP

Americas

4/1/2002

Existing

XSP

Americas

12/21/2001

Existing

XSP

Americas

1/17/2001

Existing

minimum

ENT

Americas

12/20/2001

Existing

ENT

Americas

4/1/2002

Existing

Minimum Commitment Payment

Additional Amount Due

ENT

Americas

ENT

Asia/EMEA

XSP

2/1/2001

Audit Adjusted

XSP

6/1/2001

Audit Adjusted

XSP

3/9/2001

Audit Adjusted

Page 2

CONFIDENTIAL TREATMENT REQUESTED

Exhibit “F”

The following Converted Business will be included under the * at the royalty rate indicated in Exhibit A as Existing Business.


Authorized Sublicensee	First Date of Use	Contract End Date	AV Pricing	No. of months in Term of Authorized Sublicensee’s contract	Royalty Rate
*	TBD	TBD	*	*	*
*	TBD	TBD	*	*	*
*	12/01/01	11/14/07	*	*	*
*	12/08/01	12/7/04	*	*	*
*	09/28/01	9/28/05	*	*	*
*	TBD	8/15/06	*	*	*
*	TBD	8/1/05	*	*	*
*	TBD	8/1/05	*	*	*
*	09/28/01	12/31/02	*	*	*
*	03/04/02	2/28/05	*	*	*
*	12/19/01	2/28/05	*	*	*
*	9/12/01	9/11/04	*	*	*
*	03/01/01	7/1/03	*	*	*
*
	12/31/01 10/17/01	12/30/05	*	*	*
*		10/16/04	*	*	*
*	11/15/00	11/14/03	*	*	*

*	Both approved by an officer of Symantec as an exception to the * requirement.

Page 1

CONFIDENTIAL TREATMENT REQUESTED

EXHIBIT G

DISTRIBUTION AGREEMENT

This Distribution Agreement is entered into on (“Effective Date”) by and between Brightmail Incorporated, a California corporation (“BMI” or “Brightmail”) with principal offices at 301 Howard Street, Suite 1800, San Francisco, CA 94105 and , a corporation (“Distributor” or “ ”), with principal offices at . BMI and will collectively be referred to as the “Parties” and each of them will be a “Party”.

WHEREAS, BMI develops and licenses client/server software, and hosts software related services, including but not limited to, software and services that reduce or eliminate Spam;

WHEREAS, wishes to obtain from BMI the non-exclusive right to market and distribute certain BMI products and services to its customers directly and indirectly through resellers of Distributor, and BMI agrees to appoint for such purposes subject to the terms and conditions of this Agreement.

NOW THEREFORE, in consideration of the mutual covenants contained herein, the Parties agree to the following terms and conditions, which set forth the rights, duties and obligations of the Parties:

1. DEFINITIONS

1.1	“Affiliate” means any entity in which has a greater than fifty-percent (50%) equity ownership interest in or which has voting control over, or any entity which owns a greater than fifty-percent (50%) equity ownership interest in or which has voting control over .

1.2	“Agreement” is this Distribution Agreement entered into by the Parties, together with all and any Exhibits attached hereto and made a part hereof, and all and any amendments or modifications made hereto pursuant to mutual written agreement of the Parties.

1.3	“Application Service Provider” or “ASP” is an entity that provides application services remotely for a fee or other consideration to its Customers, none of whom are under the ASPs immediate employ or the employ of any parent, or subsidiary.

1.4	“BMI Trademarks” are the trademarks, logos and trade names of BMI which may be registered or unregistered and include, but are not limited to, those BMI Trademarks set forth at http://www.brightmail.com/trademark.html.

1.5	“Customer(s)” is the individual that subscribes to the End Users’ email services; or the total number of Mailboxes existing on the End Users’ email system and/or that have access to the Services

1.6	“Documentation” is BMI’s standard system administrator documentation that outlines the system architecture and its interfaces of the Product, including comprehensive guides on installation and operations, and on application program interfaces (“API”).

1.7	“End User(s)” is the ISP, ASP or Enterprise customer that upon executing an End User License Agreement, obtains a license for the Software and Services for its own internal use with Internet services or online application services for the benefit of its End Users.

1.8	“End User License Agreement” is the license and service agreement between an End User and that governs the End User’s rights and restrictions in use of the Product and in receiving

Page 1

CONFIDENTIAL TREATMENT REQUESTED

the benefit of the Services, and that contains substantially the minimum terms and conditions detailed in the attached Exhibit B.

1.9	“Enterprise” individually and collectively the entities other than ISPs and ASPs that procure Services for internal use in conjunction with the entities’ internal needs for the benefit of its employees, agents, and contractors.

1.10

“IP Rights” means all and any intellectual property rights in the Software, the Documentation and BMI Trademarks, and/or which are derived or arise from the Services, including copyrights, inventions, patents, trade marks, service marks, trade names, moral rights, mask words, trade secrets, goodwill, confidential and proprietary information, compositions and formulae whether created in the United States of America or elsewhere and all applications for registration and registrations of such rights.

1.11	“Internet Service Provider” or “ISP” is an entity that provides Internet access and messaging services for a fee or other consideration to its End Users, none of whom are under its immediate employ or the employ of any parent, or subsidiary.

1.12	“Mailbox(es)” is an area in memory in a storage device where email is placed and/or stored, i.e., an email address. An individual End User may have one or many Mailboxes.

1.13	“Marketing Materials” are sales and marketing collateral including but not limited to: sales presentations, datasheets, white papers, press releases, industry articles, benchmark test reports, competitive evaluations, and customer testimonials.

1.14	“Product” or the “Brightmail^® Solution Suite” comprises the Software, including Updates and Upgrades thereto, if any, the Services and the Documentation, as more fully described in Exhibit A, attached hereto and made a part hereof.

1.15	“Rules” are explicit, conditional statements, or criteria, that are created and used by BMI to detect and filter Spam (as defined below), and are made available by BMI to ’ or directly to End Users solely as part of the Services.

1.16	“Rule Update(s)” are modifications and revisions to the Rules made available by BMI to or directly to End Users as part of the Services.

1.17	“Server(s)” are a combination of Software, hardware, processes and functions and that are collectively used to filter the incoming mail of End Users. Servers are set up to divert, reject, or discard Spam.

1.18

“Service(s)” are the provision by BMI of its email analysis and filtering system, which services include the creation of Rules and Rule Updates, Updates (as defined below) and Upgrades (as defined below), all of which are used to detect Spam. Services also include Server support and general Product support as more fully described in this Agreement.

1.19	“Service Provider(s)” are ASPs and ISPs, collectively.

1.20

“Software” is BMI’s email-filtering software, and is part of the Product. The Software is more fully described in Exhibit A, attached hereto. To the extent that BMI (in its sole discretion) provides or directly to End Users with any Updates and/or Upgrades during the term of this Agreement, all references to Software will include such Updates and/or Upgrades.

1.21	“Sale” and /or “Sell” means the distribution of the Software to the End User. All Software sold to the End User will be pursuant to a End User License Agreement

Page 2

CONFIDENTIAL TREATMENT REQUESTED

1.22	“Territory” means the territory comprising the countries described in Exhibit A attached hereto.

1.23

“Training Materials” means informational materials, including but not limited to summary Product and Service information, frequently asked questions and responses, architectural and functionality descriptions and diagrams, etc., and other information included in BMI’s training materials for its training classes.

1.24

“Updates” are minor updates of, or error corrections and bug fixes to the Software that do not add significant new functions to the Software, and that are released by BMI, in its sole discretion. Updates are designated by an increase to the Software’s release number to the right of the decimal point (e.g., Software 1.0 to Software 1.1). The term Updates specifically excludes Upgrades and excludes any software marketed and licensed by BMI as a separate product.

1.25

“Upgrade(s)” are any major revisions to the Software, which adds significant new functionality, if and when released by BMI, in its sole discretion. Upgrades are designated by an increase in the Software’s release number, located to the left of the decimal point (e.g., Product 1.x to Product 2.0). The term Upgrade specifically excludes any software marketed and licensed by BMI as a separate product.

2. APPOINTMENT; GRANT OF RIGHTS

2.1 Subject to the terms and conditions contained in this Agreement, BMI hereby appoints as an authorized distributor of the Product and hereby accepts such appointment. Subject to the terms and conditions of this Agreement, BMI grants to for the duration of the Term (as defined below), a non-exclusive, revocable, royalty-bearing, license (“License”) to market and distribute the Product to End Users, specifically, ISPs, ASPs, and/or Enterprises, within the Territory and that are using the Solaris operating system. The parties understand and agree that pricing, as provided herein, is dependent on the End User type, e.g., ISP, ASP or Enterprise, and the manner in which the End User will pay for the Product, e.g., for all Customers existing on its email services or for those Customers receiving the benefit of the Services. will report the End User type and the manner in which the End User is paying for the Product to BMI as provided in Section 6, 9, and Exhibit C, herein. will provide the Product to End Users pursuant to an End User License Agreement. may distribute the Product directly, or indirectly via its authorized resellers (each a “Reseller”). may appoint one (1) or more persons to act as a Reseller, provided that has written agreements with each such Reseller containing terms protecting BMI and its proprietary Product to the same extent as provisions relies on to protect its own products (“Reseller Agreement”). will take all reasonable measures to enforce such provisions in favor of BMI to the same extent that it would enforce such Reseller Agreements on its own behalf. may only grant Resellers the right to make sales to End Users. Each Reseller Agreement will contain provisions making BMI a direct and intended third party beneficiary of such Reseller Agreement, such that BMI may enforce its proprietary and intellectual property rights against any of ’s End Users and Resellers.

2.2 In connection with ’s sale and distribution of the Products to End Users, BMI will be solely responsible for the delivery of the Services to End Users, directly, and BMI agrees to provide the Services in accordance with the same policies and procedures that it uses to provide the Services to its own direct customers and licensees. will have no right or license to distribute, display or otherwise make available the Rules or Rule Updates. Brightmail may, at its sole discretion, and subject to the then-current fee, if any, and subject to certain restrictions, allow to distribute the Rules or Rule Updates to its End Users.

Page 3

CONFIDENTIAL TREATMENT REQUESTED

2.3 BMI will deliver to one (1) master copy of the Software in machine executable object code format together with BMI’s labeling and Documentation artwork data files, in electronic format. Subject to the terms and conditions of this Agreement, BMI grants to a nonexclusive, non-transferable, royalty-free right and license to copy the Software in machine executable object code format only and to copy the Documentation for incorporation in documentation for distribution to Resellers or End Users in accordance with the terms and conditions of this Section. Any use of BMI’s trademarks, trade names or logos will be in accordance with Section 8 below.

2.4 Subject to terms and conditions of this Agreement, BMI grants to for the duration of the Term a non-exclusive, revocable, royalty-free and fully paid up, non-transferable license to install and use copies of the Software solely for internal, non-commercial use, including, by way of example, development, support, testing and customer care services (“Support License”). This Support License may be used at any of ’s facilities where needed, and, on a royalty-free basis. BMI will provide any Rule Updates, Updates and Upgrades as commercially made available for these Support Licenses.

2.5 BMI hereby grants to a non-exclusive, royalty-free license, at its sole expense, to translate the Documentation, Training Materials, and Marketing Materials for distribution with the Product to non-English speaking countries. As between and BMI, will be solely responsible for any and all liability that results directly from the translation of the materials to any language other than English. If during the term, BMI desires to obtain a translated version, BMI will notify of such in writing, and following reimbursement by BMI of half (¹/₂) of ’s cost in translating the materials into the requested language, will make the translated versions available to BMI for its unrestricted use.

2.6 With each potential End User, may offer a one-time evaluation license to that potential End User, provided the evaluation extends for no more than sixty (60) days, unless obtains BMI’s prior written permission. Such evaluation will be conducted at no charge to the End User, and will only be used as a lead into the attempted sale of licenses in accordance to the terms and conditions herein.

2.7 Distributor may describe itself as the authorized distributor for the Product in the Territory, but will not hold itself out as an agent, representative, partner or joint venture partner of BMI or being in any other way connected with BMI. Distributor will at all times be an independent contractor.

2.8 Each party will appoint a representative as a relationship manager who will be the primary contact for implementing and administering the terms and conditions of this Agreement (“Relationship Managers”). The Relationship Managers will be those people set forth on Exhibit A and will meet, either in person or via teleconference at least monthly and at mutually agreeable times to review and coordinate sales efforts, review ’s marketing/sales strategies, review End Users’ response to the Services and address other topics related to the successful support of the Products.

3. RESTRICTIONS

3.1 will not use, apply or otherwise deal with the Product for any purpose other than the purpose set out in Section 2.1 of this Agreement. will not decompile, reverse engineer, disassemble, reconstruct, tamper with or otherwise determine, or attempt to derive, reconstruct or discover the source code for the Product or any part thereof, or modify or create or attempt to create any derivative works from or based on the Product, nor will authorize, permit, or assist any End User or anyone else to do so. will not, and will not authorize, permit, or assist any End User to determine or attempt to determine the Rules or Rules Update(s) used by the Software under any circumstances whatsoever.

Page 4

CONFIDENTIAL TREATMENT REQUESTED

3.2 will require that use of the Product by its End Users will be in accordance with the Documentation or any other operation or user instructions or manuals furnished by BMI or its licensors, and in accordance with any other reasonable requirements of BMI.

4. PROPRIETARY RIGHTS

4.1 Ownership of all rights (including the IP Rights), title and interest in the Product (including but not limited to copies of the Product contained in any storage media) the Marketing Materials, Training Materials and any other materials provided by BMI to will at all times remain the absolute and exclusive property of BMI and/or its licensors, as the case may be. Except as expressly granted herein, is granted no rights to create derivative works of the Product, or to distribute the Product to third parties. In the event that notwithstanding the above, has or acquires any such said rights, title or interest, will be deemed to have irrevocably assigned and transferred the same to BMI free from any requirement on the part of BMI to pay any fees. Further and if required by BMI at BMI’s cost, will execute and deliver to BMI all relevant documents of assignment and transfer in respect of the said rights, title or interest, and the documents will be in such form as may be required by BMI.

4.2 , its officers, employees, servants and agents will not remove, alter, obscure, conceal or otherwise interfere with any BMI Trademarks, or other EP Rights in the Product, appearing on or in copies of the Product or on the Software or other materials delivered to by BMI. In connection with the distribution of the Product, will use those notices, legends, symbols or labels in connection with the Product in the same manner as they appear on or in the Product.

5. NO OTHER RIGHTS.

Except as expressly provided herein, no right (including the IP Rights), title or interest in any Product is granted by BMI to , and all such right, title and interest is reserved and retained by BMI. Without limiting the foregoing, B MI reserves the right to use, distribute, sell, resell, apply, import, export, make, have made, use, copy, modify, have modified, create derivative works of, have created derivative works of, demonstrate, maintain, support or otherwise exploit the Product in any part of the world (including the Territory), and the right to license the foregoing rights.

6. SCOPE OF SERVICES; ORDERS AND DELIVERY; TRAINING

6.1

will submit a purchase order (“Order”) to BMI in writing or via email for the Services to be provided to each of its End Users pursuant to one or more End User License Agreements. The purchase order shall be issued upon execution of an End User License Agreement. The Order shall state the Order number, End User name, Service description, applicable Fee (as defined in Section 9.1), End User categorization (i.e., an ISP, ASP or Enterprise), the manner in which the End User is paying for the Product (100% opt-in or selective opt-in), the aggregate number of Customers, a distribution email address for the provision of Rules and Rule Updates, and the contract term. Unless otherwise noted, BMI shall use such Order as evidence that the End User is properly configured to receive the Services, and BMI shall commence the provision of such Services within four (4) days of receipt of the Order. shall notify BMI promptly in writing with respect to any: (i) effective dates of evaluations and/or acceptance by any End Users; (ii) termination or expiration of a End User License Agreement; and (iii) any other relevant change in Service description. will provide a quarterly report, verifying and updating the information contained’ in the Order for each End User, including the then current of numbers of Customers per End User (“Product Report”). The Product Report will be due within fourteen (14) calendar days of the end of the quarter for the just ended quarter; e.g., the Product Report due for January, February, and March, will be due on April 14. BMI will generate an invoice for any increases in the number of End Users provided within the Product Report at the applicable fee rate.

Page 5

CONFIDENTIAL TREATMENT REQUESTED

6.1.1

Any evaluation licenses will be noted within an Order and will contain the same information listed above. will indicate the beginning and end dates. For any evaluation licenses exceeding sixty (60) days without written consent for extension from BMI, will be charged the applicable fee for that End User type and in accordance to the terms outlined in section 6.1.

6.2	and BMI mutually agree to work in good faith to reduce channel conflict.

6.3	BMI will make available the following to in respect of the Product:

6.4.1

Documentation and other written information and data, if any, for the installation, use and application of the Product by and/or its End Users (as applicable) in either printed or machine-readable form as BMI may in its sole discretion elect.

6.4.2

A reasonable quantity of Marketing Materials and Training Materials to the respective appropriate contacts in the English Language in electronic or other mutually agreeable format, as available or upon material update, change or enhancement (particularly with respect to any Updates or Upgrades). It is anticipated that will integrate the Training Materials supplied by BMI into ’s training curriculum.

6.4.3

In connection with the commencement of this Agreement, the training of a number of suitably qualified employees of in the marketing and promotion, and the installation, use and application of the Product, and the rendering of training and support services to End Users as described in Exhibit D of this Agreement, as may be required by Distributor. Such training (“Training”) will be undertaken by BMI at the premises of BMI unless otherwise agreed by the Parties. If the Training is at a location other than the premises of BMI, will be responsible for all expenses that may be incurred by the employees of BMI in attending the Training, including airfare, ground travel expenses, accommodation and meals, and telecommunication expenses.

6.4.4

At the request of , (a) after the initial execution of this Agreement and (b) thereafter per each Upgrade release, visits to ’s premises, (but not to exceed three (3) man-days) by such number of suitably qualified personnel of BMI as BMI deems appropriate who will, within their reasonable means and capabilities, address or troubleshoot technical problems encountered by in connection with the Product. will be responsible for all expenses that may be incurred by the employees of BMI in providing such services, including airfare, ground travel expenses, accommodation and meals, and telecommunication expenses.

6.4.5

In connection with any Updates and/or Upgrades that may be made available by BMI to , and on such timing as notified by BMI, the training of a mutually agreed upon number of suitably qualified employees of at the premises of BMI (unless otherwise agreed by the Parties), and for such period as the parties deem appropriate, in the marketing, promotion, installation, use and application of the Upgrades, and the rendering of training and support services to End Users with respect to such Upgrades and as described in Section 13. Appropriate Update training will be mutually determined after discussions as to the extent and impact of the Updates. For the avoidance of doubt, BMI is not required under the terms of this Agreement or otherwise to disclose any source code comprised in the Product or Updates and/or Upgrades.

Page 6

CONFIDENTIAL TREATMENT REQUESTED

6.5 If requires further and additional assistance or instructions beyond any time frame or time limit or number of personnel allocated for purposes of Section 6.4 of this Agreement or requires further and additional assistance or instructions from time to time during this Agreement on any matter relating to the Product or any Updates and/or Upgrades that are not expressly included in Section 6.4 of this Agreement, BMI may provide such assistance or instructions in such manner and by such means as BMI deems appropriate, provided that BMI has the capacity and available resources to provide such assistance or instructions, and provided further that will pay BMI’s then-current fees for such services upon completion of the effort. BMI will provide a written quotation of the deliverable and the then-current fees and will provide written acceptance, prior to the start of any services rendered under the scope of Section 6.5.

7. DUTIES OF

7.1	will at all times during the Term:

7.1.1

observe and perform the terms and conditions set out in this Agreement;

7.1.2

consistent with its resource deployment strategy, devote its reasonable commercial efforts to promoting and marketing the Product in the Territory;

7.1.3

conduct its business in a responsible and ethical manner in the Territory and in accordance with all applicable laws, regulations and rules of the Territory, and not do or permit to be done anything that may bring BMI, the Product, the BMI Trademarks and/or the IP Rights into disrepute;

7.1.4

promptly bring to the attention of BMI any complaints it may receive regarding the Product;

7.1.5

not make or give any warranties, guarantees, representations or other commitments in relation to the Product or Services, other than as provided by BMI in writing (including in any Marketing Materials provided by BMI) or approved by BMI in writing;

7.1.6

promptly and diligently follow up on all End User inquiries consistent with ’s current business model and in any event, no less than the obligations agreed to herein;

7.1.7

consistent with its resource deployment strategy, maintain adequate staff trained in and able to fulfill the marketing, distribution and support needs as required under this Agreement;

7.1.8

promote BMI as ’s Preferred Provider for a Spam filtering service. As a “Preferred Provider,” agrees that: (i) when a customer requests a provider for Spam filtering products, it will promote BMI as a preferred Spam filtering product/service provider; and (ii) will refer to BMI as its preferred Spam filtering product/service provider in its public announcements regarding the relationship contemplated by this Agreement.

7.1.9

make each End User aware of the importance of providing BMI with email accounts * by BMI as probe accounts (“Probes”) in connection with BMI’s provision of the Services and to use reasonable commercial efforts to obtain and provide BMI with a list of the Probes for each End User prior to the first distribution of a Rule.

8. TRADEMARK LICENSE

8.1 will require in its agreements with its End Users and Resellers that they: (a) describe and refer to the Product as the Brightmail^® Solution Suite or such other name as BMI may specify; (b) use and apply the BMI Trademarks in relation to the Product in the forms stipulated by BMI and in accordance with

Page 7

CONFIDENTIAL TREATMENT REQUESTED

the guidelines (“Guidelines”) found at http://www.brightmail.com/trademark.html, as updated by BMI from time to time, (if any such Guideline update is material, BMI will supply with adequate notice to ensure ’s proper use of such Guideline update) and any other written directions given by BMI as to the appearance, colors, size and placing of all representations of the BMI Trademarks and their manner of use or application in relation to the Product and in any Marketing Materials and in connection with any promotional activities; (c) ensure that the BMI Trademarks are accompanied by wording to show that they are used with the permission of BMI (the content of such wording, placing and size to be as instructed by BMI or as set out in the Guidelines); and (d) save with the prior written consent of BMI, not offer the Product in any packaging other than that provided by BMI and use, affix or otherwise place such marks, logos, labels, markings or notices on the Product in the form provided by BMI.

8.2 Subject to the terms and conditions in this Agreement, is hereby granted, throughout the Term, a non-exclusive, revocable, royalty-free and fully paid up, restricted right to use the BMI Trademarks in the manner set out in Section 8.1 of this Agreement, and solely in conjunction with the distribution of the Product in accordance with the terms of this Agreement. All representations of the BMI Trademarks that desires to use will be exact copies of those used by BMI or will first be submitted to BMI for its approval. All right, title and interest in and to the BMI Trademarks, all derivations thereof and any other trademark or service mark adopted by BMI to identify the Product, will belong to BMI or its licensors, as the case may be. will not acquire, directly or indirectly, any right, title or interest in or to the BMI Trademarks except as expressly set forth herein and as specified in writing by BMI to from time to time. will not use any BMI Trademarks in a manner inconsistent with the Guidelines and/or the terms of this Agreement. Furthermore, will not register any BMI Trademarks in ’s name, or permit any other third party to register any such BMI Trademarks. acknowledges that any material breach by it of this Section 8.2 is a material breach of this Agreement that is incapable of cure, permitting BMI to terminate this Agreement upon written notice.

8.3 For the avoidance of doubt, BMI will be the sole party permitted to file or prosecute any registration or application for registration for the BMI Trademarks and/or any of the IP Rights. will not do or permit to be done any act which may jeopardize or invalidate any registration (or pending registration) of the BMI Trademarks and/or the IP Rights, nor do any act which might assist or give rise to an application to remove any of the BMI Trademarks and/or IP Rights from all and any applicable registers. will give to BMI any information as to its use of the BMI Trademarks and/or IP Rights that BMI may reasonably require and render any assistance, at BMI’s expense, reasonably required by BMI in maintaining the registrations of any of the BMI Trademarks and/or IP Rights. will, if required by BMI and at BMI’s expense, do all acts reasonably necessary (including executing any necessary documents) for the recording of as a registered user of any appropriate BMI Trademarks and/or IP Rights on all and any applicable registers, and hereby agrees that such entry may be canceled by BMI on the expiry or termination of this Agreement and that it will reasonably assist BMI at BMI’s cost as far as may be necessary to achieve such cancellation (including executing any necessary document).

8.4 Subject to the terms and conditions of this Agreement, BMI is hereby granted a non-transferable, non-exclusive, revocable, royalty-free and fully paid up, restricted license to use ’s trademarks, logos, service marks and trade names (collectively, “ Trademarks”) to identify that is BMI customer on BMI’s website, literature, tradeshow signage, and press releases relating to the Product, all in accordance with the written directions of (if any); provided, that BMI will use artwork and logos in the form provided by and will obtain ’s approval prior to making changes to such artwork or logos. BMI will clearly indicate ’s ownership of the Trademarks. In addition, BMI will be prohibited from registering Trademarks and all derivations thereof in BMI’s name, or permitting any other third party to register any Trademarks or derivations

Page 8

CONFIDENTIAL TREATMENT REQUESTED

thereof. All right, title and interest in and to the Trademarks, all derivations thereof and any other trademark or service mark adopted by to identify its products and services, will belong to or its licensors, as the case may be. BMI will not acquire, directly or indirectly, any right, title or interest in or to the Trademarks except as expressly set forth herein and as specified in writing by to BMI from time to time.

8.5 For the avoidance of doubt, will be the sole party permitted to file or prosecute any registration or application for registration for the Trademarks. BMI will not do or permit to be done any act which may jeopardize or invalidate any registration (or pending registration) of the Trademarks, nor do any act which might assist or give rise to an application to remove any of the Trademarks from all and any applicable registers. BMI will give to any information as to its use of the Trademarks that may reasonably require and render any assistance, at ’s expense, reasonably required by in maintaining the registrations of any of the Trademarks. BMI will, if required by and at ’s expense, do all acts reasonably necessary (including executing any necessary documents) for the recording of BMI as a registered user of any appropriate Trademarks on all and any applicable registers, and BMI hereby agrees that such entry may be canceled by on the expiry or termination of this Agreement and that it will reasonably assist at ’s cost as far as may be necessary to achieve such cancellation (including executing any necessary document).

8.6 From time to time during the term of this Agreement, BMI may desire to use End User’s trademarks, or obtain an End User Case Study, or other similar marketing items in connection with its promotion of the Products. agrees to use reasonable efforts to obtain one or all of the same from the End User that would permit BMI to refer to the End User, solely in connection with that End User’s use of the Products. After proposing such marketing requests to an End User, should the End User refuse, agrees that it will provide BMI with a contact at the End User, if such End User allows to do so, so that BMI may contact the End User directly to obtain permission.

9. FEES AND PAYMENTS

9.1 will pay to BMI a Fee for each Customer reported under the Order or Product Report submitted by with respect to each Product (“Fees”), as further set forth in Exhibit C. BMI will invoice for total fees and payments after the receipt of each Order or Product Report as described in Sections 6.1 and 9.5 of this Agreement. Each invoice will be due and payable net thirty (30) days after the date of the invoice. Fees will equal at a minimum the product of the number of Customers on an End Users email system and either the selective opt-in fees or 100% opt-in annual fee as provided in Exhibit C and section 6 of this Agreement. All Orders, Product Reports and Invoices will be in US Dollars.

9.2 All payments to be made by to BMI under this Agreement will be payable in US Dollars.

9.3 All fees owed by to BMI under this Agreement will be paid in full within thirty (30) calendar days after the date of invoice without any deduction or withholding (whether in respect of set off, defense, deferment, counterclaim, duties, taxes including turnover tax, value added tax, goods and services tax, withholding tax, government charges or legal dues and otherwise whatsoever) unless the deduction or withholding is required by law in relation to tax on the net income of BMI or the employees of BMI, in which case will: (a) notify BMI of any requirement with respect to the deduction or withholding as soon as becomes aware of it; (b) ensure that the deduction or withholding does not exceed the minimum amount legally required; (c) pay to the relevant taxation or other authorities within the period for payment required by applicable law the full amount of the deduction or withholding; and (d) furnish to BMI

Page 9

CONFIDENTIAL TREATMENT REQUESTED

within the period for payment permitted by applicable law an official receipt of the relevant taxation or other authorities in respect of all amounts deducted or withheld.

9.4 All amounts not paid when due under this Agreement will accrue interest at the lesser of one and one half percent (1.5%) per month or the maximum rate permitted under applicable law.

9.5 will maintain complete, proper, accurate and up-to-date records (`Relevant Records”) of all sales of the Services and of the details of all End Users, including contracts, accounts and support logs regarding: (a) the use of Product by End Users, and (b) ’s compliance with the terms of this Agreement. Such reports will be submitted by to BMI within ten days of BMI’s request of the same. will keep all Relevant Records. BMI will have the right to audit (“Audit”) all such records no more than once per twelve (12) month period throughout the term of this Agreement, to confirm the accuracy of the number of Customers reported to BMI, and compliance with any other terms and conditions of this Agreement. The scope of such audit shall be limited to transactions occurring during the preceding 24-month period For the purposes of the Audit, will ensure that BMI and/or its duly appointed representative will be given access to such principal place of business and to such records and will be entitled to take copies of all such records for the aforesaid purpose. This right will survive one (1) year after termination of this Agreement. Audit will take place during normal business hours and in accordance with ’s standard security procedures. BMI must give reasonable prior written notice to audit in advance of the desired date. The audit will be conducted at BMI’s expense unless such audit reveals an underpayment to BMI in excess of ten percent (10%) for the period being audited, in which case will bear the reasonable expenses of the audit.

9.6 Except as otherwise provided hereunder or as otherwise agreed to in writing between the Parties, each Party is responsible for their own expenses incurred in their performance hereunder. Any costs or expenses incurred by the Parties will be at that Party’s sole risk and upon that Party’s independent business judgment that such costs and expenses are appropriate. For the avoidance of doubt, may not credit any payment of Fees due to any End Users failure to pay.

10. WARRANTIES OF

10.1	represents and warrants to BMI that:

10.1.1

has the capacity to enter into and perform and comply with its obligations under this Agreement.

10.1.2

All actions, conditions and things required to be taken, fulfilled and done (including the obtaining of any necessary consents, approvals, permits and registration) in order (i) to enable to lawfully enter into and perform and comply with its obligations under this Agreement, and (ii) to ensure that those obligations are valid, legally binding and enforceable.

10.1.3

’s entry into and/or performance of or compliance with its obligations under this Agreement do not and will not violate any law to which it is subject.

10.1.4

’s entry into and/or performance of or compliance with its obligations under this Agreement do not and will not violate any agreement to which it is a party or which is binding on it or its assets.

10.1.5

Page 10

CONFIDENTIAL TREATMENT REQUESTED

where relevant, for the appointment of a liquidator, liquidation committee, receiver, administrator, trustee or similar officer of or of all or part of its business or its assets.

11. WARRANTIES OF BMI

11.1	BMI represents and warrants to that:

11.1.1

BMI has the capacity to enter into and perform and comply with its obligations under this Agreement;

11.1.2

BMI’s entry into and/or performance of or compliance with its obligations under this Agreement do not and will not violate any agreement to which it is a party or which is binding on it or its assets;

11.1.3

any copies of the Product delivered to will perform substantially in accordance with the Documentation for a period of ninety (90) days from the date of delivery to . BMI’s sole liability and ’s sole and exclusive remedy for any breach of this Section 11.1.3 will be repair or replacement of the Product. Any replacement Product or corrected Product will be warranted for ninety (90) days. These warranties are void if any defect is caused by abuse or misapplication of the Product, whether or not by accident, and except for the foregoing warranty, the Products are provided “AS IS” without any other warranty.

12. WARRANTY DISCLAIMERS; AND LIMITATION OF LIABILITY

12.1 THE EXPRESS WARRANTIES SET FORTH IN SECTION 11 OF THIS AGREEMENT ARE THE ONLY WARRANTIES WITH RESPECT TO THE PRODUCT AND ANY PART THEREOF. BMI AND ITS LICENSORS MAKE NO OTHER REPRESENTATIONS OR WARRANTIES, WHETHER EXPRESS, IMPLIED OR STATUTORY, AND EXPRESSLY DISCLAIM ALL OTHER WARRANTIES. INCLUDING WITHOUT LIMITATION. WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. BMI AND ITS LICENSORS DO NOT WARRANT (a) THAT THE PRODUCT OR ANY PART THEREOF WILL BE FREE FROM DEFECTS, ERRORS OR BUGS, OR (b) THAT THE OPERATION OF THE PRODUCT WILL BE SECURE OR UNINTERRUPTED, OR (c) THAT THE PRODUCT WILL BE ABLE TO PROVIDE OR ATTAIN ANY FEATURES, FACILITIES, FUNCTIONS OR CAPABILITIES, OR (d) THAT ANY RESULTS OR INFORMATION THAT MAY BE DERIVED FROM THE USE OF THE PRODUCT WILL BE ACCURATE, COMPLETE, RELIABLE AND SECURE.

12.2 For any breach of the warranties contained in Section 11.1.3 of this Agreement, ’s exclusive remedy and BMI’s entire liability will be correction of the defect that caused the breach or the re-performance of the non-conforming Services (as the case may be) at the cost and expense of BMI as soon as reasonably practicable. This warranty is made solely to and not to any Reseller or End User.

12.3 IN NO EVENT WILL EITHER PARTY BE LIABLE FOR ANY LOSS OF PROFITS, LOSS OF BUSINESS, LOSS OF USE OR DATA, INTERRUPTION OF BUSINESS, OR FOR INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES OF ANY KIND, EVEN IF SUCH PARTY RECEIVED ADVANCE NOTICE OF THE POSSIBILITY OF SUCH DAMAGES, OR FOR ANY CLAIM BY ANY THIRD PARTY, WHETHER OR NOT ANY OF THE MATTERS AFORESAID ARISES IN CONTRACT OR TORT (INCLUDING NEGLIGENCE) OR MISREPRESENTATION OR BREACH OF STATUTORY DUTY OR ANY DUTY UNDER GENERAL LAW OR ANY OTHER LEGAL THEORY. NEITHER PARTY’S ENTIRE LIABILITY TO THE OTHER UNDER THIS AGREEMENT, REGARDLESS OF

Page 11

CONFIDENTIAL TREATMENT REQUESTED

WHETHER THE CLAIM FOR SUCH DAMAGES IS BASED IN CONTRACT OR TORT (INCLUDING NEGLIGENCE) OR MISREPRESENTATION OR BREACH OF STATUTORY DUTY OR ANY DUTY UNDER GENERAL LAW OR ANY OTHER LEGAL THEORY, (EXCEPT FOR BMI’S DUTY TO INDEMNIFY AGAINST INFRINGEMENT AS PROVIDED IN SECTION 15 BELOW) WILL EXCEED THE AMOUNT OF FEES PAID TO BMI BY DURING THE INITIAL TERM OF THIS AGREEMENT.

13. SUPPORT SERVICES

13.1 Support services shall be provided as set forth in Exhibit D.

14. INDEMNITY

14.1 BMI will defend, indemnify and hold , together with its officers and employees, harmless from any third-party suit or action against to the extent such suit or action is based on a claim that the Product infringes any intellectual property rights of a third party where such rights are valid and existing as of the Effective Date and are enforceable in any Berne Convention member nation; and BMI will pay any judgment, loss, cost or expense (including reasonable attorneys fees and costs) incurred in connection with the defense thereof by . These obligations do not include any claims to the extent they are based on: (i) use of the Product in violation of this Agreement, or (ii) in combination with any other software or hardware (except as specified in the Documentation), or (iii) any modification made to the Product by anyone other than BMI. The indemnity obligations set forth in this section are subject to: (a) giving reasonably prompt written notice to BMI of any such claim(s); (b) BMI having sole control of the defense or settlement of the claim; and (c) at BMI’s request and expense, reasonably cooperating in the investigation and defense of such claim(s). To the maximum extent permitted by applicable law, this section states the entire indemnification obligations and liability of BMI with respect to infringement of any intellectual property rights of a third party. Upon BMI’s sole determination, should the Product become, or be likely to become, the subject of a claim of such infringement, or after the entry of any judgment or order not subject to further appeal, that the use of the Product infringes upon the intellectual property rights of any third party, and that such use of the Product must cease, BMI, at its election may, at its own cost and expense, either (a) procure for the End User the right to continue the use and/or receipt of the Product “as is”; (b) modify the Product in such a way that the use thereof does not infringe upon such intellectual property rights of the third party, provided such modification does not materially alter the functionality or performance of the Product; or if neither of the foregoing are commercially feasible, (c) terminate this Agreement by written notice to and return any pre paid fees for Services not rendered.

14.2 Subject to the provisions of Section 14.1 of this Agreement, will indemnify and hold BMI (together with its officers and employees) harmless from any third-party suit or action against any judgment, loss, cost, or expenses (including reasonable attorneys fees and costs) which may be suffered or incurred by BMI to the extent such suit or action is based on a claim that (i) caused personal injury or death of a third-party, or (ii) the Trademarks infringe the trademarks of any third-party, or (iii) any warranty claims made by End Users for warranties made by that exceed the scope of the warranty expressly set forth herein, or (iv) an act or omission by to the extent authorized by this Agreement. The indemnity obligations set forth in this section are subject to: (a) BMI giving prompt written notice to of any such claim(s); (b) having sole control of the defense or settlement of the claim; and (c) at ’s request and expense, BMI cooperating in the investigation and defense of such claim(s).

Page 12

CONFIDENTIAL TREATMENT REQUESTED

15. TERM

15.1 This Agreement will come into force on the Effective Date, and will continue for a time period specified in Exhibit A attached hereto (“Initial Term”), unless earlier terminated in accordance with Section 17 of this Agreement. Thereafter, if there has been no material breach of the terms of this Agreement by , at ’s option and with BMI’s consent, this Agreement will renew for additional one (1) year periods (“Further terms”) until terminated in accordance with this Section 15 and Section 16 below. will provide BMI with a six (6) month notice not to renew. In the event fails to provide such notice, such Wind-down period will not exceed the six (6) month period following the termination date, in accordance with section 16.4. The Initial Term and Further Term(s), if any, will be referred to as the “Term”.

16. TERMINATION

16.1 If either Party defaults in the performance of any of its material obligations contained in this Agreement, the non-defaulting Party may terminate this Agreement upon at least thirty days written notice if the default is not cured during such notice period. This Agreement may be terminated by one Party immediately at any time, without notice, if any proceeding is commenced or any action taken or an order is made or an effective resolution is passed for the dissolution, winding up, or bankruptcy of the other Party or, where relevant, for the appointment of a liquidator, liquidation committee, receiver, administrator, trustee or similar officer of the other Party of all or a substantial part of its business or its assets.

16.2 Upon termination or expiration of this Agreement, the rights granted to under this Agreement (including for the avoidance of doubt, the rights granted under Sections 2 and 8 of this Agreement) will lapse and terminate, and:

16.2.1 will immediately cease and discontinue, and/or procure the cessation and discontinuance of the use of the Product, the BMI Trademarks, the Confidential Information and the IP Rights and immediately remove from its letterhead, advertising literature and place of business all references to the Product and the BMI Trademarks and will also cease to represent itself as the authorized distributor of the Product;

16.2.2 Within thirty (30) calendar days after such said termination or expiration of this Agreement, will deliver to BMI or destroy all copies of the Software, Documentation, BMI’s Confidential Information, and any other documents, papers, materials or property of BMI which may have in its possession or under its control and will furnish to BMI an affidavit signed by an officer of certifying that, to the best of its knowledge, such delivery or destruction has been fully effected; and

16.2.3 will within 30 days of such said termination or expiration of this Agreement, pay to BMI all amounts outstanding in favor of BMI, unless such sums are due earlier, then by the earlier due date.

16.3 Notwithstanding the foregoing, if this Agreement terminates for any reason, BMI may continue to provide to the applicable End Users the Rule Updates, Updates and Upgrades, as available for the original (or “initial”) term of that End User’s End User License Agreement. Upon termination, BMI will, upon notice to , either: (i) terminate the End User License Agreement, or (ii) give notice to and the End User that BMI will assume performance of all obligations under the End User License Agreement. Distributor agrees that such notice will be binding on and will be deemed, as of the date specified in the notice, to have assigned all its rights and benefits in and to the End User License

Page 13

CONFIDENTIAL TREATMENT REQUESTED

Agreement to BMI or its agent, and the parties will work together in good faith to provide for the orderly transfer of such End Users to BMI.

16.4 Termination will be without prejudice to any accrued right or liability or to any other obligation surviving termination or to any rights or remedies of the Parties under this Agreement or at law. Upon termination or expiration of this Agreement the provisions of Sections 1, 3, 4, 5, 9, 16, 17, 18, 19.1, 19.4, 19.9, 19.12, 19.13, and all payment obligations incurred prior to the effective date of such termination or expiration will survive. All other provisions of this Agreement will terminate. In the event that this Agreement is terminated for any reason other than ’s uncured material breach, then BMI agrees that may continue using the Product subject to all the terms contained in this Agreement for a period not to exceed six (6) months following the termination date or until the expiration of its End User License, but in no event will such a period exceed one (1) year from the termination date (Wind-down Period). For termination due to non-renewal, the Wind-down Period will not exceed six (6) months following the termination date. ’s obligations to BMI for the payment of Fees due will not be relieved by the effective termination of this Agreement under such circumstances. At the end of such Wind-down Period, or immediately in the case of termination due to ’s uncured breach, shall cause End Users to immediately cease use of the Product and either return or destroy all copies of the Product.

17. CONFIDENTIALITY.

Each Party agrees to maintain all Confidential Information of the other Party in confidence to the same extent that it protects its own similar Confidential Information (and in no event using less than a reasonable degree of care) and to use such Confidential Information only as permitted under this Agreement. The receiving Party will not provide the Confidential Information of the disclosing Party to any third party, nor may it disclose such information to any employee of the receiving Party, except for the purpose of performing this Agreement, and unless such person has entered into an agreement with the receiving Party containing confidentiality provisions covering the Confidential Information that are at least as restrictive as those set forth in this Agreement. For purposes of this Agreement “Confidential Information” will mean audio, visual, oral or physical information marked “Confidential” or could reasonably be considered of a proprietary or confidential nature, provided that for information disclosed orally, a written summary of such information is provided to the receiving Party within thirty days of initial oral disclosure; and provided that email probe addresses, information disclosed in design reviews and any pre-production releases of the Product provided by BMI will be considered Confidential Information whether or not marked as such. Each Party agrees to take all reasonable precautions to prevent any unauthorized disclosure or use of Confidential Information. The foregoing restrictions on disclosure and use will survive for three (3) years following termination of this Agreement but will not apply with respect to any Confidential Information which (i) was or becomes publicly known through no fault of the receiving Party; (ii) was rightfully known or becomes rightfully known to the receiving Party without confidential or proprietary restriction from a source other than the disclosing Party; (iii) is independently developed by the receiving Party without reference to the Confidential Information; and (iv) the receiving Party is compelled to disclose pursuant to a court order or the requirements of any stock exchange; provided that the receiving Party has given the disclosing Party reasonable notice and opportunity to contest such compulsion to disclose.

18. GENERAL PROVISIONS

19.1 Any notice or demands required or permitted by this Agreement must be in writing and must be sent personally or by facsimile, recognized commercial overnight courier, or pre-paid registered or certified mail. Notices will be addressed as set forth in Exhibit A attached hereto. Any Party may change its address or facsimile for the purposes hereof by written notice to the other Party. Notices will be effective (a) if delivered personally, on the date of delivery; (b) in the case of domestic mail, if transmitted by pre-paid mail, on the date falling seven (7) days after posting, provided that it will be sufficient to show that the envelope

Page 14

CONFIDENTIAL TREATMENT REQUESTED

containing such notice or information was properly addressed and sent by pre-paid post and that it has not been returned to sender to prove that such notice or information has been duly sent; (c) in the case of international mail, if transmitted by prepaid registered air-mail, on the date falling fourteen (14) days after posting; provided that it will be sufficient to show that the envelope containing such notice or information was properly addressed and sent by prepaid post and that it has not been so returned to the sender to prove that such notice or information has been duly sent; and (d) if transmitted by facsimile, on the date of transmission, provided that it will be sufficient to show that the facsimile has been dispatched with the appropriate answer back code received to prove that such facsimile has been duly sent.

19.2 The waiver by either Party of a breach of or a default under any provision of this Agreement will not be construed as a waiver of any subsequent breach of the same or any other provision of this Agreement, nor will any delay or omission on the part of either Party to exercise or avail itself of any right or remedy that it has or may have hereunder operate as a waiver of any right or remedy. No amendment or modification of any provision of this Agreement will be effective unless in writing and signed by a duly authorized signatory of BMI and .

19.3 Neither Party may assign or otherwise transfer any of its rights, obligations or licenses hereunder without the prior written consent of the other Party, which consent will not be unreasonably withheld. Any purported transfer or assignment in violation of this section will be void. Notwithstanding the foregoing, either Party may assign this Agreement without consent (i) to any entity in which the Party has a greater than 50% equity ownership interest or of which the Party has voting control, (ii) to any entity that buys 50% or more of that Party’s stock or all or substantially all of that Party’s assets, or (iii) as part of a merger, reorganization or re-incorporation; provided, however, the non-assigning party may terminate this Agreement upon thirty (30) days’ written notice within sixty (60) days following an assignment. Subject to the foregoing, the provisions of this Agreement will apply to and bind the successors and permitted assigns of the Parties.

19.4 This Agreement will be governed in all respects by the substantive laws of the State of California, United States of America (excluding conflict of laws rules) as applied to agreements entered into and to be performed entirely within the State of California between California residents, without regard to the U.N. Convention on Contracts for the International Sale of Goods. Any dispute regarding this Agreement will be subject to the non-exclusive jurisdiction of the California state courts in and for San Francisco County, California (or, if there is exclusive federal jurisdiction, the United States District Court for the Northern District of California), and the Parties agree to submit to the personal and non-exclusive jurisdiction and venue of these courts.

19.5 understands that BMI is subject to regulation by agencies of the U.S. government, including the U.S. Department of Commerce, which prohibit export or diversion of certain products and technology to certain countries. Any and all obligations of BMI to provide the Product or other materials, as well as any technical assistance, will be subject in all respects to such United States laws and regulations and will from time to time govern the license and delivery of technology and products abroad by persons subject to the jurisdiction of the United States, including the Export Administration Act of 1979, as amended, any successor legislation, and the Export Administration Regulations issued by the Department of Commerce, International Trade Administration, or Office of Export Licensing. warrants that it will comply in all respects with any export and re-export restrictions and obtain an export license (if necessary) for the marketing and distribution of the Product by . Each Party will comply with all applicable laws, rules and regulations in its performance under this Agreement.

Page 15

CONFIDENTIAL TREATMENT REQUESTED

19.6 The relationship of the Parties under this Agreement is that of independent contractors, and no agency, partnership, joint venture, or employment is created as a result of this Agreement and neither nor its agents have any authority of any kind to bind BMI in any respect whatsoever.

19.7 The captions and section and paragraph headings used in this Agreement are inserted for convenience only and will not affect the meaning or interpretation of this Agreement.

19.8 If the application of any provision or provisions of this Agreement to any particular facts of circumstances will be held to be invalid or unenforceable by any court of competent jurisdiction, then: (a) the validity and enforceability of such provision or provisions as applied to any other particular facts or circumstances and the validity of other provisions of this Agreement will not in any way be affected or impaired thereby; and (b) such provision or provisions will be reformed without further action by the Parties, to and only to, the extent necessary to make such provision or provisions valid and enforceable when applied to such particular facts and circumstances; and, in any event, the remainder of this Agreement will remain in full force and effect.

19.9 If any exchange control or other restrictions prevent or threaten to prevent remittance to BMI of any money owed under this Agreement, will immediately notify BMI in writing and follow BMI’s instructions in respect of the money to be paid, including if required, depositing the same with any bank or other person at such location as may be designated by BMI.

19.10 Either Party will be excused from any delay or failure in performance hereunder, except the payment of monies by to BMI, caused by reason of any occurrence or contingency beyond its reasonable control, including but not limited to, acts of God, earthquake, labour disputes and strikes, riots, war, shortages, and governmental regulations. The obligations and rights of the Party so excused will be extended on a day-to-day basis for the period of time equal to that of the underlying cause of the delay; provided that such Party will give notice of such force majeure event to the other Party as soon as reasonably possible.

19.11 Upon the prior written approval of the Parties, the Parties will issue a joint press release announcing the relationship, and agrees to allow BMI to use ’s name in such release, and agrees to participate in such press release by providing favorable comments from an appropriate employee with respect to the Product. BMI agrees to allow to use BMI’s name in such release, and agrees to participate- in such press release by providing favorable comments from an appropriate employee with respect to the Product and BMI’s relationship with . In addition, will be invited to participate from time to time, in its sole discretion, in any press launch event organized by BMI.

19.12 The Parties acknowledge that any breach of certain provisions of this Agreement may cause the other Party irreparable harm and significant injury to an extent that may be extremely difficult to ascertain. Accordingly, both Parties will have, in addition to any other rights and remedies available to it at law or in equity, the right to seek injunctive relief to enjoin any breach or violation of this Agreement.

19.13 The remedies under this Agreement are cumulative and not exclusive of any other rights or remedies whether provided by law or otherwise.

19.14 This Agreement, including the Exhibits attached hereto, constitutes the entire agreement between the Parties concerning the subject matter hereof and supersedes all proposals or prior agreements whether oral or written, and all communications between the Parties relating to the subject matter of this Agreement and all past courses of dealing or industry custom. The pre-printed terms and conditions on any purchase order or other written instrument submitted by either Party will have no force and effect and are hereby rejected. This Agreement may be executed in counterparts, each of which will be deemed an original, but all of which taken together will constitute one and the same instrument.

Page 16

CONFIDENTIAL TREATMENT REQUESTED

IN WITNESS WHEREOF, the Parties hereto have duly executed this Agreement effective as of the Effective Date.


BRIGHTMAIL, INC.

By:		By:

	Signature		Signature
Name:	Mike Irwin	Name:
Title:	VP Finance	Title:
Date:	, 2002	Date:	, 2002

Page 17

CONFIDENTIAL TREATMENT REQUESTED

[Exhibit to Exhibit G - EXHIBIT A]

LICENSE

1.	THE PRODUCT

a. Software: Anti-Spam

b. Services: Rules, Rule Updates, and support services throughout the Term of this Agreement, such Rule Updates to be automatically or, if necessary, manually provided by BMI to End Users utilizing the then in effect BMI general, tested and production grade method for rule distribution. Updates and Upgrades, if any, will be provided to , for ’s subsequent distribution to its End Users. If notifies BMI, in ’s sole discretion, that a particular End User is to be removed from Service (for non-payment or otherwise), BMI will no longer provide Rule Updates to such End User.

c. Any and all Documentation related to the Software and Services.

d. Any and all Marketing Materials and Training Materials.

2.	LICENSES GRANTED TO FOR USE ON ’S MAIL PLATFORM.

Initial Term: 2 years from deployment date of the first End User License Agreement. will provide BMI written notice of such date.

Territory: worldwide, except for Afghanistan, Cuba, Iran, Iraq, Libya, North Koreas, Sudan, Syria and other Embargoed countries as updated by the U.S. government, throughout the term of the Agreement.

Support Servers: BMI will provide with one copy for ’s use in accordance with Section 2.2.

For use on End User’s Sun Solaris operating system, only.

3.	NOTICES. Below is the contact information for the Parties:

If to :

If to BMI:

Attention:

Daphne L. Holly

301 Howard Street, 18^th Floor

San Francisco, CA 94105

Fax: 415 348-9636

Fax:

4.	Relationship Managers:

For Brightmail:

415-365-

email address: @brightmail.com

For :

email address:

CONFIDENTIAL TREATMENT REQUESTED

[Exhibit to Exhibit G - EXHIBIT B]

Minimum Terms and Conditions for End User License Agreements

1.	Third Party Beneficiary. Brightmail, Inc. (“BMI”) shall be a direct and intended third-party beneficiary under this Agreement.

Intellectual Property Rights. The Software is subject to copyright laws and international copyright treaties and is the intellectual property of BMI or its licensors. End User shall not copy, reproduce, use, perform, publicly display or allow access to the Software, shall not distribute the Software, and shall not, nor shall it or permit any third party to modify, adapt, translate or prepare derivative works from the Software, or decompile, reverse engineer, disassemble or otherwise attempt to derive source code from the Software.

Audit. and BMI will have the right, exercisable not more than once every twelve (12) months, to inspect upon reasonable notice and during End User’s regular business hours, End User’s relevant records to verify End User’s compliance with the terms of this Agreement and/or Distributor’s compliance with its obligations to BMI.

NO OTHER WARRANTIES. , BMI, AND/OR THEIR RESPECTIVE SUPPLIERS, PROVIDE THE SOFTWARE, INCLUDING ACCOMPANYING MATERIALS, “AS IS” AND DISCLAIM ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE, WITH RESPECT TO THE SOFTWARE, INCLUDING THE ACCOMPANYING MATERIALS. AND BMI DO NOT WARRANT THAT THE SOFTWARE, INCLUDING ANY OF ITS DOCUMENTATION, ARE ERROR-FREE, THAT OPERATION OF THE SOFTWARE WILL BE SECURE OR UNINTERRUPTED, OR THAT THE SOFTWARE WILL MEET THE REQUIREMENTS OF END USER, AND HEREBY DISCLAIM ANY AND ALL LIABILITY ON ACCOUNT OF ANY OF THE FOREGOING. THE ABOVE LIMITATION SHALL APPLY TO THE FULLEST EXTENT ALLOWED BY APPLICABLE LAW.

LIMITATION OF LIABILITY. IN NO EVENT WILL , BMI OR THEIR RESPECTIVE LICENSORS OR SUPPLIERS BE LIABLE FOR ANY LOSS OF PROFITS, LOSS OF USE, BUSINESS INTERRUPTION, LOSS OF DATA, COST OF COVER OR INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES OF ANY KIND IN CONNECTION WITH OR ARISING OUT OF THE FURNISHING, PERFORMANCE OR USE OF THE SOFTWARE OR SERVICES PERFORMED HEREUNDER, WHETHER ALLEGED AS A BREACH OF CONTRACT OR TORTIOUS CONDUCT, INCLUDING NEGLIGENCE, EVEN IF , BMI OR THEIR RESPECTIVE LICENSORS OR SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN ADDITION, , BMI AND THEIR RESPECTIVE LICENSORS AND SUPPLIERS WILL NOT BE LIABLE FOR ANY DAMAGES CAUSED BY DELAY IN DELIVERY OR FURNISHING THE SOFTWARE OR SAID SERVICES. , BMI AND THEIR RESPECTIVE LICENSORS AND SUPPLIERS LIABILITY UNDER THIS AGREEMENT FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL AND/OR CONSEQUENTIAL DAMAGES OF ANY KIND, INCLUDING, WITHOUT LIMITATION, RESTITUTION, WILL NOT, IN ANY EVENT, EXCEED THE FEE PAID BY END USER TO DISTRIBUTOR UNDER THIS AGREEMENT.

6.	End User Agreements. Require, or have required, by contract, that each End User agree to terms, that are no less restrictive than the End User Agreement (“EUA”), which can be found at

CONFIDENTIAL TREATMENT REQUESTED

http://www.brightmail.com/end_user_agreement.html. Notwithstanding anything contained herein to the contrary, End User will indemnify, defend, and hold BMI harmless from and against any and all claims, losses and liabilities (including reasonable and incurred attorneys’ fees) arising from or otherwise due to a breach or alleged breach by End User of this Section.

7.	Probes. Provide BMI, with , created for , all of which are found on *. The following apply to End User Probes:

i) End User agrees to provide * of all * found on * and * or *, whichever is greater, for BMI’s use in detecting content-related risks and for use in BMI’s internal research and development efforts.

ii) BMI will receive the End User Probes from End User within * of the Effective Date of the agreement between End User and .

iii) , End User and BMI will consider the End User Probes Confidential Information, notwithstanding anything contained herein to the contrary. The Parties’ obligations of confidentiality pertaining to the End User Probes will remain in effect for a period of * after the termination date of this Agreement. End User may not themselves, or through a third party, use the End User Probes for any purpose without the express written consent of BMI.

End User specifically warrants that it will not process Spam in such a way as to negatively impact the Product, as determined by BMI in its sole discretion. Specifically, End User agrees that if it chooses to delete Spam instead of offering its Customers BMI’s Gray Mail Service, End User will not send any error-type messages to the senders of the Spam, notifying them that the Spam did not reach Customer(s), or otherwise alerting the sender of Spam to the presence of the Product. In addition, End User also agrees to defend, indemnify, and hold BMI harmless from any third-party suit (including suits brought by Customers) if End User deletes Spam without giving its Customer(s) a reasonable chance to review the Spam.

CONFIDENTIAL TREATMENT REQUESTED

[Exhibit to Exhibit G – EXHIBIT D PRODUCT SUPPORT]

shall be responsible for taking first call from End Users (“First Line Support”) and shall not refer any End User callers to Brightmail. Brightmail shall be responsible for providing back up technical support (“Second Line Support”) to . Support/maintenance shall start upon product acceptance by the End User. Support/maintenance fees shall be payable to Brightmail if and only if the End User contracts for support from . Brightmail’s support/maintenance fees for Second Line Support to are set forth in Exhibit B.

2	The parties agree to use the following procedure to resolve support/maintenance problems with respect to the Product:

2.1

will first attempt to isolate the source and nature of the problem using resources reasonably at its disposal. If investigation indicates the problem may be caused by a fault in the Product, will collect pertinent information necessary for resolution, and use commercially reasonable efforts to resolve the problem. If can not resolve the problem, it will collect the pertinent information that may assist and expedite resolution, and then report the problem and information by telephone or in writing (email accepted) to Brightmail as set forth herein.

2.2

Brightmail and shall reasonably and in good faith assign a priority to the problem. Brightmail shall use commercially reasonable efforts in responding to the problem with a Product workaround or patch, closing the problem with a Product update or upgrade, and reporting status, as follows:


Priority	Log Call	Response Time	Closure Time	Status Report
		(Work Around)	(Product Fix)
Critical	2 Hours	Two (2) Business Days	Ten (10) Business Days	Weekly, Daily for escalated sites

Non-Critical	24 Hours	Eight (8) Business Days	First Major or Minor At Product Release after ’s the next Thirty (30) request Business Days

It is recognized by (2) Business Days that such level of effort will not always result in a problem’s resolution according to the above timetable. For the purpose of this paragraph: “Critical” shall mean use of the Product is severely impacted or stopped; “Non-Critical” shall mean use of the Product is ongoing; and “Business Day” shall mean a day during which Brightmail conducts its regularly scheduled business operations, excluding holidays observed by Brightmail.

CONFIDENTIAL TREATMENT REQUESTED

2.3.

Brightmail will provide the following Product support/maintenance services to at no additional charge to fees stated in Exhibit B:

2.3.1

Access to Brightmail’s technical support personnel for problem resolution. Said personnel shall be available for telephone contact Monday – Friday, 8 a.m. to 5 p.m. PST time, on normal business days. Brightmail shall also make available, on a twenty-four (24) hour three-hundred-sixty-five (365) days per year basis, a means of reporting errors or failures in the Product, by electronic mail, or voice mail;

2.3.2

The right to use the software for support/maintenance purposes at no charge. Brightmail shall provide one (1) copy of each Product purchased and or licensed by and may copy such Product, object code only, but only for the purpose of providing End User support/maintenance;

2.3.3

One (1) copy of the user manuals and/or Product documentation made generally available to other resellers or End-Users for all Product purchased and or licensed by , may copy such Product documentation, but only for the purpose of providing End User support/maintenance;

2.3.4

One (1) copy of all available or released support documentation (e.g., technical bulletins and data sheets) made generally available to other resellers or End-Users for all Product purchased and or licensed by , may copy such support documentation, but only for the purpose of providing End User support/maintenance;

2.3.5

Access to any electronic technical bulletin board or “web page” containing the above information;

2.3.6

One (1) copy of all Product workarounds, patches and corrections and/or access to the same through an electronic means and the right to distribute to End-Users which has under a current support/maintenance contract;

2.3.7

One (1) copy of all updates/upgrades and/or access to same through an electronic means and the right to distribute to End-Users which has under a current support/maintenance contract; and

2.3.8

Support of the current release/version of the Product, and support of one (1) release/version back, for a period not to exceed 12 months from the date of the release of the current release/version. For example, the current release upon signing of the Agreement is release 3.0. Brightmail’s obligation of Support will not be for any versions earlier than 2.1.

2.4

Brightmail’s obligations to provide service and resolve problems under this section shall extend only to such problems duly reported by and which Brightmail, using reasonable efforts, is able to duplicate.

2.5

Brightmail agrees to give one-hundred-twenty (120) days prior notice of Product discontinuance. Brightmail will support products obsoleted for a period of one (1) year after Product discontinuance.

CONFIDENTIAL TREATMENT REQUESTED

EXHIBIT H

REDACTED VERSION OF THE AGREEMENT AS OF THE AMENDED DATE FOR

NOTICE TO

RESELLERS OF REQUIREMENT TO COMPLY WITH TERMS

CONFIDENTIAL TREATMENT REQUESTED

AMENDED AND RESTATED

SYMANTEC SERVICE PROVIDER AGREEMENT

In consideration of the mutual covenants which follow, Symantec and Brightmail agree:

XI.

DEFINITIONS

The capitalized terms below shall have the following meanings when used in this Agreement:

“Amended Date” means the date on which the original Agreement was amended and restated, which is March 28, 2003.

“Americas” means both North America and South America geographical regions.

“AsiaPac/EMEA” means both the Asian Pacific rim countries and EMEA which consists of Europe, Middle East and Africa geographical regions.

CONFIDENTIAL TREATMENT REQUESTED

being scanned and protected using the Licensed Product, or as an email address, or an account that is subscribing to, the Licensed Product, which is active at any time during the Term or as determined by an alternative definition which was approved in writing by Symantec prior to the Effective Date and specifically detailed on Exhibit B.

“Documentation” means written guides describing the use and operation of the Licensed Product provided by Symantec to Brightmail.

“Effective Date” means July 1, 2002.

CONFIDENTIAL TREATMENT REQUESTED

“Minimum Commitment” means both the Minimum Commitment Payments for Existing Business and the Minimum Commitment Payments for New Business, as outline in Exhibit A, under Section III.2.

CONFIDENTIAL TREATMENT REQUESTED

“Term” means the time period in which the arrangement between the Parties is in place, as determined and defined in Section IX of the Agreement.

“Territory” means world-wide.

XII.

BRIGHTMAIL OBLIGATIONS

1. Other Products.

2. Term or Subscription License, Reseller Rights.

3. No Further Sublicensing.

XIII.

GRANT OF LICENSE AS SERVICE PROVIDER FOR SERVICES

CONFIDENTIAL TREATMENT REQUESTED

1. Internal Use.

2. Service Provider Use.

CONFIDENTIAL TREATMENT REQUESTED

3. Evaluation Licenses.

4. Restrictions Applicable to License Grants.

CONFIDENTIAL TREATMENT REQUESTED

XIV.

PRICES, PAYMENTS, AUDIT AND ORDER PROCEDURE

CONFIDENTIAL TREATMENT REQUESTED

2. Payment Terms.

b. Currency and Place of Payment. +

3. Audit and Records.

(+)	Denotes text that was intentionally made illegible in the original agreement.

CONFIDENTIAL TREATMENT REQUESTED

XV.

NOTIFICATIONS AND REPORTING

1. Notification. Brightmail will notify Symantec in writing of any claim or proceeding involving Licensed Product(s) and/or the BMI Service within ten (10) days after Brightmail learns of such claim or proceeding. Brightmail will report promptly to Symantec all claimed or suspected product defects in the Licensed Product. Brightmail will also notify Symantec in writing not more than thirty (30) days after any change in control of Brightmail or any transfer of more than twenty-five percent (25%) of Brightmail’s voting control or a transfer of substantially all its assets.

2. Reporting. At the end of every calendar quarter, Brightmail agrees to provide Symantec with a preliminary quarterly report in the same format as the Regional Report, as detailed below, for the estimated total number of Authorized Users as totaled on the last Friday of the calendar quarter under (i) New Business, with a break out of the subtotal for the Converted Business and Evaluations, and (ii) Existing Business with a break out for the subtotal for Enterprises. In addition, Brightmail agrees to furnish Symantec with a final total quarterly “sell through” report in an electronic format but in Excel only, meeting all the content and format requirements set forth in Exhibit E, attached hereto and incorporated by reference: (i) by Authorized Sublicensee, showing the names of each Authorized Sublicensee, and if through a Reseller, categorized by Reseller with the name and address of each Reseller, and the number of Authorized Users for each Authorized Sublicensee; (ii) reporting each geographic country and by region which consists of the (a) Americas for Symantec Corporation, and (b) AsiaPac/EMEA for Symantec Limited; (iii) the total number of Authorized Users as totaled on the last Friday of the calendar quarter shall also be set forth under (a) New Business, with a break out of the subtotal for the Converted Business and Evaluations, and (b) Existing Business per Authorized Sublicensee and with a break out for the subtotal of Enterprises per Enterprise; and (iv) the total of Internal Users (the “Regional Report”). The final Regional Report is due no later than thirty (30) calendar days from the end of the last Friday of the previous calendar quarter. While Brightmail shall require Authorized Sublicensees and Resellers to comply with the Regional Report requirements in all New Business and all extensions or renewals of Existing Businesses, Brightmail shall use reasonable commercial efforts to obtain the by country reporting for the Regional Report for all Existing Business.

XVI.

SUPPORT

XVII.

NON-DISCLOSURE

1. Agreement.

Both Parties covenants and agrees not to disclose the terms of this Agreement or any other details as to its relationship with the other to any third party without Symantec’s prior written consent.

CONFIDENTIAL TREATMENT REQUESTED

2. Confidential Information.

XVIII.

TERM OF AGREEMENT

CONFIDENTIAL TREATMENT REQUESTED

XIX.

TERMS AND CONDITIONS

1. Restrictions on Use.

d. Trademarks, Trade Names and Copyrights.

CONFIDENTIAL TREATMENT REQUESTED

2. Disclaimer of Warranties; Limitation of Liability and Related Matters.

CONFIDENTIAL TREATMENT REQUESTED

c. No Warranty. Brightmail will make no warranty, guarantee or representation, whether written or oral, on Symantec’s behalf.

3. Limitation of Liability.

CONFIDENTIAL TREATMENT REQUESTED

4. Compliance with Law.

5. Indemnification.

CONFIDENTIAL TREATMENT REQUESTED

6. Termination.

d. Effect of Termination.

CONFIDENTIAL TREATMENT REQUESTED

7. Survival of Warranties and Covenants.

8. Relationship of the Parties.

9. General.

CONFIDENTIAL TREATMENT REQUESTED

f. Waiver. The waiver or failure of Symantec to exercise in any respect any right provided for in this Agreement shall not be deemed a waiver of any further right under this Agreement.

i. Authority. Each Party warrants that the person signing below is authorized to bind that Party to this Agreement.

j. Counterparts. This Agreement may be signed in counterparts and delivered by facsimile, each of which will be deemed an original.

CONFIDENTIAL TREATMENT REQUESTED

IN WITNESS WHEREOF, the Parties hereto have caused this Agreement to be executed on the date set forth below.


Brightmail

Signature:		/s/ Michael Irwin

Print
Name:		Michael Irwin
Title:		Chief Financial Officer
Date:		March 28, 2003
Address:		301 Howard Street, Suite 1800
		San Francisco, CA 94105


Symantec Corporation

Signature:		/s/ Dieter Giesbrecht

Print
Name:		Dieter Giesbrecht
Title:

Date:		March 28, 2003
Address:		20330 Stevens Creek Blvd.
		Cupertino, CA 95014


Symantec Limited

Signature:		/s/ Art Courville


Print Name:		Art Courville
Title:		Sr. VP, General Counsel
Date:		March 28, 2003
Address:		Ballycoolin Industrial Park,
		Blanchardstown, Co. Dublin 15, Ireland

CONFIDENTIAL TREATMENT REQUESTED

EXHIBIT “A”

I. PRICES AND LICENSED PRODUCTS:

1. Existing Business:


Licensed Product		Price Per Authorized User for Existing Business other than Enterprise (which is per the Enterprise Schedule below).


	Number of Authorized Users	$/Authorized User (i.e. Mailbox/year)
NAV API, Windows
2000 and Solaris	0 - 99,999	+
	100,000-499,999	+
	500,000-999,999	+
	1,000,000-1,999,999	+
	2,000,000-3,999,999	+
	4,000,000-5,999,999	+
	6,000,000+	+

2. Enterprise:

Price per Enterprise Schedule


Number of Mailboxes		$/Authorized User (i.e. Mailbox) /Year
0-1,999		+
2,000-4,999		+
5,000-9,999		+
10,000-24,999		+
25,000-49,999		+
50,000-99,999		+
100,000 plus		+

(+)	Denotes text that was intentionally made illegible in the original agreement.

CONFIDENTIAL TREATMENT REQUESTED

The Price per Enterprise for each Authorized Users (also referred to as “Mailboxes” under the Prior Agreement) with access to the Service is based upon the total number of Authorized Users on a per Enterprise basis. For example, if an Enterprise has 30,000 Authorized Users, Brightmail would pay Symantec $150,000 ($5/Mailbox/year). If that same Enterprise increased its number of Authorized Users by 5,000 additional Authorized Users, Brightmail + per the terms of this Agreement.

Payment for a minimum of * Authorized Users is required per Enterprise.

3. New Business:


Licensed Product		Price Per Authorized User for New Business
NAV API		+

For example, upon the Effective Date, +

II. PURCHASE ORDER:

(+)	Denotes text that was intentionally made illegible in the original agreement.

CONFIDENTIAL TREATMENT REQUESTED

III. PAYMENT SCHEDULE AND REPORTING:

1. General

2. Minimum Commitment Payments.

For the first three (3) quarters after the Effective Date, a Minimum Commitment of + for each calendar * shall apply to the Existing Business. In terms of New Business, the Minimum Commitment Payment is the * payable over * for the Term of the Agreement, in the amount of + per calendar *, starting on the Effective Date of this Agreement. The Minimum Commitment Payment for the additional licenses added as of the Amended Date is payable initially on an * basis for the first year, starting on the Amended Date; and then thereafter, unless not renewed per the terms of Section IX, is paid *, starting March 26^th, 2004 until the end of the Term of the contract. The Minimum Commitment Payments shall be due in full according to the Minimum Commitment Payment schedule set forth below.

*	Only the * payments indicated by asterisks will be on payment terms of * days from the following , & * all other payments set forth above will remain as stated herein.

3. Reporting and Payments for the Price In Excess of the Minimum Commitment Payments.

(+)	Denotes text that was intentionally made illegible in the original agreement.

CONFIDENTIAL TREATMENT REQUESTED

existing Authorized User total, and shall be payable *. The Regional Report showing the Authorized User total for each * and the calculations of Payments due based on such totals shall be due from Brightmail within + days after the end of each calendar * during the Term for the *. Brightmail shall only be required to remit Payments for the Price so calculated to the extent that such Payments exceed the amount of any * portion of the Minimum Commitment Payment actually paid with respect to the applicable calendar * (the “Existing Business Adjustment”). Brightmail shall remit the amount of any Payments due as shown on each Regional Report with the Regional Report. In no event will the amount by which any Minimum Commitment Payment exceeds the actual Payment due calculated on the number of Authorized Users be refunded or carried over to any subsequent *.

(ii) * and Incremental *. Incremental * at the Price indicated above must be purchased for any Authorized Users exceeding the number of Authorized Users indicated under a * and shall be due per the payment terms above. A Regional Report showing the Authorized User total for New Business, as totalled on the last Friday of the calendar * and the need for the purchase of an Incremental License based on the actual number of Authorized Users shall be due from Brightmail within + days after the end of each calendar * during the Term for the preceding calendar *. Brightmail shall only be required to purchase an Incremental License and remit Payments for the Price of the Incremental License so calculated to the extent that such actual number of Authorized Users exceeds the total of the * actually paid with respect to the applicable calendar *. Brightmail shall remit the amount of any Payments due as shown on each Regional Report with the Regional Report. Minimum Commitment Payments payable at the end of each * based on the Payment schedule set forth above will be applicable for that * only of the Term. In no event will the amount by which any * Payment or any additional Payment for an Incremental * exceeds the actual number of Authorized Users in any given * or * or * be refunded or carried over to any subsequent time period. In addition, the additional Payment for the Incremental * is prorated for the period remaining in any * payment period and only applies to that co-terminus * period.

IV. TERRITORY

The Territory shall be Worldwide.

V. SUPPORT

(+)	Denotes text that was intentionally made illegible in the original agreement.

EXHIBIT “B”

ALL PRIOR APPROVED ARRANGEMENTS WITH A UNIQUE DEFINITION OF

AUTHORIZED USER APPROVED PRIOR TO THE EFFECTIVE DATE


Name of Authorized Sublicensee	Effective Date of Agreement with Brightmail	Ending Date of Agreement with Brightmail	Approved Definition of Authorized User	Date Approved and Symantec Person Approving
+	+	+	+	+
+	+	+	+	+
+	+	+	+	+
+	+	+	+	+
+	+	+	+	+
+	+	+	+	+

(+)	Denotes text that was intentionally made illegible in the original agreement.

CONFIDENTIAL TREATMENT REQUESTED

EXHIBIT “C”

SERVER SECURITY REQUIREMENTS

[GRAPHIC]

Information Technology

Security Requirements for ISPs and ASPs Providing Services on Behalf of Symantec

Revised December 3^rd, 2001

Version 1.4

CONFIDENTIAL TREATMENT REQUESTED

TABLE OF CONTENTS


1. Network-Level Requirements		2
2. Operating System-Level Requirements		2
3. Application-Level Requirements		3
4. Use of Encryption		3
5. Audit Requirements		3

Revision history:


Date	Author	Description
17/11/00	*	-Updated format -Updated BS 7799 reference (now ISO Recommendation 17799) -Updated phone number for Tim Mather
1/1/01	*	-Updated logos -Andersen Consulting now Accenture
3/13/01	*	-Added section on use of encryption
9/22/01	*	-Revisions to requirements in all sections

Page 1

CONFIDENTIAL TREATMENT REQUESTED

Introduction

There are five (5) sets of requirements for providing services to, or on behalf of, Symantec. Those requirements are:

1.	Network-Level Requirements: Vendor shall have * addresses network-level requirements * dealing with issues such as *

1.1. * shall be used to protect * Symantec information. *.

1.2. *.

1.3. *.

2.	Operating System-Level Requirements: Vendor shall have * addresses operating system-level requirements, , dealing with issues such as

2.1. *.

2.2. *.

2.3. Operating system(s) * shall *.

2.3.1.

2.3.1.1. *.

2.3.1.2. *.

2.3.1.3. *

2.4. Vendor shall have *.

2.5. Service provider shall have *.

3.	Application-Level Requirements

3.1. *.

3.2.

Service provider shall have a documented *, and shall adhere to application vendor’s recommendations for “best practices”.

4.	Use of Encryption

4.1. Encryption shall be used under the circumstances listed below.

4.1.1.

4.1.1.1. *.

4.1.1.2. *.

4.1.2.

4.1.3.

5.	Compliance Verification Requirements

5.1. Service provider shall *.

5.1.1.1. * shall be:

5.1.1.1.1.*, or

5.1.1.1.2.*, or

5.1.1.1.3.*.

5.2. Small contracts

5.2.1.

Vendors whose contracts are less than * with Symantec may chose * to fulfill * verification of all security requirements.

*Questions concerning these requirements should be directed to *, Symantec’s Director of Information Security. He can be reached at *.

Page 2

CONFIDENTIAL TREATMENT REQUESTED

[GRAPHIC]

EXHIBIT “D”

Guidelines for Using Symantec’s Trademark/Logo

Brightmail or Authorized Sublicensee shall use Symantec’s Trademark/Logo in accordance with these guidelines made by Symantec concerning the appearance, placement or use of the Trademark/Logo.

Brightmail or Authorized Sublicensee shall:

(p)	use only approved Trademark/Logo artwork provided by Symantec;

(q)	not display the Trademark/Logo more prominently, or larger than, or before the Brightmail or Authorized Sublicensee’s company name/logo and product name/logo, wherever displayed;

(r)	not refer to Brightmail or Authorized Sublicensee’s products in which the Trademark/Logo is referenced as “Symantec software” or imply that Symantec produced, endorsed, or supports the Brightmail or Authorized Sublicensee’s Products;

(s)	not display the Trademark/Logo in a manner or location disparaging to Symantec;

(t)	not display the Trademark/Logo in any publication or on a web site that is pornographic, violent in nature, is in poor taste or unlawful, or which has a purpose or objective of encouraging unlawful activities;

(u)	not use the Trademark/Logo as a possessive or in the plural form;

(v)	use the Trademark/Logo as an adjective followed by generic descriptors;

(w)	include a ^TM symbol after the first or most prevalent use of the Trademark/Logo on each page in which it appears, and attribute the Trademark/Logo as a U.S. trademark of Symantec Corporation in a legend on packaging, splashscreens, web pages, and other materials where the Trademark/Logo appears;

(x)

(y)	not use the Trademark/Logo in connection with any product competing with a Symantec product, including, without limitation, the sale or advertisement thereof;

(z)	supply Symantec with suitable specimens of Brightmail or Authorized Sublicensee’s use of the Trademark/Logo at any time upon reasonable notice from Symantec; and

Page 3

CONFIDENTIAL TREATMENT REQUESTED

(aa)	comply with Symantec’s request to correct, remedy, or discontinue any use by Brightmail or Authorized Sublicensee of the Trademark/Logo which is determined by Symantec to be improper under these Guidelines.

(bb)	The following suggestions and guidelines will help to make the review and approval process of marketing material more effective and timely.

To help expedite the approval process, Brightmail’s marketing can:

•

Follow our “Guidelines for Using Symantec’s Trademark/Logo”, see attached document (Guidelines for Using Symc Tmdemarks.Logos.053102.doc), also exhibit D in the contract.

•

Follow guidelines as set forth in the contract, see Terms and Conditions, section d.

(cc)	The following Trademarks and footnotes are to be used:

[GRAPHIC]

Trademark/Logo footnote:

Symantec and the Symantec logo are U.S. registered trademarks of Symantec Corporation. Powered by Symantec^TM is a trademark of Symantec Corporation.

Page 4

CONFIDENTIAL TREATMENT REQUESTED

(dd)	The following phrases are approved by Symantec for use in the following manner:

The following examples are approved for use by Brightmail:

With Brightmail AntiVirus, powered by Symantec^TM, you can feel secure that all your e-mail is protected.

The Brightmail Anti-Virus Solution, powered by Symantec^TM anti-virus technology, protects users from the increased threat of infection via email.

The following examples are approved “powered by Symantec” messages relevant to Authorized Sublicensees of Brightmail:

When a virus threat occurs, experts at Symantec Security Response deliver to Brightmail the anti-virus definitions, services and response to combat the outbreak.

Brightmail’s proprietary Anti-Spam technology and Brightmail’s Anti-Virus technology, powered by Symantec, together filter out spam and viruses at the gateway.

Page 5

CONFIDENTIAL TREATMENT REQUESTED

EXHIBIT “E”

“REPORTING REQUIREMENTS”

(viii) Basic Licensee Information. Report should indicate Brightmail’s corporate name and corporate address, indicating a contact person if there are any questions.

(ix) Identify Authorized Sublicensees. Provide corporate name of the Authorized Sublicensees of the BMI Service as well as those provided by the Reseller. Also provide the name (and if possible, address) of the Reseller.

(x) First Date of Use of the Licensed Product as incorporated into the BMI Product Date. Indicate First Date of Use each Authorized Sublicensee initially signed up for the Service, how long of a term the contract between Brightmail and the Authorized Sublicensee is for, and indicate the total of new Authorized Users for the calendar quarter by Authorized Sublicensee.

(xi) Authorized User Information. Indicate how many Authorized Users are active by the last Friday in each calendar quarter time period per Authorized Sublicensee. How Authorized User is being defined with each Authorized Sublicensee. The Minimum Commitment and number of Authorized Users by which the Minimum Commitment is exceeded.

(xii) Excel Format. All reports should be in Excel format and indicate the final net amount to be received from the Authorized Sublicensee.

(xiii) Regional reporting as outlined in the Agreement under Section V.2 As this is an international contract, the reporting must also be by geographic country so that Symantec can properly account for tax purposes.

(xiv) Brightmail has provided a mock report which is attached hereto as Exhibit E-1 and obtain Symantec’s written approval of the format of such report.

Page 6

CONFIDENTIAL TREATMENT REQUESTED

Exhibit E-1

Page 1

Brightmail, Inc.

301 Howard Street

San Francisco, CA 94105

contact: *

phone: *; email *

* Preliminary Royalty Report

CONFIDENTIAL TREATMENT REQUESTED

Authorized
Service
Provider

Customer
Type

Definition
of
Authorized
User

Region

Acceptance
Date

Contract
End Date

EULA
Term
in Months

Royalty Rate

* Royalty

Feedback
Notes

Users

Minimum
Commitment
or
Authorized
Users

Effective
Rate

Proration

Est.
royalty

XSP

Americas

11/15/2001

New

XSP

Americas

8/12/2002

New

minimum

ENT

Americas

9/28/2001

Converted

minimum

ENT

Americas

9/12/2001

Converted

minimum

ENT

Americas

7/1/2001

Converted

minimum

XSP

Asia/EMEA

3/1/2002

Converted

minimum

XSP

Americas

12/31/2001

Converted

minimum

XSP

Americas

3/4/2002

Converted

minimum

XSP

Americas

12/31/2001

Converted

XSP

Americas

10/17/2001

Converted

XSP

Americas

9/28/2001

Converted

minimum

XSP

Americas

12/27/2001

Converted

minimum

XSP

Americas

12/1/2001

Converted

XSP

Asia/EMEA

4/30/2002

Existing

minimum

XSP

Asia/EMEA

1/1/2002

Existing

minimum

XSP

Asia/EMEA

2/1/2002

Existing

est based
on Q2 AU

Minimum Commitment Payment

Additional Amount Due

XSP

Americas

5/16/2002

Existing

XSP

Americas

5/1/2001

Existing

minimum

XSP

Americas

5/1/2001

Existing

minimum

XSP

Americas

3/1/2001

Existing

minimum

XSP

Americas

12/7/2001

Existing

XSP

Asia/EMEA

1/1/2002

Existing

minimum

XSP

Asia/EMEA

1/1/2002

Existing

minimum

XSP

Asia/EMEA

7/29/2002

New

minimum

XSP

Asia/EMEA

7/15/2002

New

minimum

XSP

Americas

3/5/2002

Existing

minimum

XSP

Americas

3/1/2001

Existing

minimum

XSP

Americas

3/15/2002

Existing

minimum

XSP

Americas

12/17/2001

Existing

minimum

XSP

Americas

5/17/2001

Existing

minimum

XSP

Americas

8/20/2001

Existing

XSP

Americas

3/1/2002

Existing

minimum

XSP

Americas

5/20/2002

Existing

minimum

XSP

Americas

3/1/2002

Existing

minimum

XSP

Americas

12/31/2001

Existing

minimum

XSP

Americas

4/1/2002

Existing

XSP

Americas

12/21/2001

Existing

XSP

Americas

1/17/2001

Existing

minimum

ENT

Americas

12/20/2001

Existing

ENT

Americas

4/1/2002

Existing

Minimum Commitment Payment

Additional Amount Due

ENT

Americas

ENT

Asia/EMEA

XSP

2/1/2001

Audit Adjusted

XSP

6/1/2001

Audit Adjusted

XSP

3/9/2001

Audit Adjusted

Page 2

CONFIDENTIAL TREATMENT REQUESTED

Exhibit “F”

The following Converted Business will be included under the * at the royalty rate indicated in Exhibit A as Existing Business.


Authorized Sublicensee	First Date of Use	Contract End Date	AV Pricing	No. of months in Term of Authorized Sublicensee’s contract	Royalty Rate
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+
+	+	+	+	+	+

(+)	Denotes text that was intentionally made illegible in the original agreement.

*	Both approved by an officer of Symantec as an exception to the * requirement.

Page 1

CONFIDENTIAL TREATMENT REQUESTED

EXHIBIT G

DISTRIBUTION AGREEMENT

WHEREAS, BMI develops and licenses client/server software, and hosts software related services, including but not limited to, software and services that reduce or eliminate Spam;

19. DEFINITIONS

19.1	“Affiliate” means any entity in which has a greater than fifty-percent (50%) equity ownership interest in or which has voting control over, or any entity which owns a greater than fifty-percent (50%) equity ownership interest in or which has voting control over .

19.2	“Agreement” is this Distribution Agreement entered into by the Parties, together with all and any Exhibits attached hereto and made a part hereof, and all and any amendments or modifications made hereto pursuant to mutual written agreement of the Parties.

19.3	“Application Service Provider” or “ASP” is an entity that provides application services remotely for a fee or other consideration to its Customers, none of whom are under the ASPs immediate employ or the employ of any parent, or subsidiary.

19.4	“BMI Trademarks” are the trademarks, logos and trade names of BMI which may be registered or unregistered and include, but are not limited to, those BMI Trademarks set forth at http://www.brightmail.com/trademark.html.

19.5	“Customer(s)” is the individual that subscribes to the End Users’ email services; or the total number of Mailboxes existing on the End Users’ email system and/or that have access to the Services

19.6	“Documentation” is BMI’s standard system administrator documentation that outlines the system architecture and its interfaces of the Product, including comprehensive guides on installation and operations, and on application program interfaces (“API”).

19.7	“End User (s)” is the ISP, ASP or Enterprise customer that upon executing an End User License Agreement, obtains a license for the Software and Services for its own internal use with Internet services or online application services for the benefit of its End Users.

19.8	“End User License Agreement” is the license and service agreement between an End User and that governs the End User’s rights and restrictions in use of the Product and in receiving

Page 1

CONFIDENTIAL TREATMENT REQUESTED

the benefit of the Services, and that contains substantially the minimum terms and conditions detailed in the attached Exhibit B.

19.9	“Enterprise” individually and collectively the entities other than ISPs and ASPs that procure Services for internal use in conjunction with the entities’ internal needs for the benefit of its employees, agents, and contractors.

19.10

19.11

“Internet Service Provider” or “ISP” is an entity that provides Internet access and messaging services for a fee or other consideration to its End Users, none of whom are under its immediate employ or the employ of any parent, or subsidiary.

19.12

“Mailbox(es)” is an area in memory in a storage device where email is placed and/or stored, i.e., an email address. An individual End User may have one or many Mailboxes.

19.13

“Marketing Materials” are sales and marketing collateral including but not limited to: sales presentations, datasheets, white papers, press releases, industry articles, benchmark test reports, competitive evaluations, and customer testimonials.

19.14

“Product” or the “Brightmail^{^®} Solution Suite” comprises the Software, including Updates and Upgrades thereto, if any, the Services and the Documentation, as more fully described in Exhibit A, attached hereto and made a part hereof.

19.15

“Rules” are explicit, conditional statements, or criteria, that are created and used by BMI to detect and filter Spam (as defined below), and are made available by BMI to ’ or directly to End Users solely as part of the Services.

19.16

“Rule Update (s)” are modifications and revisions to the Rules made available by BMI to or directly to End Users as part of the Services.

19.17

“Server(s)” are a combination of Software, hardware, processes and functions and that are collectively used to filter the incoming mail of End Users. Servers are set up to divert, reject, or discard Spam.

19.18

19.19

“Service Provider(s)” are ASPs and ISPs, collectively.

19.20

19.21

“Sale” and /or “Sell” means the distribution of the Software to the End User. All Software sold to the End User will be pursuant to a End User License Agreement

Page 2

CONFIDENTIAL TREATMENT REQUESTED

19.22

“Territory” means the territory comprising the countries described in Exhibit A attached hereto.

19.23

19.24

19.25

“Upgrade(s)”are any major revisions to the Software, which adds significant new functionality, if and when released by BMI, in its sole discretion. Upgrades are designated by an increase in the Software’s release number, located to the left of the decimal point (e.g., Product 1.x to Product 2.0). The term Upgrade specifically excludes any software marketed and licensed by BMI as a separate product.

20. APPOINTMENT; GRANT OF RIGHTS

20.1 Subject to the terms and conditions contained in this Agreement, BMI hereby appoints as an authorized distributor of the Product and hereby accepts such appointment. Subject to the terms and conditions of this Agreement, BMI grants to for the duration of the Term (as defined below), a non-exclusive, revocable, royalty-bearing, license (“License”) to market and distribute the Product to End Users, specifically, ISPs, ASPs, and/or Enterprises, within the Territory and that are using the Solaris operating system. The parties understand and agree that pricing, as provided herein, is dependent on the End User type, e.g., ISP, ASP or Enterprise, and the manner in which the End User will pay for the Product, e.g., for all Customers existing on its email services or for those Customers receiving the benefit of the Services. will report the End User type and the manner in which the End User is paying for the Product to BMI as provided in Section 6, 9, and Exhibit C, herein. will provide the Product to End Users pursuant to an End User License Agreement. may distribute the Product directly, or indirectly via its authorized resellers (each a “Reseller”). may appoint one (1) or more persons to act as a Reseller, provided that has written agreements with each such Reseller containing terms protecting BMI and its proprietary Product to the same extent as provisions relies on to protect its own products (“Reseller Agreement”). will take all reasonable measures to enforce such provisions in favor of BMI to the same extent that it would enforce such Reseller Agreements on its own behalf. may only grant Resellers the right to make sales to End Users. Each Reseller Agreement will contain provisions making BMI a direct and intended third party beneficiary of such Reseller Agreement, such that BMI may enforce its proprietary and intellectual property rights against any of ’s End Users and Resellers.

20.2 In connection with ’s sale and distribution of the Products to End Users, BMI will be solely responsible for the delivery of the Services to End Users, directly, and BMI agrees to provide the Services in accordance with the same policies and procedures that it uses to provide the Services to its own direct customers and licensees. will have no right or license to distribute, display or otherwise make available the Rules or Rule Updates. Brightmail may, at its sole discretion, and subject to the then-current fee, if any, and subject to certain restrictions, allow to distribute the Rules or Rule Updates to its End Users.

Page 3

CONFIDENTIAL TREATMENT REQUESTED

20.3 BMI will deliver to one (1) master copy of the Software in machine executable object code format together with BMI’s labeling and Documentation artwork data files, in electronic format. Subject to the terms and conditions of this Agreement, BMI grants to a nonexclusive, non-transferable, royalty-free right and license to copy the Software in machine executable object code format only and to copy the Documentation for incorporation in documentation for distribution to Resellers or End Users in accordance with the terms and conditions of this Section. Any use of BMI’s trademarks, trade names or logos will be in accordance with Section 8 below.

20.4 Subject to terms and conditions of this Agreement, BMI grants to for the duration of the Term a non-exclusive, revocable, royalty-free and fully paid up, non-transferable license to install and use copies of the Software solely for internal, non-commercial use, including, by way of example, development, support, testing and customer care services (“Support License”). This Support License may be used at any of ’s facilities where needed, and, on a royalty-free basis. BMI will provide any Rule Updates, Updates and Upgrades as commercially made available for these Support Licenses.

20.5 BMI hereby grants to a non-exclusive, royalty-free license, at its sole expense, to translate the Documentation, Training Materials, and Marketing Materials for distribution with the Product to non-English speaking countries. As between and BMI, will be solely responsible for any and all liability that results directly from the translation of the materials to any language other than English. If during the term, BMI desires to obtain a translated version, BMI will notify of such in writing, and following reimbursement by BMI of half (¹/₂) of ’s cost in translating the materials into the requested language, will make the translated versions available to BMI for its unrestricted use.

20.6 With each potential End User, may offer a one-time evaluation license to that potential End User, provided the evaluation extends for no more than sixty (60) days, unless obtains BMI’s prior written permission. Such evaluation will be conducted at no charge to the End User, and will only be used as a lead into the attempted sale of licenses in accordance to the terms and conditions herein.

20.7 Distributor may describe itself as the authorized distributor for the Product in the Territory, but will not hold itself out as an agent, representative, partner or joint venture partner of BMI or being in any other way connected with BMI. Distributor will at all times be an independent contractor.

20.8 Each party will appoint a representative as a relationship manager who will be the primary contact for implementing and administering the terms and conditions of this Agreement (“Relationship Managers”). The Relationship Managers will be those people set forth on Exhibit A and will meet, either in person or via teleconference at least monthly and at mutually agreeable times to review and coordinate sales efforts, review ’s marketing/sales strategies, review End Users’ response to the Services and address other topics related to the successful support of the Products.

21. RESTRICTIONS

21.1 will not use, apply or otherwise deal with the Product for any purpose other than the purpose set out in Section 2.1 of this Agreement. will not decompile, reverse engineer, disassemble, reconstruct, tamper with or otherwise determine, or attempt to derive, reconstruct or discover the source code for the Product or any part thereof, or modify or create or attempt to create any derivative works from or based on the Product, nor will authorize, permit, or assist any End User or anyone else to do so. will not, and will not authorize, permit, or assist any End User to determine or attempt to determine the Rules or Rules Update(s) used by the Software under any circumstances whatsoever.

Page 4

CONFIDENTIAL TREATMENT REQUESTED

21.2 will require that use of the Product by its End Users will be in accordance with the Documentation or any other operation or user instructions or manuals furnished by BMI or its licensors, and in accordance with any other reasonable requirements of BMI.

22. PROPRIETARY RIGHTS

22.1 Ownership of all rights (including the IP Rights), title and interest in the Product (including but not limited to copies of the Product contained in any storage media) the Marketing Materials, Training Materials and any other materials provided by BMI to will at all times remain the absolute and exclusive property of BMI and/or its licensors, as the case may be. Except as expressly granted herein, is granted no rights to create derivative works of the Product, or to distribute the Product to third parties. In the event that notwithstanding the above, has or acquires any such said rights, title or interest, will be deemed to have irrevocably assigned and transferred the same to BMI free from any requirement on the part of BMI to pay any fees. Further and if required by BMI at BMI’s cost, will execute and deliver to BMI all relevant documents of assignment and transfer in respect of the said rights, title or interest, and the documents will be in such form as may be required by BMI.

22.2 , its officers, employees, servants and agents will not remove, alter, obscure, conceal or otherwise interfere with any BMI Trademarks, or other EP Rights in the Product, appearing on or in copies of the Product or on the Software or other materials delivered to by BMI. In connection with the distribution of the Product, will use those notices, legends, symbols or labels in connection with the Product in the same manner as they appear on or in the Product.

23. NO OTHER RIGHTS.

24. SCOPE OF SERVICES; ORDERS AND DELIVERY; TRAINING

24.1

Page 5

CONFIDENTIAL TREATMENT REQUESTED

24.1.1

24.2	and BMI mutually agree to work in good faith to reduce channel conflict.

24.3	BMI will make available the following to in respect of the Product:

6.4.1

6.4.2

6.4.3

6.4.4

6.4.5

Page 6

CONFIDENTIAL TREATMENT REQUESTED

the terms of this Agreement or otherwise to disclose any source code comprised in the Product or Updates and/or Upgrades.

24.4 If requires further and additional assistance or instructions beyond any time frame or time limit or number of personnel allocated for purposes of Section 6.4 of this Agreement or requires further and additional assistance or instructions from time to time during this Agreement on any matter relating to the Product or any Updates and/or Upgrades that are not expressly included in Section 6.4 of this Agreement, BMI may provide such assistance or instructions in such manner and by such means as BMI deems appropriate, provided that BMI has the capacity and available resources to provide such assistance or instructions, and provided further that will pay BMI’s then-current fees for such services upon completion of the effort. BMI will provide a written quotation of the deliverable and the then-current fees and will provide written acceptance, prior to the start of any services rendered under the scope of Section 6.5.

25. DUTIES OF

25.1 will at all times during the Term:

25.1.1 observe and perform the terms and conditions set out in this Agreement;

25.1.2

consistent with its resource deployment strategy, devote its reasonable commercial efforts to promoting and marketing the Product in the Territory;

25.1.3

25.1.4

promptly bring to the attention of BMI any complaints it may receive regarding the Product;

25.1.5

25.1.6

promptly and diligently follow up on all End User inquiries consistent with ’s current business model and in any event, no less than the obligations agreed to herein ;

25.1.7

consistent with its resource deployment strategy, maintain adequate staff trained in and able to fulfill the marketing, distribution and support needs as required under this Agreement;

25.1.8

25.1.9

make each End User aware of the importance of providing BMI with email accounts * BMI as probe accounts (“Probes”) in connection with BMI’s provision of the Services and to use reasonable commercial efforts to obtain and provide BMI with a list of the Probes for each End User prior to the first distribution of a Rule.

Page 7

CONFIDENTIAL TREATMENT REQUESTED

26. TRADEMARK LICENSE

26.1 will require in its agreements with its End Users and Resellers that they: (a) describe and refer to the Product as the Brightmail^® Solution Suite or such other name as BMI may specify; (b) use and apply the BMI Trademarks in relation to the Product in the forms stipulated by BMI and in accordance with the guidelines (“Guidelines”) found at http://www.brightmail.com/trademark.html, as updated by BMI from time to time, (if any such Guideline update is material, BMI will supply with adequate notice to ensure ’s proper use of such Guideline update) and any other written directions given by BMI as to the appearance, colors, size and placing of all representations of the BMI Trademarks and their manner of use or application in relation to the Product and in any Marketing Materials and in connection with any promotional activities; (c) ensure that the BMI Trademarks are accompanied by wording to show that they are used with the permission of BMI (the content of such wording, placing and size to be as instructed by BMI or as set out in the Guidelines); and (d) save with the prior written consent of BMI, not offer the Product in any packaging other than that provided by BMI and use, affix or otherwise place such marks, logos, labels, markings or notices on the Product in the form provided by BMI.

26.2 Subject to the terms and conditions in this Agreement, is hereby granted, throughout the Term, a non-exclusive, revocable, royalty-free and fully paid up, restricted right to use the BMI Trademarks in the manner set out in Section 8.1 of this Agreement, and solely in conjunction with the distribution of the Product in accordance with the terms of this Agreement. All representations of the BMI Trademarks that desires to use will be exact copies of those used by BMI or will first be submitted to BMI for its approval. All right, title and interest in and to the BMI Trademarks, all derivations thereof and any other trademark or service mark adopted by BMI to identify the Product, will belong to BMI or its licensors, as the case may be. will not acquire, directly or indirectly, any right, title or interest in or to the BMI Trademarks except as expressly set forth herein and as specified in writing by BMI to from time to time. will not use any BMI Trademarks in a manner inconsistent with the Guidelines and/or the terms of this Agreement. Furthermore, will not register any BMI Trademarks in ’s name, or permit any other third party to register any such BMI Trademarks. acknowledges that any material breach by it of this Section 8.2 is a material breach of this Agreement that is incapable of cure, permitting BMI to terminate this Agreement upon written notice.

26.3 For the avoidance of doubt, BMI will be the sole party permitted to file or prosecute any registration or application for registration for the BMI Trademarks and/or any of the IP Rights. will not do or permit to be done any act which may jeopardize or invalidate any registration (or pending registration) of the BMI Trademarks and/or the IP Rights, nor do any act which might assist or give rise to an application to remove any of the BMI Trademarks and/or IP Rights from all and any applicable registers. will give to BMI any information as to its use of the BMI Trademarks and/or IP Rights that BMI may reasonably require and render any assistance, at BMI’s expense, reasonably required by BMI in maintaining the registrations of any of the BMI Trademarks and/or IP Rights. will, if required by BMI and at BMI’s expense, do all acts reasonably necessary (including executing any necessary documents) for the recording of as a registered user of any appropriate BMI Trademarks and/or IP Rights on all and any applicable registers, and hereby agrees that such entry may be canceled by BMI on the expiry or termination of this Agreement and that it will reasonably assist BMI at BMI’s cost as far as may be necessary to achieve such cancellation (including executing any necessary document).

26.4 Subject to the terms and conditions of this Agreement, BMI is hereby granted a non-transferable, non-exclusive, revocable, royalty-free and fully paid up, restricted license to use ’s trademarks, logos, service marks and trade names (collectively, “ Trademarks”) to identify that is BMI customer on BMI’s website, literature, tradeshow signage, and press releases relating to the Product, all in

Page 8

CONFIDENTIAL TREATMENT REQUESTED

accordance with the written directions of (if any); provided, that BMI will use artwork and logos in the form provided by and will obtain ’s approval prior to making changes to such artwork or logos. BMI will clearly indicate ’s ownership of the Trademarks. In addition, BMI will be prohibited from registering Trademarks and all derivations thereof in BMI’s name, or permitting any other third party to register any Trademarks or derivations thereof. All right, title and interest in and to the Trademarks, all derivations thereof and any other trademark or service mark adopted by to identify its products and services, will belong to or its licensors, as the case may be. BMI will not acquire, directly or indirectly, any right, title or interest in or to the Trademarks except as expressly set forth herein and as specified in writing by to BMI from time to time.

26.5 For the avoidance of doubt, will be the sole party permitted to file or prosecute any registration or application for registration for the Trademarks. BMI will not do or permit to be done any act which may jeopardize or invalidate any registration (or pending registration) of the Trademarks, nor do any act which might assist or give rise to an application to remove any of the Trademarks from all and any applicable registers. BMI will give to any information as to its use of the Trademarks that may reasonably require and render any assistance, at ’s expense, reasonably required by in maintaining the registrations of any of the Trademarks. BMI will, if required by and at ’s expense, do all acts reasonably necessary (including executing any necessary documents) for the recording of BMI as a registered user of any appropriate Trademarks on all and any applicable registers, and BMI hereby agrees that such entry may be canceled by on the expiry or termination of this Agreement and that it will reasonably assist at ’s cost as far as may be necessary to achieve such cancellation (including executing any necessary document).

26.6 From time to time during the term of this Agreement, BMI may desire to use End User’s trademarks, or obtain an End User Case Study, or other similar marketing items in connection with its promotion of the Products. agrees to use reasonable efforts to obtain one or all of the same from the End User that would permit BMI to refer to the End User, solely in connection with that End User’s use of the Products. After proposing such marketing requests to an End User, should the End User refuse, agrees that it will provide BMI with a contact at the End User, if such End User allows to do so, so that BMI may contact the End User directly to obtain permission.

27. FEES AND PAYMENTS

27.1 will pay to BMI a Fee for each Customer reported under the Order or Product Report submitted by with respect to each Product (“Fees”), as further set forth in Exhibit C. BMI will invoice for total fees and payments after the receipt of each Order or Product Report as described in Sections 6.1 and 9.5 of this Agreement. Each invoice will be due and payable net thirty (30) days after the date of the invoice. Fees will equal at a minimum the product of the number of Customers on an End Users email system and either the selective opt-in fees or 100% opt-in annual fee as provided in Exhibit C and section 6 of this Agreement. All Orders, Product Reports and Invoices will be in US Dollars.

27.2 All payments to be made by to BMI under this Agreement will be payable in US Dollars.

27.3 All fees owed by to BMI under this Agreement will be paid in full within thirty (30) calendar days after the date of invoice without any deduction or withholding (whether in respect of set off, defense, deferment, counterclaim, duties, taxes including turnover tax, value added tax, goods and services tax, withholding tax, government charges or legal dues and otherwise whatsoever) unless the deduction or

Page 9

CONFIDENTIAL TREATMENT REQUESTED

withholding is required by law in relation to tax on the net income of BMI or the employees of BMI, in which case will: (a) notify BMI of any requirement with respect to the deduction or withholding as soon as becomes aware of it; (b) ensure that the deduction or withholding does not exceed the minimum amount legally required; (c) pay to the relevant taxation or other authorities within the period for payment required by applicable law the full amount of the deduction or withholding; and (d) furnish to BMI within the period for payment permitted by applicable law an official receipt of the relevant taxation or other authorities in respect of all amounts deducted or withheld.

27.4 All amounts not paid when due under this Agreement will accrue interest at the lesser of one and one half percent (1.5%) per month or the maximum rate permitted under applicable law.

27.5 will maintain complete, proper, accurate and up-to-date records (`Relevant Records”) of all sales of the Services and of the details of all End Users, including contracts, accounts and support logs regarding: (a) the use of Product by End Users, and (b) ’s compliance with the terms of this Agreement. Such reports will be submitted by to BMI within ten days of BMI’s request of the same. will keep all Relevant Records. BMI will have the right to audit (“Audit”) all such records no more than once per twelve (12) month period throughout the term of this Agreement, to confirm the accuracy of the number of Customers reported to BMI, and compliance with any other terms and conditions of this Agreement. The scope of such audit shall be limited to transactions occurring during the preceding 24-month period For the purposes of the Audit, will ensure that BMI and/or its duly appointed representative will be given access to such principal place of business and to such records and will be entitled to take copies of all such records for the aforesaid purpose. This right will survive one (1) year after termination of this Agreement. Audit will take place during normal business hours and in accordance with ’s standard security procedures. BMI must give reasonable prior written notice to audit in advance of the desired date. The audit will be conducted at BMI’s expense unless such audit reveals an underpayment to BMI in excess of ten percent (10%) for the period being audited, in which case will bear the reasonable expenses of the audit.

27.6 Except as otherwise provided hereunder or as otherwise agreed to in writing between the Parties, each Party is responsible for their own expenses incurred in their performance hereunder. Any costs or expenses incurred by the Parties will be at that Party’s sole risk and upon that Party’s independent business judgment that such costs and expenses are appropriate. For the avoidance of doubt, may not credit any payment of Fees due to any End Users failure to pay.

28. WARRANTIES OF

28.1 represents and warrants to BMI that:

28.1.1

has the capacity to enter into and perform and comply with its obligations under this Agreement.

28.1.2

28.1.3

’s entry into and/or performance of or compliance with its obligations under this Agreement do not and will not violate any law to which it is subject.

Page 10

CONFIDENTIAL TREATMENT REQUESTED

28.1.4

’s entry into and/or performance of or compliance with its obligations under this Agreement do not and will not violate any agreement to which it is a party or which is binding on it or its assets.

28.1.5

is solvent and able to pay its dues as and when they fall due and no proceeding has commenced or any action taken or an order made or an effective resolution passed for the dissolution, winding up, reorganization, reconstruction or bankruptcy of or, where relevant, for the appointment of a liquidator, liquidation committee, receiver, administrator, trustee or similar officer of or of all or part of its business or its assets.

29. WARRANTIES OF BMI

29.1 BMI represents and warrants to that:

29.1.1

BMI has the capacity to enter into and perform and comply with its obligations under this Agreement;

29.1.2

29.1.3

30. WARRANTY DISCLAIMERS; AND LIMITATION OF LIABILITY

30.1 THE EXPRESS WARRANTIES SET FORTH IN SECTION 11 OF THIS AGREEMENT ARE THE ONLY WARRANTIES WITH RESPECT TO THE PRODUCT AND ANY PART THEREOF. BMI AND ITS LICENSORS MAKE NO OTHER REPRESENTATIONS OR WARRANTIES, WHETHER EXPRESS, IMPLIED OR STATUTORY, AND EXPRESSLY DISCLAIM ALL OTHER WARRANTIES. INCLUDING WITHOUT LIMITATION. WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. BMI AND ITS LICENSORS DO NOT WARRANT (a) THAT THE PRODUCT OR ANY PART THEREOF WILL BE FREE FROM DEFECTS, ERRORS OR BUGS, OR (b) THAT THE OPERATION OF THE PRODUCT WILL BE SECURE OR UNINTERRUPTED, OR (c) THAT THE PRODUCT WILL BE ABLE TO PROVIDE OR ATTAIN ANY FEATURES, FACILITIES, FUNCTIONS OR CAPABILITIES, OR (d) THAT ANY RESULTS OR INFORMATION THAT MAY BE DERIVED FROM THE USE OF THE PRODUCT WILL BE ACCURATE, COMPLETE, RELIABLE AND SECURE.

30.2 For any breach of the warranties contained in Section 11.1.3 of this Agreement, ’s exclusive remedy and BMI’s entire liability will be correction of the defect that caused the breach or the re-performance of the non-conforming Services (as the case may be) at the cost and expense of BMI as soon as reasonably practicable. This warranty is made solely to and not to any Reseller or End User.

Page 11

CONFIDENTIAL TREATMENT REQUESTED

30.3 IN NO EVENT WILL EITHER PARTY BE LIABLE FOR ANY LOSS OF PROFITS, LOSS OF BUSINESS, LOSS OF USE OR DATA, INTERRUPTION OF BUSINESS, OR FOR INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES OF ANY KIND, EVEN IF SUCH PARTY RECEIVED ADVANCE NOTICE OF THE POSSIBILITY OF SUCH DAMAGES, OR FOR ANY CLAIM BY ANY THIRD PARTY, WHETHER OR NOT ANY OF THE MATTERS AFORESAID ARISES IN CONTRACT OR TORT (INCLUDING NEGLIGENCE) OR MISREPRESENTATION OR BREACH OF STATUTORY DUTY OR ANY DUTY UNDER GENERAL LAW OR ANY OTHER LEGAL THEORY. NEITHER PARTY’S ENTIRE LIABILITY TO THE OTHER UNDER THIS AGREEMENT, REGARDLESS OF WHETHER THE CLAIM FOR SUCH DAMAGES IS BASED IN CONTRACT OR TORT (INCLUDING NEGLIGENCE) OR MISREPRESENTATION OR BREACH OF STATUTORY DUTY OR ANY DUTY UNDER GENERAL LAW OR ANY OTHER LEGAL THEORY, (EXCEPT FOR BMI’S DUTY TO INDEMNIFY AGAINST INFRINGEMENT AS PROVIDED IN SECTION 15 BELOW) WILL EXCEED THE AMOUNT OF FEES PAID TO BMI BY DURING THE INITIAL TERM OF THIS AGREEMENT.

31. SUPPORT SERVICES

13.1 Support services shall be provided as set forth in Exhibit D.

32. INDEMNITY

32.1 BMI will defend, indemnify and hold , together with its officers and employees, harmless from any third-party suit or action against to the extent such suit or action is based on a claim that the Product infringes any intellectual property rights of a third party where such rights are valid and existing as of the Effective Date and are enforceable in any Berne Convention member nation; and BMI will pay any judgment, loss, cost or expense (including reasonable attorneys fees and costs) incurred in connection with the defense thereof by . These obligations do not include any claims to the extent they are based on: (i) use of the Product in violation of this Agreement, or (ii) in combination with any other software or hardware (except as specified in the Documentation), or (iii) any modification made to the Product by anyone other than BMI. The indemnity obligations set forth in this section are subject to: (a) giving reasonably prompt written notice to BMI of any such claim(s); (b) BMI having sole control of the defense or settlement of the claim; and (c) at BMI’s request and expense, reasonably cooperating in the investigation and defense of such claim(s). To the maximum extent permitted by applicable law, this section states the entire indemnification obligations and liability of BMI with respect to infringement of any intellectual property rights of a third party. Upon BMI’s sole determination, should the Product become, or be likely to become, the subject of a claim of such infringement, or after the entry of any judgment or order not subject to further appeal, that the use of the Product infringes upon the intellectual property rights of any third party, and that such use of the Product must cease, BMI, at its election may, at its own cost and expense, either (a) procure for the End User the right to continue the use and/or receipt of the Product “as is”; (b) modify the Product in such a way that the use thereof does not infringe upon such intellectual property rights of the third party, provided such modification does not materially alter the functionality or performance of the Product; or if neither of the foregoing are commercially feasible, (c) terminate this Agreement by written notice to and return any pre paid fees for Services not rendered.

32.2 Subject to the provisions of Section 14.1 of this Agreement, will indemnify and hold BMI (together with its officers and employees) harmless from any third-party suit or action against any judgment, loss, cost, or expenses (including reasonable attorneys fees and costs) which may be suffered or incurred by BMI to the extent such suit or action is based on a claim that (i) caused personal injury or death of a third-party, or (ii) the Trademarks infringe the trademarks of any third-party, or (iii) any warranty claims made by End Users for warranties made by that exceed the scope of

Page 12

CONFIDENTIAL TREATMENT REQUESTED

the warranty expressly set forth herein, or (iv) an act or omission by to the extent authorized by this Agreement. The indemnity obligations set forth in this section are subject to: (a) BMI giving prompt written notice to of any such claim(s); (b) having sole control of the defense or settlement of the claim; and (c) at ’s request and expense, BMI cooperating in the investigation and defense of such claim(s).

33. TERM

33.1 This Agreement will come into force on the Effective Date, and will continue for a time period specified in Exhibit A attached hereto (“Initial Term”), unless earlier terminated in accordance with Section 17 of this Agreement. Thereafter, if there has been no material breach of the terms of this Agreement by , at ’s option and with BMI’s consent, this Agreement will renew for additional one (1) year periods (“Further terms”) until terminated in accordance with this Section 15 and Section 16 below. will provide BMI with a six (6) month notice not to renew. In the event fails to provide such notice, such Wind-down period will not exceed the six (6) month period following the termination date, in accordance with section 16.4. The Initial Term and Further Term(s), if any, will be referred to as the “Term”.

34. TERMINATION

34.1 If either Party defaults in the performance of any of its material obligations contained in this Agreement, the non-defaulting Party may terminate this Agreement upon at least thirty days written notice if the default is not cured during such notice period. This Agreement may be terminated by one Party immediately at any time, without notice, if any proceeding is commenced or any action taken or an order is made or an effective resolution is passed for the dissolution, winding up, or bankruptcy of the other Party or, where relevant, for the appointment of a liquidator, liquidation committee, receiver, administrator, trustee or similar officer of the other Party of all or a substantial part of its business or its assets.

34.2 Upon termination or expiration of this Agreement, the rights granted to under this Agreement (including for the avoidance of doubt, the rights granted under Sections 2 and 8 of this Agreement) will lapse and terminate, and:

34.2.1 will immediately cease and discontinue, and/or procure the cessation and discontinuance of the use of the Product, the BMI Trademarks, the Confidential Information and the IP Rights and immediately remove from its letterhead, advertising literature and place of business all references to the Product and the BMI Trademarks and will also cease to represent itself as the authorized distributor of the Product;

34.2.2 Within thirty (30) calendar days after such said termination or expiration of this Agreement, will deliver to BMI or destroy all copies of the Software, Documentation, BMI’s Confidential Information, and any other documents, papers, materials or property of BMI which may have in its possession or under its control and will furnish to BMI an affidavit signed by an officer of certifying that, to the best of its knowledge, such delivery or destruction has been fully effected; and

34.2.3 will within 30 days of such said termination or expiration of this Agreement, pay to BMI all amounts outstanding in favor of BMI, unless such sums are due earlier, then by the earlier due date.

34.3 Notwithstanding the foregoing, if this Agreement terminates for any reason, BMI may continue to provide to the applicable End Users the Rule Updates, Updates and Upgrades, as available for the original (or “initial”) term of that End User’s End User License Agreement. Upon termination, BMI will, upon notice to

Page 13

CONFIDENTIAL TREATMENT REQUESTED

, either: (i) terminate the End User License Agreement, or (ii) give notice to and the End User that BMI will assume performance of all obligations under the End User License Agreement. Distributor agrees that such notice will be binding on and will be deemed, as of the date specified in the notice, to have assigned all its rights and benefits in and to the End User License Agreement to BMI or its agent, and the parties will work together in good faith to provide for the orderly transfer of such End Users to BMI.

34.4 Termination will be without prejudice to any accrued right or liability or to any other obligation surviving termination or to any rights or remedies of the Parties under this Agreement or at law. Upon termination or expiration of this Agreement the provisions of Sections 1, 3, 4, 5, 9, 16, 17, 18, 19.1, 19.4, 19.9, 19.12, 19.13, and all payment obligations incurred prior to the effective date of such termination or expiration will survive. All other provisions of this Agreement will terminate. In the event that this Agreement is terminated for any reason other than ’s uncured material breach, then BMI agrees that may continue using the Product subject to all the terms contained in this Agreement for a period not to exceed six (6) months following the termination date or until the expiration of its End User License, but in no event will such a period exceed one (1) year from the termination date (Wind-down Period). For termination due to non-renewal, the Wind-down Period will not exceed six (6) months following the termination date. ’s obligations to BMI for the payment of Fees due will not be relieved by the effective termination of this Agreement under such circumstances. At the end of such Wind-down Period, or immediately in the case of termination due to ’s uncured breach, shall cause End Users to immediately cease use of the Product and either return or destroy all copies of the Product.

35. CONFIDENTIALITY.

36. GENERAL PROVISIONS

Page 14

CONFIDENTIAL TREATMENT REQUESTED

Notices will be addressed as set forth in Exhibit A attached hereto. Any Party may change its address or facsimile for the purposes hereof by written notice to the other Party. Notices will be effective (a) if delivered personally, on the date of delivery; (b) in the case of domestic mail, if transmitted by pre-paid mail, on the date falling seven (7) days after posting, provided that it will be sufficient to show that the envelope containing such notice or information was properly addressed and sent by pre-paid post and that it has not been returned to sender to prove that such notice or information has been duly sent; (c) in the case of international mail, if transmitted by prepaid registered air-mail, on the date falling fourteen (14) days after posting; provided that it will be sufficient to show that the envelope containing such notice or information was properly addressed and sent by prepaid post and that it has not been so returned to the sender to prove that such notice or information has been duly sent; and (d) if transmitted by facsimile, on the date of transmission, provided that it will be sufficient to show that the facsimile has been dispatched with the appropriate answer back code received to prove that such facsimile has been duly sent.

Page 15

CONFIDENTIAL TREATMENT REQUESTED

marketing and distribution of the Product by . Each Party will comply with all applicable laws, rules and regulations in its performance under this Agreement.

19.7 The captions and section and paragraph headings used in this Agreement are inserted for convenience only and will not affect the meaning or interpretation of this Agreement.

19.13 The remedies under this Agreement are cumulative and not exclusive of any other rights or remedies whether provided by law or otherwise.

Page 16

CONFIDENTIAL TREATMENT REQUESTED

Agreement may be executed in counterparts, each of which will be deemed an original, but all of which taken together will constitute one and the same instrument.

IN WITNESS WHEREOF, the Parties hereto have duly executed this Agreement effective as of the Effective Date.


BRIGHTMAIL, INC.


By:		By:

	Signature		Signature
Name:	Mike Irwin	Name:
Title:	VP Finance	Title:
Date:	, 2002	Date:	, 2002

Page 17

CONFIDENTIAL TREATMENT REQUESTED

[Exhibit to Exhibit G - EXHIBIT A]

LICENSE

5. THE PRODUCT

Software: Anti-Spam

Services: Rules, Rule Updates, and support services throughout the Term of this Agreement, such Rule Updates to be automatically or, if necessary, manually provided by BMI to End Users utilizing the then in effect BMI general, tested and production grade method for rule distribution. Updates and Upgrades, if any, will be provided to , for ’s subsequent distribution to its End Users. If notifies BMI, in ’s sole discretion, that a particular End User is to be removed from Service (for non-payment or otherwise), BMI will no longer provide Rule Updates to such End User.

Any and all Documentation related to the Software and Services.

Any and all Marketing Materials and Training Materials.

6. LICENSES GRANTED TO FOR USE ON ’S MAIL PLATFORM.

Initial Term: 2 years from deployment date of the first End User License Agreement. will provide BMI written notice of such date.

Support Servers: BMI will provide with one copy for ’s use in accordance with Section 2.2.

For use on End User’s Sun Solaris operating system, only.

7. NOTICES. Below is the contact information for the Parties:

If to :

Attention:

If to BMI:

Attention:

Daphne L. Holly

301 Howard Street, 18^th Floor

San Francisco, CA 94105

Fax: 415 348-9636

Fax:

8. Relationship Managers:

For Brightmail:

415-365-

email address: @brightmail.com

For :

email address:

CONFIDENTIAL TREATMENT REQUESTED

[Exhibit to Exhibit G - EXHIBIT B]

Minimum Terms and Conditions for End User License Agreements

1.	Third Party Beneficiary. Brightmail, Inc. (“BMI”) shall be a direct and intended third-party beneficiary under this Agreement.

6.	End User Agreements. Require, or have required, by contract, that each End User agree to terms, that are no less restrictive than the End User Agreement (“EUA”), which can be found at

CONFIDENTIAL TREATMENT REQUESTED

7.	Probes. Provide BMI, with , all of which are found on . The following apply to End User Probes:

ii) BMI will receive the End User Probes from End User within * of the Effective Date of the agreement between End User and .

CONFIDENTIAL TREATMENT REQUESTED

[Exhibit to Exhibit G – EXHIBIT D PRODUCT SUPPORT]

2.	The parties agree to use the following procedure to resolve support/maintenance problems with respect to the Product:

2.1

2.2


Priority	Log Call	Response Time	Closure Time	Status Report
		(Work Around)	(Product Fix)
Critical	2 Hours	Two (2) Business Days	Ten (10) Business Days	Weekly, Daily for escalated sites
Non-Critical	24 Hours	Eight (8) Business Days	First Major or Minor At Product Release after ’s the next Thirty (30) request Business Days

CONFIDENTIAL TREATMENT REQUESTED

2.3.

Brightmail will provide the following Product support/maintenance services to at no additional charge to fees stated in Exhibit B:

2.3.1

2.3.2

2.3.3

2.3.4

2.3.5

Access to any electronic technical bulletin board or “web page” containing the above information;

2.3.6

2.3.7

One (1) copy of all updates/upgrades and/or access to same through an electronic means and the right to distribute to End-Users which has under a current support/maintenance contract; and

2.3.8

2.4

2.5

Brightmail agrees to give one-hundred-twenty (120) days prior notice of Product discontinuance. Brightmail will support products obsoleted for a period of one (1) year after Product discontinuance.

-2-