Skip navigation

Putting the lid on spam

Weapons like URL blocking, traffic throttling and signaturing can win battles against e-mail spammers, but there's no end to the war

Globe and Mail Update

Unless you're one of a select breed who has managed to live a life of technological celibacy, odds are you've been offered a miracle drug, been approved for a loan or been chosen to share the wealth of a foreign military general. Depending on who you talk to, spam currently accounts for anywhere from 75% to 90% of all global e-mail traffic, so odds are pretty good that you've received one or more of those offers today—and probably just in the time it took to read this paragraph.

Like insects at a picnic, spam is a nuisance that's tolerated by end users for the greater good—the daily flow of legitimate e-mail that flows into their inboxes along with the junk. But on a global level, the statistics are astonishing and suggest that close to 100 billion spam messages are transmitted worldwide daily.

The growing incidence of spam is forcing businesses to invest more and more money each year into combating the problem—which is costing millions of dollars in network downtime, additional bandwidth costs, productivity losses and overloaded IT resources. "Two years ago, before things got way out of hand, AOL claimed that they had turned away half a trillion e-mails at the heart of their network," says Neil Schwartzman, executive director of the Coalition Against Unsolicited Commercial Email North American (CAUCE), an organization founded in the late 1990s to provide an end-user voice to anti-spam forums. "The scary part is that things have gotten significantly worse since then."

What end-users see in their inboxes is usually less than 10% of what is actually sent their way; the remaining 90% is filtered out through a growing myriad of technologies implemented by Internet service providers. Increases in ISP spam defence spending are ultimately passed down the line, which means those costs are subsidized by consumers. According to the 2007 version of an annual PricewaterhouseCoopers survey entitled "Global State of Information Security," 15 cents out of every IT dollar spent is directed toward security. Gartner Inc. forecasts that worldwide revenue for security software will top $10 billion in 2008. "As spammers get more sophisticated, so do the solutions used to fight spam," says Sara Radicati, CEO of the Radicati Group Inc., a California-based firm that provides research on messaging and collaboration, security, e-mail archiving, identity management, instant messaging and more. "I think the one difference we've seen in the past year is that the anti-spam solutions are beginning to have
a slightly bigger impact."

From a technology perspective, the spam war is being fought in the R&D facilities of companies like Vancouver-based MailChannels, whose founders include former engineers from Symantec (maker of the popular Norton suite of tools). Frustrated by the limitations of earlier generations of security products, they saw the potential to develop more innovative anti-spam techniques. In May, MailChannels released its Traffic Control software as a free online download, allowing anyone to benefit from the huge reduction in spam achieved by the program's e-mail traffic shaping technology. Also known as "traffic throttling," the technology slows down unusually high volumes of traffic being sent from an IP address, which the company has proven will cause most spammer programs to disconnect. "Despite all the money invested in anti-spam systems, Nucleus Research found last year that spam is still costing enterprises an average of $712 per year, per employee," says Ken Simpson, CEO of MailChannels, whose clientele includes Fortune 500 companies like Wyeth Pharmaceutical and Pacific Gas & Electric. "That adds up to $71 billion per year in lost productivity in the United States alone."

Another company using traffic throttling to combat spam is MessageLabs, a global security provider for managed services, including e-mail. MessageLabs uses URL blocking techniques, block lists, signaturing and SMTP heuristics to identify and eliminate hidden spam (see "Anti-spam jargon," page 25). "There's no single technique that prevents all spam, so we take a much more pragmatic approach, using multiple systems to clean out everything in the spam stream," says Matt Sergeant, senior anti-spam technologist with MessageLabs. "We guarantee our customers that 99% of all spam will be blocked, but we have been able to block between 99.5% and 99.7%, on average."

Recommend this article? 3 votes

Back to top