Langa Letter: Real-Life Spam Solutions - InformationWeek
Software // Enterprise Applications
04:00 PM
Fred Langa
Fred Langa

Langa Letter: Real-Life Spam Solutions

A new generation of anti-spam tools is just around the corner. But until then, these spam blockers and handlers may be the next best thing.

We all know spam is annoying, but have you thought about how much it actually costs you? If you spend, say, 10 minutes each workday identifying, deleting, or otherwise dealing with spam, then you're expending some 43 hours a year--more than a week's worth of lost productivity--on spam. If you earn $50,000 a year, then the value of that lost time is something like $1,000. Of course, your actual numbers may be higher or lower depending on how much spam you get and what your time is worth, but you get the idea.

Now use the same technique to estimate the average amount of time and money lost to spam across your entire company, or nationwide, or worldwide, and you'll arrive at a staggering, almost scary number. Spam isn't just an irritant; it's costing us all huge amounts of time and money.

And it's getting worse: One anti-spam company,, has tracked spam worldwide for the last 18 months and seen the volume of spam increase fivefold in that time. Brightmail says that spam now accounts for almost 40% of the world's E-mail traffic, a colossal waste of bandwidth, storage, computing power, and human effort.

Present Tools Are Inadequate
When spam first became a problem, some very clever programmers began to notice patterns. For example, a high percentage of spam originated from a relatively small group of servers that tended to be hosts to spammers. The programmers came up with the idea of collecting data on spam's origins and sharing this information in "blacklists" (sometimes called "blocklists") that ISPs and mail-server administrators could use to block all mail from the known-as-bad IP addresses.

This worked for a time, but then spammers got smarter and started using more-sophisticated methods of broadcasting spam. As just one example, consider the hit-and-run technique, where a spammer might use a particular IP for only a short time. By the time a blacklist-keeper reacts and adds the offending IP to its database, the spammer has moved on, so no spam is blocked. Worse, because the now non-spamming IP or IP range is still in the blacklist, all totally valid E-mail from that IP or IP range continues to be blocked, at least until the blacklist is updated again. This is a classic double negative--the original problem isn't solved (spam isn't blocked), and a whole new problem is created (good E-mail is blocked).

That's not a made-up example: Most blacklists now really do cause more harm than good. Want proof? A study by Giga Information Group found that the best-known blacklist, MAPS RBL (Mail Abuse Prevention System Realtime Black List), catches less than 25% of spam but blocks 34% of good mail. In other words, it doesn't catch much spam in the first place, and then, for every spam that's blocked, it also blocks 1.4 totally valid nonspam E-mails!

The defenders of blacklists swear by them because that low 24% success rate still may mean that a large number of spam messages are blocked. But how can anyone possibly regard a technology as successful if it has a 76% failure rate (76% of spam gets through) and if it also generates collateral damage through a "false positive" error rate of 140%? To any rational person, grotesque failure rates like those are a clear indication that the technology simply isn't working.

But it gets even worse: Blacklists also can be actively misused through malice, ignorance, or simple misapplication. This has caused groups as diverse as the ACLU, the Electronic Frontier Foundation, and Computer Professionals for Social Responsibility to speak out against blacklists. (See, for example, MAPS RBL Is Now Censorware, The Coalition Statement Against "Stealth Blocking", When Spam Policing Gets Out Of Control, World Justice, or Big Class Action.)

Clearly, blacklists are an outmoded tool, a very blunt instrument, that have outlived their usefulness. Very simply, blacklists now do vastly more harm than good.

1 of 4
Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll