Anti-spam vendors say the new law isn't slowing the torrent of electronic junk mail.
A month after the federal Can-Spam Act went into effect, most anti-spam vendors say that the new legislation hasn't cut down on the glut of junk mail in users' in-boxes.
According to numbers released this week by Brightmail, Postini, and Commtouch, three providers of message-filtering and anti-spam solutions, the amount of spam they've intercepted since the law took effect on Jan. 1 has increased, went unchanged, or fallen by an insignificant amount.
Postini rolled out its January 2004 data on Wednesday, and said that new law or not, spam is still clogging in-boxes. In January, spam accounted for 79% of all the messages that Postini processed for its 2,000-plus business customers, a tiny fall-off from the 80% logged in December 2003.
"The CAN-SPAM Act appears to have had little immediate effect on the amount of unwanted E-mail," said Andrew Lochart, Postini's director of product marketing.
Other anti-spam vendors paint an even more distressing picture of Can-Spam's first month.
Brightmail released its January numbers earlier this week, and said that the amount of spam it stopped increased over the previous month. In January, Brightmail tagged 60% of the messages it processed as spam, a 2% climb over December.
Brightmail's numbers derive from its 300 million users in both businesses and those served by Internet service providers, the company said, as well as its Probe Network, a collection of more than 2 million decoy accounts used to attract spammers.
"We certainly haven't seen a decrease [in spam] since December," said Francois Lavaste, Brightmail's VP of marketing. "But that's not a big surprise."
Expectations of Can-Spam's impact shouldn't be set too high, he said, since legislation is just one component of an anti-spam strategy that should include user education, revised best practices by large commercial mailers, and technology such as anti-spam filters at the gateway.
"Legislation can deter some spammers," said Lavaste. "But at the same time, everyone should realize that spammers have been using deceptive practices for years." They're good at it, he added, and they'll continue to get better, at least for the foreseeable future.
"I don't expect spammers to give up this year," Lavaste said, noting that they're already reacting to Can-Spam by moving more mailings to remote servers overseas.
Likewise, anti-spam supplier Commtouch noted Wednesday that it saw no change in the amount of spam from January and December.
"The month of January clearly shows that spammers didn't take seriously the Can-Spam legislation, and that the legislation didn't affect the number of spam outbreaks, number of spam messages, and the methods spammers use to get into user inboxes," executive VP Avner Amram said.
In fact, Commtouch has seen spammers turn to new techniques to get their messages through increasingly sophisticated filters. One new method relies on letter substitution in headers, subject lines, and message bodies to blow past content-based anti-spam solutions.
In this new approach, spammers substitute other letters or characters for actual letters of the alphabet, modifying the words enough to slip by filters but not enough to confuse users, who can easily decipher the messages. In such substitutions, spammers may replace "A" with "@," "B" with "8," and scramble other letters.
Still, there are glimmers of hope. "The law is a good start," said Brightmail's Lavaste, but he went on to say that since enforcement is such as crucial aspect in any taming of spam, it may not be until a major spammer is hauled off to jail or fined before spammers wake up and smell the coffee.
"They'll think twice only if the [economic] roadblocks are strong enough," he said, "and when there are direct attacks against them. Down the road, spam will become a non-issue--it will be put back where it belongs, a nuisance rather than a threat against corporate communication--but that's going to take a lot more effort by legislation and filtering technology alike."
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2018 State of the CloudCloud adoption is growing, but how are organizations taking advantage of it? Interop ITX and InformationWeek surveyed technology decision-makers to find out, read this report to discover what they had to say!
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Cybersecurity Strategies for the Digital EraAt its core, digital business relies on strong security practices. In addition, leveraging security intelligence and integrating security with operations and developer teams can help organizations push the boundaries of innovation.