Langa Letter: Real-Life Spam Solutions - InformationWeek
IoT
IoT
Software // Enterprise Applications
Commentary
11/14/2002
04:00 PM
Fred Langa
Fred Langa
Commentary
50%
50%
RELATED EVENTS
[Dark Reading Crash Course] Finding & Fixing Application Security Vulnerabilitie
Sep 14, 2017
Hear from a top applications security expert as he discusses key practices for scanning and securi ...Read More>>

Langa Letter: Real-Life Spam Solutions

A new generation of anti-spam tools is just around the corner. But until then, these spam blockers and handlers may be the next best thing.

We all know spam is annoying, but have you thought about how much it actually costs you? If you spend, say, 10 minutes each workday identifying, deleting, or otherwise dealing with spam, then you're expending some 43 hours a year--more than a week's worth of lost productivity--on spam. If you earn $50,000 a year, then the value of that lost time is something like $1,000. Of course, your actual numbers may be higher or lower depending on how much spam you get and what your time is worth, but you get the idea.

Now use the same technique to estimate the average amount of time and money lost to spam across your entire company, or nationwide, or worldwide, and you'll arrive at a staggering, almost scary number. Spam isn't just an irritant; it's costing us all huge amounts of time and money.

And it's getting worse: One anti-spam company, Brightmail.com, has tracked spam worldwide for the last 18 months and seen the volume of spam increase fivefold in that time. Brightmail says that spam now accounts for almost 40% of the world's E-mail traffic, a colossal waste of bandwidth, storage, computing power, and human effort.

Present Tools Are Inadequate
When spam first became a problem, some very clever programmers began to notice patterns. For example, a high percentage of spam originated from a relatively small group of servers that tended to be hosts to spammers. The programmers came up with the idea of collecting data on spam's origins and sharing this information in "blacklists" (sometimes called "blocklists") that ISPs and mail-server administrators could use to block all mail from the known-as-bad IP addresses.

This worked for a time, but then spammers got smarter and started using more-sophisticated methods of broadcasting spam. As just one example, consider the hit-and-run technique, where a spammer might use a particular IP for only a short time. By the time a blacklist-keeper reacts and adds the offending IP to its database, the spammer has moved on, so no spam is blocked. Worse, because the now non-spamming IP or IP range is still in the blacklist, all totally valid E-mail from that IP or IP range continues to be blocked, at least until the blacklist is updated again. This is a classic double negative--the original problem isn't solved (spam isn't blocked), and a whole new problem is created (good E-mail is blocked).

That's not a made-up example: Most blacklists now really do cause more harm than good. Want proof? A study by Giga Information Group found that the best-known blacklist, MAPS RBL (Mail Abuse Prevention System Realtime Black List), catches less than 25% of spam but blocks 34% of good mail. In other words, it doesn't catch much spam in the first place, and then, for every spam that's blocked, it also blocks 1.4 totally valid nonspam E-mails!

The defenders of blacklists swear by them because that low 24% success rate still may mean that a large number of spam messages are blocked. But how can anyone possibly regard a technology as successful if it has a 76% failure rate (76% of spam gets through) and if it also generates collateral damage through a "false positive" error rate of 140%? To any rational person, grotesque failure rates like those are a clear indication that the technology simply isn't working.

But it gets even worse: Blacklists also can be actively misused through malice, ignorance, or simple misapplication. This has caused groups as diverse as the ACLU, the Electronic Frontier Foundation, and Computer Professionals for Social Responsibility to speak out against blacklists. (See, for example, MAPS RBL Is Now Censorware, The Coalition Statement Against "Stealth Blocking", When Spam Policing Gets Out Of Control, World Justice, or Big Class Action.)

Clearly, blacklists are an outmoded tool, a very blunt instrument, that have outlived their usefulness. Very simply, blacklists now do vastly more harm than good.

Previous
1 of 4
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
[Interop ITX 2017] State Of DevOps Report
[Interop ITX 2017] State Of DevOps Report
The DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll