Spam Filtering Floods Innocent In-Boxes - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Enterprise Applications
05:57 PM
Connect Directly

Spam Filtering Floods Innocent In-Boxes

Do challenge/response spam-filtering systems create more problems than they solve? One analyst argues against them.

Two weeks ago, Ferris Research messaging analyst Richi Jennings awoke to find his e-mail in-box filling with spam at a rate of about a message per second. Over the course of two days, a spammer using a botnet -- a collection of PCs that have been subverted through security exploits to send spam -- sent an estimated 10 million messages that purported to come from several of Jennings's e-mail addresses.

That resulted in more than 25,000 bounce messages, from ISPs that return spam to the supposed sender (rather than deleting it) and from challenge/response filters that reply to spam with a note asking the listed sender to answer a challenge question before the initial message gets delivered.

"It's kind of like a denial-of-service attack," says Jennings, who notes that while his coverage of anti-spam issues makes him a likely target for spammer retaliation, he has no evidence to prove that. This sort of attack also is referred to as a "joe job."

Despite the fact the Symantec's Brightmail service did "an impressively good job" in blocking "about half a gigabyte of unwanted, 'backscatter' e-mail," Jennings nonetheless had to deal with hundreds of unwanted messages that made it to his in-box.

For Jennings, the episode reveals a fundamental flaw in challenge/response spam filters. "Challenge/response filters have more Achilles' heels than they have feet," he says.

"Over the last year or two, I've spoken to countless challenge/response filter vendors and they all have their own excuse about why their solution is completely different, and really, yes, they agree this is a problem with badly written challenge/response spam filters, but their spam filter would never do anything so stupid and broken," says Jennings. "And of course I'm looking at an example from just about every one of those vendors that I got two weeks ago."

Jennings argues that because challenge/response spam filters essentially create more spam, they end up harming the user's reputation. "The fact challenge/response causes backscatter means that the users of challenge/response filters are actually, perversely, more likely to have their messages blocked, because their reputation -- the reputation of their IP or domain -- will go down simply because people like me are receiving these things and class them as spam," he explains.

In addition, Jennings suggests that users of challenge/response systems are foisting their spam problem on others, as if one were to respond to litter thrown in one's yard by shoveling it onto the street for someone else to deal with. "What the users of challenge/response spam filters are effectively doing is saying it's my job to filter their spam for them," he says.

Tal Golan, CTO, president, and founder of Sendio, maker of a challenge/response e-mail appliance used by more than 150 enterprise consumers, disagrees strongly with Jennings's assertion that challenge-based filtering has problems. "Without question, the benefit to the whole community at large drastically outweighs that FUD [fear, uncertainty, and doubt] that's out there in the marketplace that somehow challenge/response makes the problem worse," he says. "The real issue is that filters don't work. From our perspective, challenge/response is the only solution. This whole concept of backscatter is just not true. Very, very rarely do spammers forge the e-mail addresses of legitimate companies anymore."

Golan also dismisses the idea that challenge-response systems burden senders with filtering spam for recipients. Says Golan, "Most people out there today are very, very happy to make the world a safer place."

Editor's note: This story was modified to restore the last two paragraphs, which were accidently deleted.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Augmented Analytics Drives Next Wave of AI, Machine Learning, BI
Jessica Davis, Senior Editor, Enterprise Apps,  3/19/2020
How Startup Innovation Can Help Enterprises Face COVID-19
Joao-Pierre S. Ruth, Senior Writer,  3/24/2020
Enterprise Guide to Robotic Process Automation
Cathleen Gagne, Managing Editor, InformationWeek,  3/23/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
Flash Poll