When thrift is in the town, he is in the field
|
|
|
Under five per cent of all email is delivered
ACCORDING TO ENISA, the European cyber security agency, only about 5 per cent of all emails are actually delivered to inboxes.
In a bid to find out just how bad the spam situation is these days, Enisa carried out a spam survey in which it analysed the traffic seen by 100 service providers in 30 countries. It said that efforts to tackle spam varied country to country, as did the amount of money being thrown at solving the problem.
There are some notable absences from the list, including Russia, but we suspect that it didn't want to skew the results too far off the believable track. As it stands, ninety-five percent of emails sent are spam. This time last year it was ninety four per cent.
The executive director of Enisa, Dr Udo Helmbrecht said, "Spam remains an unnecessary, time consuming and costly burden for Europe. Given the number of spam messages observed, I can only conclude more dedicated efforts must be undertaken. Email providers should be better at monitoring spam and identifying the source. Policy-makers and regulatory authorities should clarify the conflicts between spam-filtering, privacy, and obligation to deliver."
Surely though, if so few mails are getting through then the systems must be doing their jobs. According to Enisa, blacklists are the most commonly deployed anti-spam mechanism, but other technical measures, legal tools and internal policies are also applied, it explained. All in all, the firm reckons that most companies apply five methods in the battle against spam.
Add in the fact that almost a third of all large service providers each spend over a million Euros a year fighting the spam menace and it looks like Enisa is being rather alarmist about the whole thing. µ
Share this:
Share
Maybe it's not time for a *new* protocol, but maybe it's time to drop the teletype-era SMTP/POP combo and get the minicomputer-era X.400 out of the vaults, now that everybody's computers and networks are more than powerful enough (even the pocket ones).
X.400 started life in the 1980s but was a bit too heavy on compute power and bandwidth (and initial setup overhead) for widespread adoption at the time. But unlike SMTP/POP it has user authentication built in, it has anti-tamper built in, it has certified delivery built in, it has compound document (MIME) support built in, etc.
It's even designed from the ground up to be 8bit clean and multi-language compatible, how about that?
Basically the X.400 family is an email system designed for the job, rather than a relic from the teletype era surrounded by an exponentially increasing (and increasingly struggling) set of Band-Aids.
Just a thought.
Okay, how would you weigh up which is a bigger evil... Spam or Piracy. Well, I can tell you which one gets the bigger press and an E-bill from lord mandleson. :-)
If it affects income revenue for a huge company, its dealt with by parliament. If its a pain in the ar*e for consumers and could con you as a member of the public, parliament ignores it and expects industry to deal with it.
Dont you love politics?
Isn't it about time we had a new protocol for email? One with strong validation of senders for a start, and probably various other enhancements to improve security and efficiency. Elastoplast solutions like SPF simply don't cut it, especially while many major ISPs refuse to support it. Of course it will never happen, because the current creaking system built on naive trust is far too established, but can we dream?
I run a lot of mailservers and their layered spam defences. I have got the ratio of attempted spam to real mail down to 60% spam, 40% real. I also have essentially zero false positives and less than 0.2% false negatives.
The trick to this is to have a really effective front end mail filter system that makes it uneconomic for spammers to send you stuff. It is very important to reject mail rather than accept and drop it. The result is that sophisticated spammers know which sites are well defended and remove them from their listings.
Typically when I take over a mail server the ratio is well over 95% spam. After applying real-time black holes, greylisting, SPF checks and a variety of other techniques, the ratio stays high for a few months and then reduces down to the 60/40 range.
I did notice a surge pre-Christmas though. Even spammers realise the urge to spend in the festive season.
ONCE FIBRE IS WORKING IT REALLY COSTS NOTHING TO SEND DATA, JUST THROW 'ER ON TOP WE'RE GOING THAT WAY ANYHOW. LOOK, IT TAKES BUT A MOMENT FOR ME TO BIN ANY SPAMS THAT PASS THREW MY FILTER. SURE IF WE ADDED UP ALL THAT TIME AND EFFORT CUMULATIVELY FOR EVERYBODY WHO RECEIVES SPAM, YES YOU COULD BUILD ANOTHER GREAT PYRAMID WITH THAT MUCH EFFORT, BUT LETS SUPPOSE YOU WIPE OUT SPAM TODAY. DOES THAT MEAN ANOTHER GREAT PYRAMID IS GOING TO BE BUILT? WHAT ARE YOU, NUTS?
I work for a company of around 5000 employees and our spam filters catch about 1.2 million spam e-mails a day! Yes, per day!
Spam filters aint cheap, either.
My lost employee productivity caused by this article (instead of working, shame on me), is probably greater than the added cost my teleco bills me for fighting spam. Per year. Because let's face it, the proces are set based on how much they think people are willing to pay, not the cost of the service provided.
The fact is, the telecos have found a balance where they could spend more on fighting spam, but it wouldn't really improve things much for the customer and would raise our rates; and if they spent less, we would notice the difference.
It makes sense to spend millions fighting spam, but not billions. And millions are a drop in the bucket.
@Coward - let's take America for example: The US of A has about 300,000,000 (3 hundred million) people, so for every hundred million dollars the telecoms spend fighting spam, the average person spends $0.33/year, or a bit shy of 3 cents per month.
Hardly a bother for consumers, given that my provider will NOT drop my monthly fee from $19.95 to $19.92 if spam dissappeared.
So, yes, rather alarmist.
If for every single legit email there are 19 spams, and service providers are having to spend millions a year fighting it, then surely Enisa is *not* "being rather alarmist about the whole thing"?
Sounds to me like theres a very real problem there.
Maybe if people got kicked off the net for having a malware-infested, spam-spewing bot, maybe then the problem might start to subside a little. If TPTB can do it for warez, why not also for spam?
Meh. Dream on.