Got Spam? Of Course You Do

Ralph DeFrangesco

In a world where we always want more, spam is something we definitely want less of.

 

I personally manage eight e-mail accounts. I am so sick of opening my mail only to find half of it is spam. According to a report by Google, 90 percent to 95 percent of a company's e-mail is spam. Google recently released the report "2008: The Year in Spam." I was amazed. Google processes and manages 2 billion e-mail connections per day, so I'm confident it knows what it is talking about.

 

The McColo network is responsible for the majority of the world's spam. The report highlighted the fact that when the McColo network was taken offline, spam dropped by nearly 70 percent. However, Google is seeing levels of spam starting to creep back up to pre-McColo levels due to spammers finding other ways to send their useless payloads.

 

I recently had the opportunity to interview Jason Hall, President of Stuart Hall Technologies, an IT consulting company located just outside of Philadelphia. Hall has over 15 years experience in the ditches combating spam as an e-mail administrator. I asked him if there were one tool that he could recommend for fighting spam, what would he recommend. His answer: "The Trend Micro Spam Prevention Solution. The tool is easy to setup and configure. My experience has been very good in that it catches 80-90 percent of the spam that I see."

 

Several other companies, including Google with its acquisition of Postini, offer hosted services that route your e-mail through a data center where it is scanned with advanced filters, virus protection, and blocking technology -- all for a reasonable monthly fee.


 

The single highest day of spam was April 23, 2008, when Google blocked on average 194 Spam messages per user. The report cited non-delivery receipt (NDR) attacks as the main reason for the high number of messages. Without spam protection, the average user would have received 45,000 Spam messages in 2008. This is up from 36,000 in 2007.

 

I asked Hall what else we could do to fight Spam. He said, "user education is a very big part of e-mail security. Technology can only do so much. Users have to be educated so that if something does get by the filters, they do not open the mail."

 

As a final question, I asked Hall what final advice he could offer. "In a word, process. Eventually, you are going to get hit with a virus or worm. You need to have the processes in place that will provide a methodology, a step-by-step handbook if you like, that will help you deal with the problem."

 

Look, spam is not going to get any better. The best we can hope for is that more spammers are shutdown. That being unlikely, you need to put the people, processes, and technology in place to protect your assets. Got spam? Get a good filter.



Add Comment      Leave a comment on this blog post
Feb 25, 2009 4:21 AM Gordon Peterson Gordon Peterson  says:

One of the simplest techniques to implement, and the hardest to circumvent, would be to use the principle of established relationships to decide what level of risk you are willing to allow in incoming e-mails. 

Simply blocking HTML, attachments, or messages exceeding a certain predetermined size from unknown/untrusted correspondents would all by itself virtually eliminate E-mail as a distribution vector for viruses and worms.  Based on the sender/recipient relationship, a fine-grained "permissions list" would specify what sorts of mail features were trusted and allowed for a given sender by a given recipient.  This creates a narrow and twisty gauntlet that would be very difficult for the shotgun/buckshot approaches used by spammers to negotiate, and would also deny spammers in a very robust way nearly all the tricks and ruses which they typically use to evade content filters (such as SpamAssassin or similar).

Reply
Feb 26, 2009 10:46 AM Ralph DeFrangesco Ralph DeFrangesco  says: in response to Gordon Peterson

Gordon,

I agree with your thinking here. I am concerned that that same twisty gauntlet might make it difficult to administer as well. I would like to know what products you have used that support your theory. Hey, checked out your website...very cool. You are a renaissance man!

-Ralph

Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.