Feeds

Spam filters thwart junk mail menace

Incomplete study declares victory over spammers

The essential guide to IT transformation

ISP spam filters are able to block as many as 95 per cent of junk mail messages, according to a study by the US Federal Trade Commission. The US government consumer advocacy group reckons its study shows that technology can be an effective tool in keeping junk mail under control although all it really shows is that spam filtering is better than leaving email accounts exposed to the elements.

The study (PDF) only looked at the anti-spam filtering performance of two ISPs and the figure of 95 per cent comes from the best performer, so it'd be unwise to regard its findings as anything better than incomplete. Blocking all but one in 20 spam messages might sound like good news but what if this volume still exceeds that of legitimate email? Technology companies are in a war against spammers. And history shows that junk mail merchants are more than capable of turning up the volume of spam and adopting new tricks in order to circumvent improved anti-spam defences. It would be unwise to think that the battle against spammers is won just yet.

Canning spam

The FTC studied three aspects of spam: email address harvesting – the automated collection of email addresses from public areas of the net; the effectiveness of spam filtering by ISPs; and the effectiveness of using "masked" email addresses as a technique to prevent the harvesting of email addresses. Masking addresses involves altering an email address to make it understandable to people but confusing to automated harvesting software (e.g. johndoe@ftc.gov could be masked to appear as john doe at FTC dot gov).

FTC staff created 150 new undercover email accounts – 50 at an ISP that uses no anti-spam filters and 50 each at two different ISPs that use spam filters. Researchers then posted the email addresses on 50 Internet sites, including message boards, blogs, chat rooms, and USENET groups that spammers might visit in an attempt to harvest email addresses.

The study concluded that spammers continue to harvest email addresses posted on Web sites, but addresses posted in chat rooms, message boards, USENET groups, and blogs were unlikely to be harvested. The extent to which junk mail merchants harvest email addresses using malware was outside the scope of the survey.

After a five week trial, email addresses at the unfiltered ISP received a total of 8,885 spam messages. At the end of the same period, email addresses at one of the ISPs that uses filtering technologies received a total of 1,208 spam messages, and email addresses at the second ISP that uses filtering technologies received a total of 422 spam messages. The filter of the first ISP blocked 86.4 per cent of the spam, and the filter of the second ISP blocked 95.2 per cent of the spam.

Masking email addresses proved to be the single most effective step in preventing the dummy accounts the FTC created from bombardment by junk emails. After five weeks, unmasked email addresses had received more than 6,400 pieces of spam, while the masked email addresses had received only one piece of spam. ®

Next gen security for virtualised datacentres

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
Oz fed police in PDF redaction SNAFU
Give us your metadata, we'll publish your data
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?