Feeds

Spam filters thwart junk mail menace

Incomplete study declares victory over spammers

The Essential Guide to IT Transformation

ISP spam filters are able to block as many as 95 per cent of junk mail messages, according to a study by the US Federal Trade Commission. The US government consumer advocacy group reckons its study shows that technology can be an effective tool in keeping junk mail under control although all it really shows is that spam filtering is better than leaving email accounts exposed to the elements.

The study (PDF) only looked at the anti-spam filtering performance of two ISPs and the figure of 95 per cent comes from the best performer, so it'd be unwise to regard its findings as anything better than incomplete. Blocking all but one in 20 spam messages might sound like good news but what if this volume still exceeds that of legitimate email? Technology companies are in a war against spammers. And history shows that junk mail merchants are more than capable of turning up the volume of spam and adopting new tricks in order to circumvent improved anti-spam defences. It would be unwise to think that the battle against spammers is won just yet.

Canning spam

The FTC studied three aspects of spam: email address harvesting – the automated collection of email addresses from public areas of the net; the effectiveness of spam filtering by ISPs; and the effectiveness of using "masked" email addresses as a technique to prevent the harvesting of email addresses. Masking addresses involves altering an email address to make it understandable to people but confusing to automated harvesting software (e.g. johndoe@ftc.gov could be masked to appear as john doe at FTC dot gov).

FTC staff created 150 new undercover email accounts – 50 at an ISP that uses no anti-spam filters and 50 each at two different ISPs that use spam filters. Researchers then posted the email addresses on 50 Internet sites, including message boards, blogs, chat rooms, and USENET groups that spammers might visit in an attempt to harvest email addresses.

The study concluded that spammers continue to harvest email addresses posted on Web sites, but addresses posted in chat rooms, message boards, USENET groups, and blogs were unlikely to be harvested. The extent to which junk mail merchants harvest email addresses using malware was outside the scope of the survey.

After a five week trial, email addresses at the unfiltered ISP received a total of 8,885 spam messages. At the end of the same period, email addresses at one of the ISPs that uses filtering technologies received a total of 1,208 spam messages, and email addresses at the second ISP that uses filtering technologies received a total of 422 spam messages. The filter of the first ISP blocked 86.4 per cent of the spam, and the filter of the second ISP blocked 95.2 per cent of the spam.

Masking email addresses proved to be the single most effective step in preventing the dummy accounts the FTC created from bombardment by junk emails. After five weeks, unmasked email addresses had received more than 6,400 pieces of spam, while the masked email addresses had received only one piece of spam. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.