The state of spam 2009, Part 1

* Sources of spam statistics

Spam - not SPAM the luncheon meat (and you have GOT to visit the official SPAM Web site, which plays like a parody the Monty Python crew might have dreamed up) - is a dreadful nuisance, with estimates that 95% of all e-mail in the world now consists of rubbish. Periodically I look into the state of the spam to see how the war is going.

Slideshow: Famous last words about spam

One of the sites readers may find interesting is SpamLinks, subtitled, “Everything you didn’t want to have to know about spam.” One of the fundamental questions in any discussion of spam is how we measure the volume of spam. Many organizations simply report the “percentage of e-mail that is spam” just as I did in the first paragraph. The implication is that if you count all the spam sent to SMTP servers on the planet and divide by the total number of e-mail messages sent to SMTP servers you get a meaningful measure of the spam load on the entire global Internet.

Simon Waters doesn’t like that measure. He points out that from the point of view of an individual e-mail user, the volume of spam is independent of the volume of legitimate e-mail, so global statistics don’t mean much. I have to disagree: global statistics are critically important because they give us a sense of the magnitude of the assault on our computing and communications resources that are being carried out by criminals. If we desperately feel the need to have a war on something - anything - at all times, maybe we should declare war on spammers.

Another interesting site is provided by the vendor IronPort Systems, which offers a number of dynamically generated graphs with information about the sources of spam and the spam-per-second rates over various periods (day, week, month, year). The numbers do not indicate total volumes around the world (they refer to reports handled by the SpamCop service) but they do give one a sense of fluctuations.

Another source of statistics is Marshal, makers of a variety of security products. Its statistics page provides a number of simple graphs presenting analyses of relative volumes of spam over several months, spambot activity, spam by subject category, origins by country (for some reason Brazil was listed at the top for a couple of weeks in mid-January 2009, with almost twice as much spam originating there as in the U.S.), and origins by continent (Asia and Europe vying for No. 1 at more than 30% each, with North America down at around 11%). Confirming industry observations, image spam, which was a big deal a few years ago, seems to be dropping to nothing these days.

Both IronPort and Marshal are OEM partners with my favorite anti-spam vendor, Cloudmark (and no, I’m just a paying customer, not a shill). Cloudmark Authority is integrated into IronPort's e-mail security appliances, and Cloudmark Authority integrates with MailMarshal SpamProfiler.

Cloudmark recently announced that it is doing very well in the complex environment presented by universities. A recent press release said that “departments at several top universities, including Duke University, San Jose State University and several ivy league schools have successfully adopted the Cloudmark Authority plug-in for SpamAssassin.” The release added, “Universities and colleges face unique challenges when it comes to messaging security. Often, campus departments find themselves using disparate anti-spam solutions, increasing both administration and infrastructure costs, as well as complicating the process of effectively protecting students and faculty from abuse. Further, school IT departments are tasked with protecting not only current students and faculty, but also a growing number of alumni who continue to use campus e-mail addresses after graduation. Schools must find ways to provide effective messaging security and a positive user experience for thousands of users while often adhering to strict budget constraints.”

Loyal (fanatic) readers may recall that I interviewed Cloudmark’s CTO Jamie de Guerre in a two-part report a year ago - here's part 1 and part 2. This year I pointed him to those articles and simply asked him these two questions:

(1) What’s changed since last year in the fight against spam?

(2) What do you see as the most promising new technologies coming down out of your research and development labs for the next stage of the fight against spam?

I’ll publish de Guerre’s answers in the next three columns.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT