Spam will never reach more than 100% of e-mail

In August, 92% of the e-mail processed by the MXlogic Threat Center was spam – in July, it was 84%. MessageLabs reported that spam represented just under 70% of the e-mail it processed in August. As of this writing, FrontBridge reports that 87% of the e-mail it’s processing is spam. Postini is currently processing more than 13 terabytes of spam each month.

That’s the “good” news. The bad news is that spam – both in terms of the percentage of e-mail that it represents and the total volume of messages – continues to increase.

We all know the problems that spam causes – clogged network bandwidth, lost productivity, increased storage requirements for mail servers, reduced e-mail server performance and the like. Newer and more dangerous threats include phishing and the use of Trojans and worms to infect home PCs to turn them into spam-sending zombies.

The newest threat appears to be the potential for seriously undermining the effectiveness of the Sender Policy Framework (SPF) authentication scheme because of the rapid adoption of SPF records by spammers, making their e-mail appear to be legitimate. We have found that legislation – at least so far – simply does not work to stop spam. Compliance with the CAN-SPAM Act, for example, is minimal even in good months.

So given all of that, here’s my prediction of the future of spam: it will simply disappear for the vast majority of users, albeit not for the networks themselves. In a survey we conducted in July, we asked IT people how best to describe the spam problem for their organization. We found that more than 55% of respondents feel that spam is still a problem, but that spam-blocking technology handles the problem adequately.

What makes that result significant is that we asked the question at a time when spam represents about four out of every five e-mail messages that an enterprise user receives. In other words, although the spam problem is worse than it has ever been, most organizations that have implemented a technology-based solution don’t feel it too much anymore.

I believe the continued adoption of spam-blocking technology and infrastructure improvements will do two things. First, it will make the spam problem disappear for most organizations – I predict that when we ask the same question in one year, the number of organizations reporting that spam is not much of a problem will increase to at least 75%. Second, spam blocking will eventually drive most spammers out of business by changing the fundamental economics of spamming – the reduced return from spamming caused by the vast majority of this junk being blocked just won’t be worth the effort for many spammers.

I’d like to hear your thoughts on my prediction – please drop me a line at mailto:michael@ostermanresearch.com