« Conficker wakes up to push spam and... scareware? | Main | Have we reached the Mac Malware tipping point yet? Eh... maybe? »

85% to 95% of all e-mail is spam? Yeah, that makes sense.

There is only one security problem that the average consumer will get visibly angry about, and that is spam. Well, that and identity theft, but spam ranks pretty far up there. When I tell people I work in anti-spam as my day job, I get a pat on the back and a comment about how they can't believe how much spam there is in their inbox. To reinforce what we already know, security companies publish statistics claiming that, depending upon the day of the week, 85% to 95% of all e-mail is spam. While this number is seemingly unbelievable, I can guarantee that it is correct. How did we get to the point that approximately 9 out of every 10 e-mails is spam? Paradoxically, the reason why we have so much spam is because our anti-spam is so incredibly effective today.

To understand why this number is not really that shocking, it is helpful to think of spam not as a singular entity but as a living, evolving creature that has responded to spam filters in new and unique ways. Let's imagine you are at a cocktail party in a nearly-full room with a number of people having a good time. As the evening progresses, the ambient noise in the room gets progressively louder. People respond to the increasing loudness in the room by straining their voices, and eventually the room is a 70dB cacophony of random chatter. The same kind of relationship exists between spam filters and spammers.

Spammers want to be heard, and will accept a certain rate of response to their content. Before the days of ubiquitous spam filters, they would generate content at a far lower rate, since they were getting responses at that rate. As decent spam filters became standard operating equipment on the Internet, the spammers needed to change their game to continue being heard. They did this by mutating their content and sending spam from more locations, resulting in a higher rate of delivery attempts. Again, anti-spam responded with better filters that looked at both content and the IP address of the send systems, and the spammers responded in kind by pushing their mutation rates and transmission rates further up, thus leading to these almost unbelievable spam rates.

If you are a home user, you shouldn't really need to think about this too much. Your ISP or your free webmail provider has to do at least a halfway decent job of filtering spam at this point. If your provider didn't do a good job, then they would have to over-provision their mail servers and mail stores by a factor of 10 or so. E-mail is a pretty cost-conscious business, and this kind of outlay would put them out of business. If your ISP is completely dropping the ball or you have a small business domain that is getting inundated with spam filtering, either call up the domain hosting company and complain or buy a desktop anti-spam product.

Comments (1)

rather than just take a defensive position behind spam filters, one can additionally use offensive measures by reporting the spam to knujon in order to help get the various spam operations shut down...

email address hygiene that's comparable to password best practices can also help...

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)


This page contains a single entry from the blog posted on April 11, 2009 9:58 AM.

The previous post in this blog was Conficker wakes up to push spam and... scareware?.

The next post in this blog is Have we reached the Mac Malware tipping point yet? Eh... maybe?.

Many more can be found on the main index page or by looking through the archives.

Powered by
Movable Type 3.33