Europe's Spam War Stalls
Europe's ISPs are just about holding their own against the global spam barrage, a Europe-wide report has found. Put another way, things are not getting better, but are not getting any worse either.
Judging from the 2009 ENISA (European Network and Information Security Agency) spam survey of ISPs across 27 EU states, ISPs spend substantial sums trapping spam before it gets to the end user, mainly because they have to to keep customers. Small providers spend at least 10,000 Euros ($14,100) fighting unwanted messages, while large companies will exceed seven figure euro sums to do the same.
What most customers probably don't realize is just how many layers of filtering and technology it takes to reduce spam -- which is now 95 percent of all e-mail sent, says ENISA -- to the cleansed inbox most users now experience without causing false positives.
These include reputation databases, active blacklists, source analysis detection, sender authentication, content filtering and also by reacting to specific complaints from users.
If ENISA has a gripe it's that none of this seems to be making much headway on the problem.
"Spam remains an unnecessary, time consuming and costly burden for Europe. Given the number of spam messages observed, I can only conclude more dedicated efforts must be undertaken," said ENISA executive director, Dr Udo Helmbrecht.
"Email providers should be better at monitoring spam and identifying the source. Policy-makers and regulatory authorities should clarify the conflicts between spam-filtering, privacy, and obligation to deliver."
Part of the problem may be precisely the customer focus of the ISPs, which spend more time stopping email getting through to their customers than sent (inadvertently or not) from their customers. Sixty percent reduce or prevent spam sending when certain mail thresholds are breached or by simply blocking outgoing email on port 25, but it's not clear how often or consistently such rules are applied.
Only this week, Trend Micro published its own statistics on the volumes of botnet spam being sent from European countries, including the UK, and the figures weren't pretty. Simple measures such as keeping users informed when a problem was detected and blocking port 25 (which nixes the port on which spam is typically sent from hijacked PCs) seem in reality to be exceptions to the norm.
Conclusion: Europe's IPSs say they do such things when they talk to agencies such as ENISA, but Trend's stats suggest otherwise. Not coincidentally, ENISA is promising a report in the coming months which will analyse the spam phenomenon from the botnet perspective. It should make interesting reading.