Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

How to curb junk email AND protect network capacity

  • 07 February, 2007 09:00

<p>By Ben Corby, Technical Director, TotalBlock Pty Ltd</p>
<p>When Australians returned to work after the summer holidays, around 95 per cent of email directed at their personal and business in-boxes was spam, according to the latest statistics.</p>
<p>Global anti-spam solution vendors confirm that spam volumes rose between 100 per cent and 120 per cent during 2006 with worse to come this year. The deluge continues to intensify despite the confident prediction two years ago by Microsoft Chairman Bill Gates that spam would be under control by 2006. Today the problem has reached levels that are affecting global business communication.</p>
<p>There are many reasons why email volumes have become unmanageable, but the predominant one is that unwanted mail has become self-perpetuating. Initially it was only a nuisance, to be read and discarded. Now a recipient can receive an email that will use his or her computer to send out more mail, including names in the victim’s address book, so friends and business associates are impacted too!</p>
<p>The senders often collect email addresses by harvesting. This involves a server sending hundreds and sometimes thousands of messages to an email system with varied user names. Sooner or later, the combination will succeed. Harvesting can increase mail traffic to a server far beyond any previous limits and render the server inoperable. Harvest attacks are always random in timing and duration.</p>
<p>This results in a huge daily volume of unwanted mail as harvesting is passed from server to server worldwide, from box-to-box and user-to-user, clogging commercial arteries with useless traffic.</p>
<p>More than one-in-five British consumers (22 per cent) has purchased software in response to spam email, according to a study by Forrester Research sponsored by the Business Software Alliance. The survey found that a substantial minority of punters are quite happy to make junk mail purchases across a broad range of products. Other popular junk mail purchases included clothes and jewellery (23 per cent), leisure and travel (20 per cent), finance (18 per cent), adult content (8 per cent), pharmaceuticals (8 per cent) and "business opportunities" (8 per cent).</p>
<p>Clearly, the spam threat will persist while people continue to buy items promoted by the spammers. A more sinister side to spam is the use by criminal spammers of botnets - hijacked computers that generate huge volumes of spam - and the increasingly sophisticated methods criminals are using to elude spam-filtering technology.</p>
<p>Most unwanted mail is potentially hazardous in a number of ways, not the least of which is the inclusion of viruses, trojans or spyware that might render a victim’s computer unusable, or steal critical personal information such as banking details.</p>
<p>However, the techniques being used by spammers to fool filters, including the use of images instead of text, fail when confronted by the challenge-response method of dealing with spam. Yet this blocking technique, which is capable of reducing spam to a fraction of a percent of all email entering the in-box, is still being ignored by major vendors, large corporations and governments alike.</p>
<p>Blocking also eliminates the problem of lost productivity when users fail to receive emails they expect because the emails have been waylaid by spam filtering systems. The process of releasing these lost messages can be time-consuming and annoying. The problem with traditional filtering systems is that they are arbitrary. For example, a legitimate user can send a dozen emails to a recipient over time, and they will all get through; then filtering will pick on the 13th and send it to a quarantine folder.</p>
<p>Unlike spam-filtering solutions that can allow up to 5 per cent of unwanted emails through to the in-box and hold up a small percentage of wanted emails, TotalBlock’s challenge-response technology stops all unwanted computer-generated emails.</p>
<p>Challenge-Response the best defence</p>
<p>Users must choose one of two approaches when creating a system to manage unwanted mail. Available solutions either read the mail, filter it according to content and put suspect mail into a specific folder. Or they challenge an unknown sender to identify him or herself, a process known as challenge-response. I am a firm advocate of challenge-response, believing it to be the best defence against unwanted mail.</p>
<p>Indeed, when TotalBlock Chairman Peter Stewart asked me to research and create an anti-spam solution for our own company’s use, I found challenge-response to be the only option worth considering. The solution proved to be so effective that we packaged and marketed it as TotalBlock, so that other users might benefit too.</p>
<p>A company’s email server is its first line of defence against the volume of rubbish email and those who aim to maintain the volume. So is there anything that a server can do to increase its defence? Certainly, and any worthwhile system will incorporate these techniques in its operation.</p>
<p>Challenge-response provides some real advantages in network capacity management. It allows users to reject unwanted mail at the server. They can do this by using the SMTP protocol to refuse the message completely, preventing over 90 per cent of email traffic from even entering the network.
Further, challenge-response eliminates the need to archive unwanted email. Since spam emails don’t enter the network, they are not archived. This benefits large organisations that receive high volumes of mail. In most cases, more than 90 per cent of the mail is rubbish.</p>
<p>Most junk email comes in waves, often from the same server. If a server sends more than a certain number of unsolicited messages to the same address in a given period, it is practical to stop challenging the messages and simply reject them.</p>
<p>Finally, if a server notices that there are multiple “rcpt to:” messages, as is the case in harvesting, then the server can slow down its response, reducing the load on the server and the effectiveness of the harvesting. Harvesting systems will usually give up and go away.</p>
<p>All these approaches help to reduce the load caused by unwanted mail and harvesting, and assist in using network capacity effectively. It is no longer practical to increase network capacity to allow for unwanted email traffic, because the traffic simply will increase in line with capacity. These days it is essential to stop the traffic and manage the load by other means. If people are ceasing to use the Internet due to its frustrations and dangers, it’s up to the designers and implementers to provide better mail management.</p>
<p>For more information</p>
<p>Ben Corby, TotalBlock Pty Ltd (02) 9437 9800</p>

Most Popular

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release