posted on Wednesday, February 10, 2010 5:37 AM
A recent article asserts with its title that “95% of email is spam.” The article backs up its title with information gleaned from a recent study conducted by the European Network and Information Security Agency (ENISA) on the subject of spam:
The European Network and Information Security Agency (ENISA) released its new spam report which looks at spam budgets, impact of spam and spam management. The survey targeted email service providers of different types and sizes, and received replies from 100 respondents from 30 different countries, throughout the EU (26/27 EU Member States); and 80 million mailboxes managed. The survey analyses how e-mail service providers combat spam in their networks, and identifies the state of art in the fight against spam.
…
Less than 5% of all email traffic is delivered to mailboxes. This means the main bulk of mails, 95%, is spam. This is a very minor change, from 6%, in earlier ENISA reports.
The report also indicates that junk e-mail, i.e. SPAM, has a more significant impact on infrastructure costs and management than it does on bandwidth. Symantec also released a report last year indicating that 90% of all e-mail was junk. Much of those costs come from the hardware and software necessary to scan worthless e-mail for viruses and other malicious content. In order to keep performance at an acceptable level, it may require additional investments in more powerful hardware or more hardware running more copies of anti-virus scanning software, which incurs additional licensing costs from the operating system through the packaged software solution.
If an organization could reduce the amount of junk e-mail that must be processed by the infrastructure, it’s quite likely that the costs associated would also be reduced. Eliminating 60% of all junk e-mail from requiring corporate resources, then, should provide a significant reduction in the necessary hardware and software required to scan and assure the overall quality of the remaining e-mail.
The BIG-IP® Message Security Module is a reputation-based, perimeter anti-spam solution integrated into the application delivery control network. The module leverages reputation data from Secure Computing's TrustedSource™ multi-identity reputation engine, which allows it to extend security for message applications to the edge of the corporate network and eliminate unwanted e-mail.
What message security does is check the reputation of the e-mail sender before the mail can enter the data center and rejects those messages that are identified as SPAM based on the behavior of the sender and associated domain. This prevents junk messages from being processed by the mail infrastructure, consuming valuable resources and taking up space on expensive storage systems due to retention policies. Reducing the volume of messages that must be processed by the infrastructure – especially anti-virus scanning systems – can significantly reduce the costs associated with mail infrastructure through decommissioning of the hardware and software necessary to support the extraordinarily high volume of SPAM processed by organizations every day.
Message security further enhances the security posture of e-mail by reducing the number of potential attack vectors through which phishing and malware can be delivered. Employee education is the foundation upon which e-mail security should be based, but eliminating the possibility by not delivering phishing and malware-laden e-mail to end-users enhances the overall success of mail security initiatives.
You can find more information about BIG-IP Message Security Module (MSM) here, and read about how F5 uses its own solutions to significantly reduce the volume of illegitimate messages processed by its own infrastructure in this case study.
Related resources:
