Postini: Spam Building Muscle
Spam and its attendant risks are only going to get worse in 2005, an e-mail security assessment report released by Postini this week said.
Despite new technologies and laws introduced in 2004, the threat of phishing
attacks, zombied
"The spam problem is far from 'solved,' and I think everyone realizes this,"
said Chris Smith, Postini's senior product marketing director. "You know,
we've thrown everything but the kitchen sink at this problem."
He points to several actions taken by the tech industry and the U.S.
government to halt, or even slow down, the growing spam problem: the
CAN-SPAM Act, the controversial law that went into effect in January 2004;
the rise of new technologies like Sender ID for E-Mail and DomainKeys; and
court sentences handed down to convicted spammers.
Technologies like Postini's managed e-mail security service, software
solutions from Symantec or McAfee or appliance-based e-mail security from
companies like CipherTrust, haven't really put a dent in the overall spam
problem, Smith said.
Postini's results, gathered from its more than 4,200 customers who generate
roughly 400 million e-mail connections every day, found other trends in
2004:
Another statistical trend reported by Postini is that
the size of a company and its industry helps determine how much spam a user gets.
Postini reported that companies with fewer than 100 e-mail users received
35 spam messages per day, per user. Enterprises with more than 10,000 employees, however,
received fewer than three per day, per user.
E-mail users in particular
industries are susceptible to more spam, with publishing and advertising
industries receiving more than 25 spam e-mails per user, per day, while
employees in the pharmaceutical, electronics and food and beverage
industries receive about one spam message per user, per day.
Smith said spammers target smaller companies because
they expect the defenses there to be less stringent than at larger companies or because
smaller companies are less disciplined about protecting e-mail addresses.
How the 2004 results fare in the business world hasn't been
determined. But Matt Cain, an analyst from the Meta Group, said that in the
vendor world it will mean more consolidation within the industry.
He said e-mail security vendors will have to be able to deliver their
product on two of three delivery models available -- software, hardware or
hosted -- and he expects the latter two will gain ascendance over the
former.
As the sophistication of e-mail-delivered attacks increases, Cain also said
vendors will need to provide a more all-in-one solution to customers who are
looking for a single vendor to provide a complete e-mail security option.
"Buyers are incredibly fed up with going to multiple sources for multiple
virus and DoS and MTA