Welcome to WebProNews Breaking eBusiness and Search News
Advertise | Newsletter | Sitemap | News Feeds News Feed 
 WebProNews Search Part of the iEntry network iEntry inc. 

MX Logic Reports CAN-SPAM Compliance Increased To 2 Percent In August

Staff Writer
Published: 2004-09-08

WebProNews RSS Feed

MX Logic today released the results of a preliminary study showing that spammers continue to develop tactics to dodge both legal and industry-backed efforts to curb spam.

In the study, MX Logic found that spammers are trying to make their messages appear more legitimate by adopting an emerging email authentication technology, Sender Policy Framework (SPF), intended to help stop fraudulent email. The company also reported that compliance with the federal anti-spam law, the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act, rose to 2 percent in August -- up from an all-time low of 0.54 percent in July.

In its preliminary study, MX Logic found that some spammers have embraced SPF in the hope that their unsolicited email messages will be viewed as more legitimate because the messages have a SPF email authentication record associated with them. In a sample of more than 400,000 unique spam email messages that passed through the MX Logic Threat Center from Aug. 29 through Sept. 3, 16 percent had published SPF records.

SPF helps prevent domain "spoofing" in email and makes it easier to identify fraudulent email scams and "phishing" attacks by authenticating the origin of an email. Email domain owners identify their "legitimate" sending mail servers by publishing an SPF record in the domain name system (DNS). This enables email servers to validate the source of incoming email against the associated SPF record to determine if the email sender's domain is legitimate and not "spoofed."

"Our preliminary findings on the adoption of SPF by spammers should come as no surprise to those of us on the front lines of the spam war," said Scott Chasin, CTO, MX Logic. "Combating spam has historically been a cat-and-mouse game, with newly developed technologies being followed almost immediately by spammer tactics that get around the new technologies. SPF is no different. While SPF is an excellent tool for preventing phishing and fraud, it is not a cure-all for spam."

"In order for authentication to be effective against spam, the industry will need to come to agreement not only on the authentication standard to be used -- such as SPF or Sender ID -- but also on accreditation and reputation services that can vouch for the domain's SPF record as well as email sending history."

Email sender domain reputation combined with accreditation would allow for the development of a clearinghouse of information on good email senders, rather than relying on techniques to identify bad email senders, according to Chasin. Such a "guilty until proven innocent approach" to email filtering will help minimize the need for arduous email content inspection and create a "first class" category of legitimate email which can flow through email filters without interruption.

MX Logic's findings on spammers using SPF go hand-in-hand with its findings that spammers have consistently evaded legal efforts to fight spam. MX Logic has monitored compliance with the federal anti-spam law, the CAN-SPAM Act, since it went into effect on Jan. 1, 2004. Since then, monthly compliance has ranged from a high of 3 percent from January through April to July's low of 0.54 percent. While CAN-SPAM compliance increased to 2 percent during August, the amount of spam also increased. Of all email traffic through the MX Logic Threat Center during the month, 92 percent was spam -- up from 84 percent in July.

"I wouldn't read too much into last month's increase in CAN-SPAM compliance. Compliance with the law has always been negligible and the August data doesn't refute this trend. Two percent compliance is a minor uptick -- not a meaningful surge," Chasin said.

"We have always maintained that having an anti-spam law on the books was only one part of a multi-faceted solution to spam," Chasin said. "Until the remaining pieces of the puzzle fall into place -- namely, continued improvement in technology, industry cooperation on authentication, reputation and accreditation, and end-user education -- spammers will continue to flout the law."

The CAN-SPAM Act requires that unsolicited commercial email senders:

-- Ensure that the "FROM" line clearly reflects the sender's identity

-- Include subject line text consistent with message content

-- Include the advertiser's valid postal address

-- Contain a working opt-out mechanism as a way for the consumer to decline to receive further commercial email from the sender

MX Logic tracks compliance with the CAN-SPAM Act by examining a random sample of 10,000 unsolicited commercial emails each week.

Powering MX Logic's email defense solutions is the MX Logic Threat Center, a sophisticated streaming-data environment where MX Logic monitors the global state of email communication 24 hours a day, seven days a week, and provides MX Logic's customers with real-time updates and protection. Led by email security experts with extensive experience in protecting messaging networks, the Threat Center provides dynamic email defense -- staying ahead of the next attack by continually incorporating information about the latest spammer, virus and worm tactics.

Receive Our Daily Email of Breaking eBusiness News

About the Author:
WebProNews | Breaking eBusiness News Your source for investigative ebusiness reporting and breaking news.

WebProNews RSS Feed

More Articles

Contact WebProNews


Targeted Information for Business
WebProNews is part of the iEntry network

Internet Business: Marketing: Small Business:
WebProNews MarketingNewz SmallBusinessNewz
WebProWorld AdvertisingDay PromoteNews
EcommNewz SalesNewz EntrepreneurNewz

Software: Search Engines: Web Design:
WebMasterFree Jayde B2B DesignNewz
NetworkingFiles SearchZA FlashNewz
SecurityConfig SearchNewz WebSiteNotes

Developer: IT Management: Security:
DevWebPro ITManagement SecurityProNews
DevNewz SysAdminNews SecurityConfig
TheDevWeb NetworkingFiles NetworkNewz

The iEntry Network consists of over 100 web publications reaching millions of Internet Professionals. Contact us to advertise.

 Advertise | Contact Us | Corporate | Newsletter | Sitemap | Submit an Article | News Feeds
 WebProNews is an iEntry, Inc. ® publication - $line) { echo $line ; } ?> All Rights Reserved
About WebProNews
WebProNews is the number one source for eBusiness News. Over 5 million eBusiness professionals read WebProNews and other iEntry business and tech publications.

WebProNews provides real-time coverage of internet business.

Free Email Newsletters:
WebProNews SearchNewz
WebProWorld DevWebPro
Marketing SecurityNews
Plus over 100 other newsletters!

Send me relevant info on products and services.

Ten most recent posts.

Featured Software

WebProNews in the News
View all recent mentions of WebProNews from around the world!

Recent Articles On ...
Google eBusiness
Yahoo Ask Jeeves
MSN Blogs
Search Engines Blogging
Affiliate Programs Marketing
eCommerce Advertising
eBay Sun Microsystems
AOL Adsense
Microsoft Adwords
Oracle IBM
Amazon Apple
SEO iPod
Adsense XBox
PR Adobe

iEntry.com WebProWorld RSS Feed WebProWorld Contact WebProNews Print Version Email a friend Bookmark us