DENVER July 11, 2005 MX Logic, Inc., a leading provider of innovative email defense solutions that ensure email protection and security for businesses, service providers, government organizations, resellers and their customers, today released its latest data on corporate email security. Among the key findings, the company reported that spammers continue to adopt Sender ID and Sender Policy Framework (SPF) email authentication protocols intended to help stop fraudulent email.
In a sample of more than 17.7 million unique email messages that passed through the MX Logic® Threat Center from June 19 through June 25, 2005, MX Logic found that:
9 percent were from domains that had published an SPF record, 84 percent of which were spam sending domains; and,
0.14 percent were from domains that had published a Sender ID record, 83 percent of which were spam sending domains.
Email authentication protocols including SPF, Sender ID, Domain Keys Internet Mail (DKIM) and others are intended to help verify the origins of email at the domain level, making it more difficult for spammers and phishers to stay in business.
“Spammers continue to leverage SPF and Sender ID with the intention of making their messages appear more legitimate and to possibly avoid having their messages delivered with an onscreen notification that a Sender ID record was not found, a method Microsoft recently announced it will use on Hotmail,” said Scott Chasin, chief technology officer, MX Logic. “The strength of these protocols is further compromised by the fact that many legitimate senders have yet to adopt either Sender ID or SPF.”
Chasin also noted that industry trials of both SPF and Sender ID have raised concerns about the protocols’ effectiveness when email messages are forwarded or resent and in their ability to stop forgery of the most common user-visible mail headers. He pointed to a technical paper published by the Messaging Anti-Abuse Working Group, of which MX Logic is a member, which contains the results of more than six months of evaluation of SPF and Sender ID email authentication protocols.
“While we applaud industry efforts to develop email authentication protocols, no domain authentication protocol can guarantee that a message you receive really does come from who you think it comes from,” said Chasin. “Additionally, for any domain-based email authentication protocol to be effective, it would have to be embraced by a critical mass of domain name holders. Imposing one protocol without mass adoption could result in the unfair treatment of a large number of senders of legitimate email.”
In addition to data related to email authentication, MX Logic also issued the following findings:
Zombie Networks Account for Majority of Spam in June During June, spam sent through zombie PCs accounted for an average of 62 percent of all spam filtered by the MX Logic Threat Center. This compares with 55 percent in May and 44 percent in April.
“The continued proliferation of zombie PCs has levied a heavy cost on ISPs and email end users,” Chasin said. “Compromised PCs have resulted in millions of email users being unknowingly blacklisted, often through no fault of their own.”
Zombie PCs are neglected, “always-connected” broadband PCs that spammers hijack by installing a spam Trojan. Once infected, these zombie PCs provide worm authors with remote command-and-control spam-distribution capabilities, allowing them to create a legion of zombie computers that can pump out unwanted email and initiate Denial of Service (DoS) attacks.
“To make a real dent in the amount of spam sent globally, efforts must focus on helping service providers reduce outbound messaging abuse by identifying compromised PCs,” Chasin said.
One such effort began in May, when the Federal Trade Commission (FTC), along with 35 government partners from over 20 countries, unveiled “Operation Spam Zombies.” This international campaign is designed to educate Internet Service Providers (ISPs) and other Internet connectivity providers about hijacked, or zombie, computers that spammers use to flood inboxes.
Only 4 Percent of 2005 Unsolicited Commercial Email Complies with Federal Anti-Spam Law MX Logic also reported that monthly compliance with The Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act averaged 4 percent during the first six months of 2005. The findings are based on a survey conducted by the MX Logic Threat Center of more than 250,000 email messages since January.
MX Logic has tracked compliance with the CAN-SPAM Act since the law went into force on Jan. 1, 2004, by examining a random sample of 10,000 unsolicited commercial emails each week. On average, only 3 percent of unsolicited email has complied with CAN-SPAM since the law went into effect. Compliance hit a peak of 7 percent in December 2004 and reached an all-time low of 0.54 percent in July 2004.
“In terms of stopping spam, legislation is a blunt instrument,” Chasin said. “Its real value is that it provides enforcement power to ISPs, the FTC, state attorneys general and other government agencies. Consistently low CAN-SPAM compliance underscores the need for further progress in industry cooperation and consensus on email authentication protocols, as well as end-user education.”
Media and analysts interested in the latest CAN-SPAM compliance number can find it at
http://www.mxlogic.com/news_events/.
Monitoring billions of messages per month for over 4,300 organizations worldwide, the MX Logic Threat Center combines advanced, accurate and up-to-the-minute email defense technology and human-messaging expertise to protect MX Logic customers from spam, viruses, worms, phishing attacks and other email threats.
About MX Logic
MX Logic, Inc., provides innovative email defense solutions that ensure email protection and security for businesses, service providers, government organizations, and resellers and their customers. The company’s feature-rich solution suite is the industry’s most comprehensive, flexible and easy to use.
Founded by messaging industry pioneers, MX Logic has delivered numerous industry firsts to the enterprise spam market, including becoming the first managed service provider to: leverage Bayesian Statistical Classification; provide spam beacon (“Web bug”) blocking; offer quarantine management via email; provide corporate-level quarantine release reports that help reduce inappropriate email while decreasing corporate liability; and deliver a solution for tracking URL click-throughs from email to the Web, providing increased corporate control and security.
MX Logic processes billons of messages each month for over 4,300 organizations worldwide, including EnCana, Hyundai Motor America, ServiceMaster, The Sports Authority, Verio Inc., and YMCA. In addition, MX Logic is the only email defense company to offer both a managed service and a turnkey, carrier-grade software solution for service providers. For more information, visit www.mxlogic.com.