Security Ripcord

Admit It – Email is Broken

May 6th, 2007 cutaway Posted in Helpful | 1 Comment » 820 views

The Security Catalyst Community just released the results of their first survey titled “Five Minute Survey on Messaging Security.” Although the results are not surprising one thing did catch my eye and I had to write a response. In case you do not want to register for the Security Catalyst Community (although I recommend that you do) the following is the content of my rant. If you would like to see the survey, however, you will have to log into the community.

Okay, I’ll start the questions on this.

This statement really stuck out when I read it:

Quote:

IronPort: “Good performance. Average inbound messages per month to the IronPorts is about
31 million, of which only approximately 800 000 messages are allowed through as legitimate.
Don’t consider spam to be a problem.“

This does not make much sense to me. I know that the author is saying that because they are using IronPort they don’t experience much SPAM in their inbox. But how can they not consider SPAM to be a problem. Only 3% of what they are receiving is legitimate. This means that 97% is just sucking up their bandwidth. For ISPs who charge by the amount of data that traverses the network this is great. They are making revenue off of nothing. Do any of you hear that great big sucking sound?

I am starting to get the feeling that the products that filter the SPAM for us are lulling us into a false sense of security. We are always playing catch-up by merely responding to the changes SPAMMERS make to get through our defenses. And the customers are satisfied when the products they have purchased work and they understand there will be periods when the systems need to be reconfigured to detect and block new versions of SPAM.

97% Illegitimate traffic. This system is broken, people. Something needs to change. But we have to stop kidding ourselves.
Cutaway

Go forth and do good things,
Cutaway

Technorati Tags , , ,
Help support my training and travel to security conferences. Get your SANS Training and GIAC Certifications through the Security Ripcord.
Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported.

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Admit It – Email is Broken”

  1. www.andrewhay.ca » Suggested Blog Reading - Monday May 7th, 2007 Says:
    May 7th, 2007 at 12:04 pm

    [...] Admit It – Email is Broken – Fine…I admit it! The Security Catalyst Community just released the results of their first survey titled “Five Minute Survey on Messaging Security.” Although the results are not surprising one thing did catch my eye and I had to write a response. In case you do not want to register for the Security Catalyst Community (although I recommend that you do) the following is the content of my rant. If you would like to see the survey, however, you will have to log into the community. [...]

Leave a Reply

« HITBSecConf 2007 – Update
Automated Security Scanning Considerations »