News & Events

SPAM FILTERING – The necessary evil?

Junkmail-paperwaste-MAINA technology market research firm called The Radicati Group recently estimated the number of email users worldwide at 3.7 billion and that 269 billion emails are sent per day. This translates to around 2.4 million emails per second.

Of this, 49.7% is digital junk mail or spam and 2.3% have malware attached to them.

This means that spam-filtering systems have to sift around 269 and remove 135 billion emails a day. That is a lot of work.

If you want to know how important spam filters are to your online experience, try turning them off for just a few minutes. Your network will probably end up looking like this office below.


The good news is that in the cat-and-mouse game of cyber security, spam is one department where the defenders have kept reasonably well ahead of the attackers. And the outlook for the future is bright: machine learning is poised to take spam filtering to a new level of play.

Why am I getting more and more spam?

In spite of that though, in the last few years, most clients have reported seeing more and more spam in their inboxes in spite of better filters. Why is that so?

The main reason is that over the years, as email traffic has increased dramatically, naturally so has spam. And even though the spam filters are more effective at sifting them out, in absolute terms, the number of emails that escape the filters continue to rise.

The number of spam emails accidentally released is also determined by how the filters are configured to work. They can be set to be more stringent so that fewer spam emails would escape, or they can be loosened, and you see a lot more.

Why can’t we lockout all spam?

So why not set the filters as tight as possible so that no spam ever escapes to annoy us?

There are at least two reasons.

Many spam emails are written in such a way to look like normal emails. They may give you tips on how to get rich quickly or they may simply offer miracle cures for the middle age bulge. But these are suggestions that you may get occasionally from well meaning colleagues. Until the spam filters see a clear pattern (such as receiving enough of them) to be sure that they are spam, they cannot act.

The senders of such spam are very clever in the way they go about constructing these messages. The rules that the spam filters use are not exactly trade secrets.

Secondly, there is another side to the spam coin – the accidental filtering out of legitimate emails. Set the filters too tight and authentic mail is caught in the mesh; loosen them too much and you are inundated by spam. It is a balancing act.

And the right balance changes over time as the cat closes the loop on the mouse and as the mouse creates new tricks to evade the cat.

Add to this situation the new complexity of criminals using spam to deliver malware such as the latest WannaCry ransomware. The spam filtering mechanism deployed by HTG to remove spam now has to also check for malware, which like spam, is also fast mutating.

Spam filters are like antibiotics

The antispam story bears a lot of resemblance to that about antibiotics. If you use too strong a dose of antibiotics then the good germs are killed as well. Under-prescribe the medicine and you allow the bad bacteria to proliferate. And like bacteria, the spam and malware likewise mutate rapidly in a cat-and-mouse game. Occasionally, like in the biological world, you get a spam/malware pandemic, like the recent WannaCry outbreak.

Maintaining the right balance is a mix of art and science. To get it right takes a lot of work.

Two classes of spam-filtering services

As a result, there are two types of spam-filtering services out there:

  • The automated services which rely on the robotic spam filtering rules and processes built into their software;
  • The semi-automated ones that use most of the rules and processes built into the software but also engage specialist staff to monitor local situations and adjust the levers continually.

HTG encourages all its clients to opt for the semi-automated system of spam management. With this system, spam specialists (real people) continually observe the local spam landscape and adjust the filters to work more precisely. For example, if there is a sudden surge of spam or malware attacks from say North Korea, our cyber specialists may increase the filtering of all emails from that region.

The second method obviously gives a much better and safer outcome but can be a little more expensive. Whether this is something you need will depend on how big a cost unnecessary leakage of spam into your mailboxes is to your business.

In my view, there will not be a single business out there that would be better off with more rather than less spam. This is not only because spam costs productivity to delete but also it has such a high chance of carrying scams as well as malware that can wreak massive damage to your network.

Not happy with your spam and malware defences?

If you are suffering from an unsatisfactory level of spam or malware attack, please let us know. HTG has had a lot of experience in this field. We have specialists who can assist you with choosing the best strategy. To request a free consultation click HERE.


Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *