This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Currently, email is one of the important communication ways of people and involved in many person's life in both formal; works, business and informal; personals, friends, family. Sending emails is very cheap compare to the normal post mail and very quick delivered. So from those advantages and popularity, it also cause a lots of threat in using this technology, one of them is "SPAM" email that effect ones' life in many way from the users who sending email, receiver, internet services provider, organization email technical staffs. And to resolved this kinds of problems there is one technology called "Anti-Spam" Solutions coming the through our life.
In this topic report, will represent and describing the technology, definition, features and function of Anti-Spam, situation of spam in internet world, follow by how to use this technology in the business and how it can improve the business performance. In addition, the issues or risks that managers should concern before choose, purchase and implemented in the work environment. At the final point, we will provide some additional resources for everyone who interested in this technology and some suggestion for future technology development or ways to solve the anti-spam problems.
To be more understand about Anti-Spam Technology, we may start by comparing some situations in our experience that happen in the real life:
Have you ever met this event before in your email using experience?
Have you ever got a lot of emails from someone else that you did not know them?
Have you ever got many advertising emails even you do not want too?
Have you ever open or click in to funk-email folder?
Have you ever sent some email to someone or friends but they did not get it without warning/feedback to you that those messages did not reach that people?
Or some time, it dropped to junk-email folder?
In the reverse, have you ever lost emails that someone sends to you?
Have you ever had to wait for long time before you received the email your friend sending you immediately that were happen in just some occasion?
Your mail box (organization/university) space was full and cannot receive any further emails?
Those events and problems may caused by Spam and Anti-Spam technology.
So to make clear with these problems we may start from definition.
What is Spam?
Spam can be described in a lot of ways the most simple way in which spam can be described as is it is unrequested or unwanted or unsolicited messages / email which flood the internet with many copies of the same message sent in the large amount (Bulk email/Junk mail) to people using the internet that did not choose to receive these e-mails or neither did they provide the sender permission to send messages. Mostly Spam is sent in the form of commercial advertising often of dubious products like quick get rich schemes or Viagra advertisements. Other names used for Spam are UBE (Unsolicited Bulk Email) / UCE (Unsolicited Commercial email). (Spamhaus.org &spamabuse.net)
There are many people that recognize the spam in different way as the survey from 2010 MAAWG Email Security Awareness and Usage Report, Issued March 2010, 2010 Messaging Anti-Abuse Working Group report as below table:
From 2010 MAAWG Email Security Awareness and Usage Report, Issued March 2010, 2010 Messaging Anti-Abuse Working Group
In Australia, Under the Spam Acts 2003 (Understanding spam, http://www.spam.acma.gov.au) had defined the spam as any messages does not meet three condition, Consent, identify and unsubscribe, is defined as spam and under this laws, just a single electronic message can be identify as spam without to send in the large amount or bulk.
What is the spam situation in the world?
From Ferris Research report that: The total estimate cost of spam in 2009 is around $130 billion. (Ferris Research, Industry statistics, The cost of spam, 2009, http://www.ferris.com)
And from MessagesLab Intelligence report that: In 2009, that spam global rate (Spam email compared with non-spam email) was more than 87% and around 107 billion spam email per days!!! In Australia the rate is up to 94% in some city. (MessagesLab Intelligence, 2009 Annual Security Report, http://www.messageslab.com)
We can seen that the situation of Spam is not simple as we thought and cost a lot of money in businesses and the internet world. So that one of reason of using Anti-Spam technology.
So what is Anti-Spam?
There are many definitions:
One from CircleID (CircleID, What is Anti-Spam?, Feb 28, 2006, The Famous Brett Watson, http://www.circleid.com) define that "An anti-spam system ideally rejects the messages which are both bulk and unsolicited, and allows the messages which are of specific personal relevance to the recipient (not "bulk"), including those which the recipient has expressly requested (not "unsolicited")."
Another from PC Magazine (PCMAG, Encyclopedia term, http://www.pcmag.com/encyclopedia_term/0,2542,t=antispam&i=37822,00.asp) gave the definition as "Refers to methods that detect e-mail messages that are unsolicited advertisements, called "spam." A spam filter is used to detect spam and divert it to a spam folder (junk mailbox)."
Last from Cambridge Advance Learner's Dictionary (http://dictionary.cambridge.org) define as: "anti-spam: produced and used to prevent people sending and receiving unwanted emails, especially advertisements."
Or we can simply define that it is a system that dealing with spam-email, detect it and send to junk-folder while send non-spam email to the recipient.
And what are the main features and functions of Anti-Spam?
As we've mention about spam and anti-spam so the main features and function of Anti-spam are to prevent spam/junk/unsolicited mails to mail box instead send them to junk folder or even reject or delete them from the email system according to policy.
How organization use Anti-spam solutions to improve business performace?
Some people may think that they are just some advertisements or annoying emails, they can delete them, but from the research, mention above that how spam impact to organization, it costs about $130 billion (Ferris Research, the cost of Spam, 2009, http://www.ferris.com) for all of us but how can they estimate that?
The main components are:
The loss of productivity of users by spending time inspecting and deleting the spam email from their mail box
The cost of IT help desk to helping users to dealing with spam issues
Loss productivity of the users while try to find the missing email send from someone.
And there are some events that also impact to organization such as:
Loss important emails from customers, suppliers and your colleagues
Slow Internet from full internet bandwidth utilization cause by spam.
Lost, delay, missing email due to full of personal mailbox, email system down time by full utilization of CPU or storage or network traffic deal with lots of spam emails
Cannot send emails to customer because customers' system reject company emails cause by company email system is in the list of "Spam"
The cost of organization's IT might increase cause by more hard disk or storage space needed for users' mail box contained a lot of spam mail
Cost to upgrade email servers, network, and internet bandwidth.
So if we can eliminate those problems by using Anti-spam technology that will impact and improve business performance.
Then how organizations are currently using it?
To be more understanding, we'll explain some briefly technical of sending an email from one user to another:
Internet Name Server
Source: Telecommunications Engineering and Certification Industrial Canada, Spam Task Force, Network and Technology Working Group, Anti-spam Technology Overview, May 2005.
When tom would like to send email to John
Tom start typing email and put john email address "firstname.lastname@example.org" and click send. The message will send to "Yahoo Mail Server"
Then "Yahoo Mail Server" will look in the recipient address and
asking "Internet Name Server" that what is mail server address of "Hotmail.com"
When "Internet Name Server" reply back that it's "smtp.hotmail.com"
After that "Yahoo Mail Server" will send message to Hotmail with information of
Recipient (To:) email@example.com
Sender (From:) firstname.lastname@example.org
When message arrive at "Hotmail Mail Server", it'll store email in storage.
When John checking email, by asking "Hotmail Mail Server" that any email for him
Hotmail will check and see the information "Recipient to: email@example.com" and also send sender address firstname.lastname@example.org
Finally, John got an email and knew that email@example.com sent him.
That's all the process of send email so how can organizations use anti-spam technology? They will place "Anti-Spam" servers or Anti-Spam appliance
before emails reach the "mail server"
before "mail server" send emails to others
So from that point, Anti-Spam will screen all incoming and outgoing email and find the spam before reject, delete or send to users' mail box as below figure: From European Network and Information Security Agency, ENISA Anti-Spam Survey 2009, Pascal Manzano.
But to improve Spam email detection accuracy some technique may use by difference product, one example: From IronMail, An IronMail Tech Paper, Anti-Spam Solution, July 2003.
That is not only an email fall into one detecting method will be count as Spam but it'll weight with many methods and calculate as a percentage (%) scores so technical people can decide what level or degree of email to count to be spam. E.g.:
If scores >90% then the Anti-Spam will drop (reject) message from the system.
If scores between 75%-90% may Quarantine or send to users' junk folder mail box
If scores less than 75%, the anti-spam might send to normal users' mail box.
At this part we may know what is going on while you're send email and pass through Anti-Spam and many organizations use the similar way to protect spam by using Anti-spam technology.
Because of anti-spam method that screen emails by placing before let the emails coming and going out. And the threat from email system is not only SPAM but including virus, malware, phishing, etc. So there're many features and functions that add to anti-spam equipment (May call "Email Security Boundaries") that organizations currently use them such as:
Email Anti-Virus, Anti-malware, Anti-Phishing
Content Scanning and policy enforcement
Data Loss Prevention
Source: From Symantec, Symantec Brightmail Gateway, Data sheet, http://www.symantec.com
And From Cisco, Ironport Email Security, Appliance overview, White paper, http://www.ironport.com
Issues, Risks and Challenges for managers should know about Anti-Spam:
First, Issues and Risks cause by currently Anti-Spam technology:
We can say that in the current technology and products in the market, there is not any anti-spam product that can completely solved spam-emails as seen from below figures and it sometime may cause another problem that is non-spam email faulty detected as spam email and deleted it by the system called "False Positive or Collateral Damage" (NLANR/Internet2 Joint Techs Columbus, Ohio, Email Security And Anti-Spam Tutorial, Joe St Sauver, Ph.D., University of Oregon Computing Center, July 18, 2004) that raise the problem to the users and still complaint that they still got spam emails in their mail boxes. Source from Westcoast Labs, Anti-Spam Comparison Report, January 2009.
How to solve this problem?
There isn't not 100% solutions or products in the market (And may not have) so the one solution that managers can provide is the knowledge or training from IT staffs about spam. Not too strict with incoming Spam email even it will have some spams email coming in but to make sure that all users' important emails do not loss.
Second, using the ideas from LB5002 Lecture Notes 5 and Chapter 6 of Managing and Using Information systems, Keri E. Pearlson & Carol S. Saunders;
There are some issues, risks that managers have to concern, analyze before purchasing and implementing the Anti-Spam Solutions. That is:
Technology improving and moving fast
Return on Investment (Benefits compare to Costs)
Resistance for change
Technology improving and moving fast:
To help managers making decision to use one technology, they may use "Hype Cycle" as a reference source of proper implanting time.
From "Hype Cycle for Information Security, 2006" figure below: Where is the anti-spam in the hype cycle? It can be found that Anti-spam is not a new technology and should be in "Plateau of Productivities" phase since 2008 and mean this technology is widely used or provided the real benefit to the organization.
And from another "Hype Cycle for infrastructure Protection, 2009, the E-Mail Security Boundary solution" that is the email gateway which include the functionality of anti-spam, anti-virus, outbound content filtering, data leak prevention and email encryption also in the state of "Slope of Enlightenment" that's mean some business started to use it.
Another source of reference, managers may use Magic Quadrant to know the trend of players or venders in the market and study their strength and cautions.
For example: Source from Gartner, Magic Quadrant for E-Mail Security Boundaries, 11 September 2008.
Return on Investment (Benefits compare to Costs)
Return on investment is one of the issues for organizations and it's not easy to estimate especially for the future benefits but at least managers should consider the total costs and avoid the productivity paradox.
IT Plan support Business Plan
Make sure that have IT strategy that meet Business Strategy and support Organization strategy.
For example, if email is one of the important communication methods of the business or use as tools for Supply Chain Management as
Customers' communications; customer satisfaction survey, business transaction: (to receive orders, products and services enquiry, purchase order, etc.), marketing activities: (Newsletter emails, promotion emails)
Supplier communications; parts/products information, quotation requests, order progress, news update, shipment tracking, etc.
Internal organization communication; internal business process, announcement, HR communication, events, messages from boards, team collaboration, etc.
So to invest an anti-spam technology for email system and prevent of spam problem with seem to be worth and meet with business requirements.
Total costs of Anti-Spam Solutions
Identify the total cost of anti-spam solution that is one of IT infrastructure which including costs of Product itself, installations, user and technical training, support, maintenance, downtime, server room space, electricity, cooling.
Company may save money on IT (less disk space for email server, less internet bandwidth) but IT department may request more technical staffs to operate and maintenance this new system include training and support users facing anti-spam problems.
Resistance for change
Introducing anti-spam solution may effect to the way of using email of users and users concern with their "Privacy".
So to avoid this problem, managers may Technology Acceptance Model (TAM) that is introduce and does little changes continuously until meet to goal.
Source: Managing and Using Information Systems, A Strategic Approach, Fourth Edition, Keri E. Pearlson & Carol S. Saunders, P.126
Before implementing or actual use Anti-Spam solution these steps may use:
Let them know the impact of Spams to business and themselves
To perceived "Usefulness"
Training users how to use email, funk folder with Anti-spam guideline or what this system will do with Spam and show how ease of use, with clearly policy the purpose of screening email just for preventing Spam-emails
To Perceived "Ease of Use"
In the same time IT department have to make sure that the email system and anti-spam run smoothly with better experience to use the system - less spam emails
Finally, Perceived "Behavioral to use"
Conclusion and Suggestion for future developments of anti-spam solutions:
The developments of anti-spam technology must going on and have to fight with spammer using new techniques to avoid detection such as pictures, PDF files, URL, Hyperlink and many threats faced to emails including BOTNET, virus, phishing, spoofing, fraud so it may need to combine many new technologies, function like digital image procession, artificial intelligence to fighting with spams.
Legal actions, law acts must play more important roles and can be enforce in the real world even more stronger penalty..
Finally, we think that if people have more ethics in using internet, email or doing business with IT those problems may less than the current situation.
Last, there may be a solution to stop 100% spam named "FUSSP" (Final Ultimate Solution to the Spam Problem) ïŠ