Sunday, July 15, 2007

Anti-Spam: Gateway vs. Desktop

The argument over where the battle against spam should be fought - on the desktop, or at the gateway - goes back to the dawn of Internet time.

There are two parts to the argument over which approach is best: the first is a "cost" argument concerning the cost of allowing terabytes of spam to travel across a network to the desktop. The second part concerns the "value" of an ISP or consumer portal's email address.

Scanning for spam at the gateway is by far the most sensible and efficient method from the point of view of network management and bandwidth utilization. Authentium partners with the three leading gateway antispam service providers, as ranked by Gartner, and we scan somewhere north of four to five billion emails every week as part of this process.

The ROI provided by scanning at the gateway is easy to visualize, and form the basis for many an "ROI Calculator" out there on the web.

Assuming a spammer targets 1m subscribers of a broadband ISP or retail portal with 100 spam emails in the course of a week-long "campaign", each containing a 12k attachment (i.e. virus or dropper or other form of malware) = 1.2MB of bandwidth x 1m end points. That's 1.2 terabytes worth of unnecessary data moving through the network - not including the potential upstream traffic created by zombified user PCs.

Is 1.2 terabytes of data traveling over a wholly-owned network really that much of a problem? Yes, it is. Service level demands are rising rapidly as video viewing moves increasingly to the small screen and P2P technologies such as BitTorrent continue their rise.

On Friday nights at 10pm, you need every bit of available bandwidth, because slow service = more calls. Gateway spam filtering is a proven way to improve service levels and help reduce call-volume.

The "value of an ISP domain or consumer portal email address" is a far more interesting argument from a business standpoint. Oftentimes, an ISP or portal's email address is cited by bankers as the core credential and most important source of value for that company.

Many ISPs and consumer portals utilize highly-effective gateway scanning and market these email addresses as "safe havens" from spam.

I heard a great example of the power of this approach yesterday while listening to the Kim Commando Show on the radio - IMHO, the best consumer-oriented computing show on the air. An ISP subscriber called up complaining that his ISP in North Carolina was letting through up to 400 spam emails a day.

Kim didn't waste any time. She gave him extremely sensible advice: lose that ISP (and email address) and get another email address from an ISP willing to demonstrate that they value your privacy, time, and patronage, by providing you with a safe haven address.

I would imagine the caller took this advice, and now that ISP (the name of which was mentioned on air) and possibly several hundred more of its subscribers are shopping for a new ISP.

Could happiness have been achieved using desktop antispam software? Yes, but the same level of happiness is possible simply by moving to Yahoo, or any other email portal that implements a decent gateway policy.

At the end of the day, while desktop antispam is capable of decreasing spam for consumers, the only sensible solution for an ISP wishing to grow or retain value for its email address - a core strategic asset - is to adopt the best technology they can at the mail gateway.

Note: Over the past few years, we have licensed in several "best-of-breed" desktop anti-spam technologies at the request of clients, and set about implementing them as part of ESP.

Despite the general excellence of these technologies, we haven't yet been asked to deploy them - smart ISPs know the value of building a solid email offering, and filtering at the gateway. Smart consumers appreciate having at least one email address that doesn't bite back, and stay longer with those companies that provide them.

No comments: