bodyType

customContents

entityId

entityUuid

articlePageQuery

filter

article

articleBaseAdvertisingInfoArticle

articleListArticle

articleSeoArticle

hooksArticleAcknowledgementGateOverlayArticle

hooksTrackPageViewArticle

hooksContentInterestArticle

articleLinkingDataContent

hooksAmpRedirectArticle

articleSchemaContent

liveArticle

advertZone

sentiment

contentLock

topics

types

sections

paywallTypes

createdDate

publishedDate

urlAlias

moreOnThisArticles

sponsorType

commentCount

authorLocations

authors

corrections

displaySlideShow

multimediaEmbed

printHeadline

seriesContainer

articleSpeeches

socialHeadline

headline

images

flag

firstTopic

glossary

flattenTypeIds

image

relatedLinks

relatedNewsletters

__typename

sponsor

pdfFiles

seriesReverseOrder

series

disableOffPlatformContent

published

updatedDate

summary

subHeadline

body

keywords

readingTime

customTimezone

liveContents

BILL GATES ANNOUNCED the 'death of spam' at an internet forum held in Madrid, Spain, in 2004, predicting that efforts to stem the deluge of unsolicited e-mail into inboxes would prevail within two years.

Two years on from his declaration, junk e-mail is not only far from being a problem of the past, but is being generated in far greater quantities.

At this year's ITU Telecom World being held in Hong Kong, controlling spam was deemed a priority worthy of a full-day workshop.

According to Symantec's Internet Security Threat Report released in September, 54 per cent of the monitored e-mail traffic in the first six months of this year was spam - 4 per cent  more than the same period last year.

One of the chief sources of the rising tide of spam is the proliferation of 'bot' networks, said Michael Chue,  managing director Hong Kong of Symantec.

Bot networks are large networks of compromised computers created by hackers to do their bidding. With control of these computers, the operators can spread spam  much faster, while avoiding detection from internet service providers (ISPs).

It is unknown how much spam is spread through bot networks, but Mr Chue said bot network operators usually infected computers with high-speed broadband internet connections through large ISPs.

Countries with a large broadband internet infrastructure and high internet penetration have recorded a higher number of bot-infected computers and spam traffic.

Symantec's report indicated the top three cities with the most infected computers were all in Asia. Beijing topped the list, accounting for about 3 per cent of all the bot-infected computers detected worldwide in the first six months. Guangzhou ranked second and Seoul third.

The same report also said the United States and China were the top two origins of spam in the first half, contributing 58per cent and 13 per cent respectively.  South Korea ranked fourth with 5per cent of spam originating there.

While security providers are introducing different kinds of spam filtering products to the market, spammers continue to spread unwanted e-mail in smarter ways. The use of embedded images accounted for nearly 40 per cent of all spam detected in the third quarter of this year, according to a report by threat management solutions provider Sophos.

'This trick gives spammers a better chance of having their messages read because images can avoid detection by anti-spam filters that can only analyse textual content. Image spam is often animated to further help the message bypass the filter,' the Sophos report said.

As spammers continue to find smarter ways to avoid spam filtering, ISPs and network providers are turning to e-mail authentication to tackle spam. Instead of filtering the message content in the way conventional security products do, e-mail authentication aims to identify and support only e-mail traffic which comes from a valid identity. Such systems, which have been championed by several companies, including Microsoft and Cisco, were the source of  Mr Gates' optimism two years ago.

There are many ways to authenticate a sender's domain name, including Microsoft's Send ID Framework (SIDF), which the  firm claims is helping to protect more than 40 per cent of all legitimate e-mail sent worldwide.

'SIDF confirms that each e-mail message originates from the domain from which it claims to have been sent or that it is authorised to mail on the domain's behalf,' states Microsoft's website. 'When combined with the sender's e-mail reputation, Sender ID significantly improves deliverability while substantially reducing false positives.'

Another sender identity verification protocol is Domain Keys Identified Mail, which is supported by several e-mail providers, including Yahoo, network equipment supplier Cisco Systems as well as organisations such as the Internet Society and the Internet Engineering Task Force.

'At the moment, the Internet Engineering Task Force  is focusing on one specific approach to e-mail validation, namely Domain Keys Identified Mail,' said Internet Society's public policy manager Constance Bommelaer,  who will chair the spam workshop at the ITU Telecom World 2006.

Ms Bommelaer said a Domain Keys Identified Mail  working group  had been set up. It aimed to produce standards-track specifications that allowed a domain to take responsibility, using digital signatures, as well as to publish 'policy' information on how it applied those signatures.



High-priority workshop to halt march of spam