Book Image

SpamAssassin: A practical guide to integration and configuration

Book Image

SpamAssassin: A practical guide to integration and configuration

Overview of this book

As a busy administrator, you know Spam is a major distraction in todays network. The effects range from inappropriate content arriving in the mailboxes up to contact email addresses placed on a website being deluged with unsolicited mail, causing valid enquiries and sales leads to be lost and wasting employee time. The perception of the problem of spam is as big as the reality. In response to the growing problem of spam, a number of free and commercial applications and services have been developed to help network administrators and email users combat spam. Its up to you to choose and then get the most out of an antispam solution. Free to use, flexible, and effective, SpamAssassin has become the most popular open source antispam application. Its unique combination of power and flexibility make it the right choice. This book will now help you set up and optimize SpamAssassin for your network.
Table of Contents (24 chapters)
SpamAssassin
Credits
About the Author
About the Reviewers
Introduction
Glossary

The Costs of Spam


Spam is very cheap to send. The costs are insignificant as compared to conventional marketing techniques, so marketing by spam is very cost-effective, despite very low rates of purchases in response. But it translates into major costs for the victim.

Costs to the Spammer

A report by Tom Geller, Executive Director of SpamCon Foundation, estimated that the cost to send a single spam email was as little as one thousandth of a cent, yet the cost to the recipient was around 10 cents.

The overheads in sending spam are low. The main costs are:

  • An Internet connection: There are lots of flat-rate Internet Service Providers (ISPs) offering packages at around $10/month. A spammer doesn't particularly need a Digital Subscriber Line (DSL) or cable modem service—a dial-up connection will also allow large quantities of spam to be sent. In fact, dial-up accounts are preferable, as spammer accounts are routinely shut down when complaints about spam are received. Dial-up accounts are easy to set up and can quickly be activated within minutes, but DSL typically has a lead time of days.

  • Software: Specialist spam software is essential. A normal email client will restrict the number of spam messages that can be sent, and require the spammer to spend more time in front of the computer. Spammers usually write their own software, steal someone else's, or buy one. A spammer with some technical knowledge and starting from scratch can have software ready after a week. To pay someone to develop that software would cost the spammer $1000.

  • A mailing list: Most spammers will build up their own list of email addresses. For beginners, it is possible to buy a CD with 6 million email addresses on it for around $50. Ironically, these CDs are marketed via spam email. Email addresses that are guaranteed to be currently active sell for larger sums.

  • A web server: This is an optional cost. It allows a spammer to deliver 'web bug' images to validate their mailing list. Web bugs are discussed further in later chapters. Basic web hosting packages cost less than $10 a month.

For less than $1100, plus monthly costs of less than $150, a spammer could have the software, Internet connection, and a supply of addresses required to be operational.

A single computer can send thousands of emails an hour using dial-up. Spam varies, but a typical message size might be around 6,000 bytes. On a fast dial-up of around 50Kbps, it would take one second to send this email to one recipient. It would take only a little longer to send it to 100 recipients. In other words, at least 3,600 emails can be sent in an hour. For smaller emails, the number sent per hour would be greater. Once the spammer has set up the software, they can leave the computer unattended and go and do something else; they need to invest 15 minutes of their time, and the software will continue to send spam for many hours. With three phone lines, they could work for a total of an hour, and send approximately 10,000 emails an hour or 200,000 a day.

Costs to the Recipient

The European Union performed a study into UCE in 2001. In the findings, it estimated the cost of receiving spam borne by consumers and businesses to be around $8 billion. These costs are partly incurred through lost productivity or time, partly in direct costs, and partly in indirect costs incurred by suppliers, and passed on.

The cost of spam in a commercial environment is estimated to be as high as $600 to $1000 per year, per employee. For a 50-person company, this cost could be as high as $50,000 per year. Spam emails distract or take employees time and use disk space, processing power, and network bandwidth. Removing spam by hand is time consuming and laborious when there is a large amount of spam. In addition, there is a business risk, as genuine messages may be removed along with unwanted ones. Spam can also contain unsavory topics that some employees won't tolerate.