Spam now accounts for half of all internet email traffic, however anti-spam chief Enrique Salem is confident the problem will be licked in the next three years.
Salem, president and CEO of anti-spam vendor Brightmail, is in New Zealand talking with industry groups and working with TelstraClear which has just bought the Brightmail service (see TelstraClear uses humans to clear spam) and will be filtering email for both ClearNet and Paradise from September 8.
"We process around 10% of the world's email and I can tell you it's grown from accounting for about 8% of traffic in 2001 to more than 50% today."
Salem says the problem won't go away completely, but will be manageable.
"If you only got a few spam a day you'd be happier with that, wouldn't you?"
Salem says it takes a combination of technologies and a combination of strategies to defeat spam.
"There's no silver bullet. You need laws to deter spammers. You need technology to block spam and you need the direct marketers to adopt best practices so they avoid sending spam in the first place."
Salem says direct marketing associations will promote "opt out" practices while calling them "opt in" and that has to be stopped.
Brightmail adopts a multi-layered approach to the technology of blocking spam.
"From a technical point of view you've got to work on the source of the spam, the content of the spam and the 'call-to-action' of the spam."
Brightmail does that by blocking spam from known spam sources; scanning the content for heuristic triggers that identify the email as spam and also looking at what the email asks the recipient to do.
"For instance we know that 90% of spam carries an embedded URL. We can scan for those URLs and block emails that carry them with a high level of confidence that they'll be spam."
The flip side of any anti-spam policy is the potential for false positives - that is, identifying an email as spam when it is legitimate.
"If you're an IT manager and you start blocking legitimate spam, you're in danger of losing your job, it's as simple as that."
Salem says Brightmail has a false positive rate of only one email in a million, a record he says the company works hard to maintain.
"We have our Probe Network where we place real email addresses with our clients that are never used for anything. Any email to those addresses are automatically tagged as spam and that can be used across our network to alert others to the next wave of spam."
Heuristic signatures are updated every "10 to 15 minutes" which Salem believes is more than frequently enough to defeat most new types of spam.
Salem has also spoken to a number of governments on the matter and says legislation is a vital element as well.
"But this is a worldwide problem. We could enact legislation in the US today that would make spam illegal but the spammers would simply move to South East Asia, to Argentina, and so on. We have to all work together on this one."
Salem will be talking today with InternetNZ and the Direct Marketing Association about their ideas on spam.