Commtouch Survey: Nearly 90 Percent of Service Providers Have Had IPs Blacklisted in the Last 12 Months

Security Research & Analysis

Today, Commtouch published results of a poll among recent Don’t Risk the Blacklist – Stop Outbound Spam webinar participants. The December 4th poll of the Commtouch webinar attendees shows that nearly 90 percent of their respective organizations have had an IP address appear on a blacklist in the last 12 months.

Poll_1312_RGB_commtouch_web

The most common reason for blacklisting remains outbound spam, with the most popular outbound spam sources being:

  • Zombies, which are responsible for sending approximately 85 percent of all unwanted email messages, send spam directly to the Internet using port 25
  • User accounts or domains created exclusively for spamming
  • Cybercriminals using compromised user accounts to send out spam

 

Spam is easily traced to the sending IP range, resulting in the addition of this range to Realtime Blackhole Lists (RBLs or IP blocklists). Most service providers use these blocklists to enforce message blocking rules – and as a consequence, legitimate email sent from these ranges gets blocked.

Being blacklisted often has a significant business impact, including:

  • Removing the addresses from blocklists takes time and resources
  • Legitimate email senders drain support staff time with complaints
  • In a worst case scenario, customer churn is caused by the reputational damage

 

“Traditional approaches, such as blocking port 25, reversed inbound spam filters, or throttling, have limitations – and are ineffective in the end because they treat symptoms, but not the underlying problem,” said Lior Kohavi, chief technology officer at Commtouch. “Therefore, it is important to protect mail systems with a specialized outbound anti-spam solution that also pinpoints the spamming source. As the common characteristic of all spam is mass distribution, such a solution must be able to detect local and global recurrent patterns.”

During the live webinar, Commtouch probed what process aggrieved parties set up to get their IP addresses removed from blocklists. Half of all interviewees stated phone calls and emails sent by their operations department helped to remove their address. Another 38 percent said, “We make it up as we go along,” when asked how their organization handles blocked addresses. Only 13 percent of the participants stated they would not have to do anything because there were automated processes in place. None of the participants chose the answer “No process, as we never get blacklisted.”

The Commtouch poll results clearly indicate that outbound spam is omnipresent and causes significant issues and cost for businesses of all sizes.

 

Here you can find the free recording of Commtouch’s webinar “Don’t Risk the Blacklist – Stop Outbound Spam.”

Here you can download a free whitepaper on Outbound Spam.

Further information about the Commtouch outbound anti-spam solution can be found here.

Go back