EU urges ISPs to take action on spam

ISPs across the EU are facing the same spam problems

European internet service providers need to be more proactive in filtering spam from their networks, given that little has changed to alter spam levels in the past two years, according to a new report released today by the European Network and Information Security Agency (Enisa).

The third annual Enisa Anti-Spam Measures Survey interviewed anti-spam managers at email service providers throughout the region, and found that less than five per cent of email traffic is actually delivered to mailboxes, a figure almost unchanged from the previous reports.

Yet many of those interviewed recognised that effective anti-spam technologies are important in attracting and retaining customers and creating a competitive differentiator.

Nearly three-quarters of respondents consider spam 'extremely significant' or 'significant' for their security operations, while more than a quarter recognised that it accounted for over 10 per cent of helpdesk calls.

Anti-spam budgets are also significant, according to the survey, as a quarter of very small providers allocate over €10,000 (£8,700) annually, while a third of the largest providers spend over €1m (£870,000) a year.

Yet spam is not generally seen as a critical or urgent factor, and the number and type of technology measures employed by ISPs, including blacklisting, content filtering and sender authentication, have changed little since 2007, the report said.

"Spam remains an unnecessary, time consuming and costly burden for Europe. Given the number of spam messages observed, I can only conclude that more dedicated efforts must be undertaken," said Enisa executive director Udo Helmbrecht.

"Email providers should be better at monitoring spam and identifying the source. Policy makers and regulatory authorities should clarify the conflicts between spam filtering, privacy and obligation to deliver."

The news comes just days after security vendor Trend Micro urged UK ISPs to do more to monitor spam and malware on their networks.

Dave Rand, chief technology officer at Trend Micro, argued that ISPs in Holland and Turkey are starting to see significant results after proactively seeking to clean up their networks.

Turkish ISPs found that the number of compromised hosts used to send spam dropped from 1.7 million to zero after they embarked on such a strategy. The service providers also found that their networks are able to run much more smoothly and efficiently without this excess traffic, he said.