Slashdot Mirror

← Back to Stories (view on slashdot.org)

What Is The Real Cost of Spam?

Posted by timothy on from the human-depravity dept.

securitas writes "The NY Times has a nice feature about the diverging estimates of the costs of spam (Google). The estimates vary widely from $10 billion to $87 billion per year for American workers, and even more for global costs. Critics say that research firms' estimates vastly overstate the actual cost of spam. Public institutions like Indiana University have to be sensitive to the First Amendment rights of the spammers. And at companies like Nortel Networks, security architect Chris Lewis says that the real economic burden is the 10 to 15 percent - 5,000 to 10,000 messages a day - of the spam that still gets through, which costs the company about $1 in lost productivity per message. The costs can be much higher if a top executive is upset or mad about spam. "If someone in senior management gets spammed," Mr. Lewis said, "it could take 20 or 30 hours of everyone's time, up and down the chain." A chart of the per user amount of spam and the time spent processing it, as well as the varying estimates of the per user cost of spam are included in the article."

3 of 316 comments (clear)

  1. Re:Let's say it's $1B by schon · · Score: 3, Informative

    Well, if the spammers are costing more money than they are generating then they too are hurting the economy, and rules need to be made to regulate them.

    The whole 'frea speach' issue is a red herring, used by spammers to make stupid people take pause before doing something.

    The first amendment guarantees the right to say whatever you want, but it does not guarantee the right to use other people's resources to say it.

    There is NO first amendment issue regarding spam.

  2. Stupid System Administrators by sirket · · Score: 4, Informative
    I have said this before, and I will say it again:

    If people would set up their email servers correctly, I could eliminate 99% of the spam from my systems. Unfortunately, a bunch of administrators seem to feel that they do not actually have to configure their systems correctly. If I want to be able to receive mail from them, then I need to open my server up and allow misconfigured servers to talk to it. Guess who has the majority of (usually intentionally) misconfigured servers. You guessed it, spammers.

    Getting rid of spam is simple. Stop bitching about it and fix your own damned mail server.

    Do you:
    1. Have a postmaster account?
    2. Have an abuse account?
    3. Have reverse DNS?
    4. Have matching forward and reverse DNS?
    5. HELO with your server's Fully Qualified Domain Name (FQDN)?
    6. Use a FQDN at all points during the transaction?
    7. Have an A Record in DNS for those FQDN's?
    8. Have proper MX records?
    9. Use strict RFC821 envelopes?
    10. Reject unauthorized command pipelining?
    11. Reject non-existent sender domains? (joe@doesnotexist.com)
    12. Reject invalid HELO names (Either non-FQDN's, HELO names that do not resolve, HELO names that do not resolve to the IP address of the connection, or hosts that use a numeric HELO without brackets)
    13. Accept email for postmaster@a.b.c.d (Where a.b.c.d is the external address of your email server and e.f.g.h is the internal, non-NAT'd address). Many hosts fail this test (Though this is not something that you, as the receiver, would be checking.)

    Just my two cents.

    -sirket

  3. Re:A dollar a message by dubl-u · · Score: 3, Informative

    think of the _interruption_ time it involves.

    According to an IBM study quoted in McConnell's Rapid Development, it takes the average programmer 15 minutes to recover fully from an interruption.