Establishing Digital Trust: Don't Sacrifice Security for Convenience
A new report details how junk e-mail that bounces back to uninvolved third parties can cause disruptions and outages.
A nasty side effect of spam and e-mailed viruses is costing companies an estimated $5 billion per year in IT resources, according to security services company IronPort.
The culprit: Bounced e-mail message warnings sent from servers advising an e-mail sender that the e-mail they tried to send was undeliverable.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=iSince virtually all spammers and scammers do not use their own return addresses on the junk mail that they send, many bounce messages actually end up in an innocent third party's system.
This may sound like a trivial annoyance, but according to a study conducted by IronPort, which offers an e-mail filtering service to corporate customers, 55 percent of the Fortune 500 companies have had a disruption in service or a full-scale network outage due to their networks being flooded with bogus bounce messages.
"This is e-mail's dirty little secret," said Patrick Peterson, IronPort's vice president of technology.
"Everybody knows about spam and viruses. But people don't think about bouncebacks as being a problem. And the people who do know... well, no one wants to share the fact that they're very vulnerable to a denial of service attack from bounces."
E-mail protocols were designed in a more innocent time when most users were scientists, academics and technology mavens who respected Internet etiquette.
Sadly, the protocols that worked so well 10 years ago are increasingly being abused by spammers to pump their junk into in-boxes with unfortunate results for communications systems.