This represents the highest monthly compliance to date and an increase from 4 percent compliance in October. Seventy-five percent of all email traffic through the MX Logic Threat Center in November was spam.
"Nearly a year after President Bush signed the CAN-SPAM Act, compliance remains marginal, while the overall volume of spam has increased steadily," said Scott Chasin, chief technology officer, MX Logic.
The company also reported that within the last three weeks, a prime online holiday shopping period, spam sent through so-called zombie PCs climbed as high as 69 percent in a single day. Zombie PCs are neglected, "always-connected" broadband PCs that spammers hijack by installing a Trojan. Once infected, these zombie PCs provide worm authors with remote command-and-control spam-distribution capabilities, allowing them to create a legion of zombie computers that can pump out unwanted e-mail and initiate denial of service (DoS) attacks.
"The CAN-SPAM Act might have deterred some part-time spammers," Chasin said. "However, our data indicate that the act has had little impact on sophisticated spammers, who continue to leverage networks of hijacked PCs, as well as other tools to disseminate unsolicited and often fraudulent email."
"While the law is invaluable in providing tools to seek criminal and civil recourse against spammers, no one expected the law to solve the spam plague," Chasin said. "We need continued progress in anti-spam technology, industry cooperation in improving authentication and security protocols, as well as end-user education. At the end of the day, an educated end-user is the first line of defense against spam and other email threats."
MX Logic has measured CAN-SPAM compliance each month since the law went into effect on Jan. 1, 2004. Monthly compliance has ranged from a low of 0.54 percent in July to November's high of 6 percent. The company tracks compliance with the CAN-SPAM Act by examining a random sample of 10,000 unsolicited commercial emails each week.
