BT has launched an automated system to identify professional spammers and 'botnet'-infected customers on the BT broadband network.
Professional spammers will face account termination, and unwitting spammers and virus transmitters will receive help cleansing their computers of the programs that turn their PCs into "zombies". Although there remain questions over how much BT customers will benefit when they face effective disconnection and charges for technical assistance. BT has also not made it clear if it will help customers prevent their computer from becoming re-infected.
The system uses Content Forensics from StreamShield Networks and, using an in-band Content Security Gateway scanner, scans millions of SMTP emails a day. It then provides BT with detailed reports on the location and size of spam-related problems originating from BT's network.
The system shows the breakdown of normal and spam email traffic on the network and lists the top spammers in real-time. It can report on each subscriber's email activity by time of day and show how much bandwidth is wasted by unwanted or harmful traffic. StreamShield Networks claims it can identify zombie PCs with a near-100 percent confidence level. (Read a white paper about Content Forensics here.)
BT states that 80 percent of internet emails, that's about 6.5 billion a day, are spam. These unwanted emails are generated by professional spammers, and by 'botnets' - networks of rogue software-infected PCs which send out masses of spam unbeknownst to their owners. These compromised machines can also be used in turn to attack other PCs and websites. According to Symantec, 22 percent of zombie PCs are in the UK. Ironport research claims that 80 percent of Spam is sent by zombie PCs.
Stratis Scleparis, CTO at BT Retail, said: "We’re turning the tables on professional spammers and cutting off this scourge of the Internet at source." In effect, BT is saying that up to 80 percent of the emails it delivers to and carries from its customers could be spam. This is an amazing amount of wasted bandwidth. BT is hoping that Content Forensics will help save time and resources by automatically identifying spam problems, and so prevent network bandwidth being wasted on unwanted spam and virus-infected traffic.
Simon Gawne, CEO of StreamShield Networks, said BT had selected Content Forensics after extensive testing: "Our Content Forensics (product) has been developed with large ISPs such as BT in mind and delivers a powerful solution to the problem of professional spammers and botnets on ISP’s broadband networks."
Identifying infected PCs and professional spammers will enable BT to take action against professional spam operators, including the traditional response of terminating rogue accounts and adding offending IP addresses to industry-wide blacklists. The extra that Content Forensics provides is identifying zombie PCs in botnets.
Its software is designed to automatically quarantine and control infected botnet subscribers. BT can then contact them and help them clean their PCs, possibly by using a chargeable service. This will help all of BT's customers by reducing the likelihood of email traffic from BT networks being blocked by other providers and third-party email systems, the company argued. It will also help BT to avoid customer loss (churn) of botnet-infected PC owners who can no longer send email because they have been blocked by other ISPs.
However, with the automation of the service and the fact that accounts will be quarantined there remains the risk of mistakes and angry customers. Other ISPs will be watching BT' system closely to see if the telco giant can get it to work smoothly.