Security

The Problem of Fighting Spam

Despite numerous legislative, consumer and technological efforts to weed it out, experts say spam e-mail continues to proliferate, sparking increasing user irritation in the process.

In fact, the problem has worsened in recent months. “There is now 16 times as much spam on the Internet as there was just two years ago,” Gartner vice president Joyce Graff told the E-Commerce Times.

The number one reason is the global rise of Web use, which has given spammers more places to buy mailing lists and more opportunity to copy e-mail addresses from listservs and bulletin boards.

It also offers anonymous spammers new locations in which they can set up fly-by-night e-mail addresses. Moreover, they can switch easily from one location to another, making it nearly impossible to trace the true source of most mass mailings.

Like Stomping Roaches

“It’s like stomping on cockroaches in your kitchen,” Graff said. “You can get rid of some, but there are always more coming from somewhere else.”

In addition to its cheapness and easy distribution, Graff said the situation is complicated by the fact that spam comes in four distinct varieties, and a couple of the categories include mail that many actually find useful, often in corporate settings.

Graff noted that most e-mail falls into the categories of pure trash (fraudulent schemes, invalid senders and offensive product pitches); chain letters, urban legends and hoaxes; honest small-business owners just looking to make a living (the Net version of plain “junk mail”); and occupational spam from colleagues.

That last category is tough to deal with from a filtering perspective. Graff said it includes industry-related mailing lists and listserv discussions, any one of which can be extremely helpful to someone in one company department — and totally useless to those in other departments.

Lawmakers Fight Back

Fighting back is difficult because spammers are not hemmed in by state or national boundaries. In the United States, several states have enacted laws prohibiting e-mail bombardment, but those laws are hard to enforce on mail that originates outside the state or country.

Despite this conundrum, several federal bills have been proposed in Congress over the past year, although nothing has been enacted yet.

In the current Congress, the House is considering the Unsolicited Commercial Electronic Mail Act (House Resolution 95). Introduced in 2001 by Representative Gene Green (D-Texas), it would forbid the use of an Internet service provider’s facilities to send unsolicited commercial e-mail in violation of the provider’s policies, if those policies are clearly posted on a domain-name Web site.

The Senate is considering a revised version of the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN SPAM) Act. Senate Bill 630, introduced last year by Senator Conrad Burns (R-Montana), would mandate that unsolicited e-mail be labeled and include opt-out instructions. The bill also would ban deceptive subject lines and false headers.

More Pending Laws

Other measures, introduced in 2001 by the previous Congress, also are pending:

  • Anti-Spamming Act (H.R. 1017), proposed by Representative Bob Goodlatte (R-Virginia), would amend federal computer crime laws to make it illegal to send bulk e-mail with false sender addresses or headers or to distribute software that enables such activity.
  • Netizens Protection Act (H.R. 3146), by Representative Christopher H. Smith (R-New Jersey), is identical to a 1999 proposal requiring all unsolicited messages to contain the sender’s name, physical address and e-mail address as well as opt-out instructions.
  • Wireless Telephone Spam Protection Act (H.R. 113) would prohibit using wireless messaging systems to send unsolicited advertisements.

    Backlash for Marketers

    Richard Smith, an Internet security and privacy consultant for the Privacy Foundation, told the E-Commerce Times that legislative efforts are being delayed in part by disputes over what is spam and what is proper marketing activity.

    “On the legal front, it appears that things are quiet right now for new laws regulating spam,” Smith said. “It is a bit difficult to distinguish between spam and legit e-mail.”

    Smith noted, however, that a growing consumer backlash is forcing the marketing industry to take action.

    “The industry is getting really concerned that consumers will start lumping together all commercial e-mail messages in with spam messages,” he said. “Groups like the DMA (Direct Marketing Association) therefore are coming up with new rules for commercial e-mail to keep down unsolicited messages and to help consumers determine what are legit offers and what are not.”

    Legitimate But Annoying

    But Forrester Research senior analyst Daniel O’Brien said that even legitimate marketers need to reassess their use of mass e-mail pitches, which he noted have increased significantly since the September 11th terrorist attacks.

    “In the short term, they may think they’re getting an effective number of contacts for a very low cost,” O’Brien told the E-Commerce Times.

    “But in the long term, they’re ruining the market,” he added. “They’re tarnishing their brand name and contributing to the overload.”

    Consumer Strategies

    Until government or industry relief arrives, Smith said, the best way for consumers to reduce spam is to avoid listing their e-mail address in online directories or allowing it to appear on newsgroup messages.

    “They also want to limit the number of Web sites that they give their e-mail address to,” he added.

    Gartner’s Graff said most available filtering products and services have limited effectiveness. The majority do no more than create blacklists and block certain senders, but those features are defeated by senders who change names and addresses.

    However, Graff said that some software offerings — most notably Brightmail and Elron — are taking filtering to a higher level by creating and downloading spam “signatures,” much like virus-fighting programs do.

    Graff said Brightmail and Elron use sender validation codes and algorithms to determine what is spam. They also offer proactive sensing of spam behaviors, she added.

  • 2 Comments

    • Why not send offenders to prison? A spam sent to 30 million addresses results in approximately 2 seconds of wasted time for each user to observe and delete it – of course more if it is opened. Total wasted time AM ounts to minimum 694 days. A sentence of 694 days of prison seems like a fair punishment, right? Perhaps we should add lost revenue to the bill too: 16700 man-hours at, say, a mere 8$ per hour results in a 133,600 $ fine.
      That would stop spam rather quickly…

      • Putting people in prison under unrealistic conditions would be construed as excessive or unusual punishment. On the other hand I face the same annoyances of "spam" and have come to the conclusion that stiffer laws should be passed to at least put a dent in spam (junk mail).
        Spam is here and no software is going to exterminate it, nor is anyone going to expend resources to prosecute anyone outside any country that does have anti-spamming laws. Spammers would only smirk at any laws in the United States. I’m sure anyone would agree that "spam" isn’t on any politician’s mind. We are at war now, with Iraq, and spam is the furthest from any goverment entity’s mind. If we can just bear with it and come up with some solutions in combating spam in a civilized manner, we can beat it. The technology and brilliant minds are out there if someone would just tap that resource.
        Kind regards
        Lt. C. Bowen

    Leave a Comment

    Please sign in to post or reply to a comment. New users create a free account.

    What's your outlook for the business climate in 2025?
    Loading ... Loading ...

    E-Commerce Times Channels