STOPPING SPAM

By M. Patrick Hayes and Bradley L. Hecht of 

---

SPAM Defined

At the most basic level SPAM is unsolicited electronic communication. End users are frustrated by the vast amounts of "junk" mail in their inboxes, while ISPs and corporations struggle to block SPAM " attacks". In March of 1998 AOL released their " 10 Most Wanted Spammer List ". The list includes the names of Internet users who continue to send unsolicited e-mail in bulk format. Examples Include:

"Notoriously Nasty" Spammer Subject Line: " Free - Over 7400 Adult Sites you can access with just one password."

"LoseWeight Center" Subject Line: "Succeed in your #1 Resolution"

Government Response to SPAM

Following AOL's most wanted list the FTC released the " Dirty Dozen Spam Scams" in July of 1998. According to Jodie Bernstein, Director of the FTC's Bureau of Consumer Protection, " The Dirty Dozen list of junk e-mail is a tip-off to a rip-off". The following 12 items are the most common unsolicited forms of SPAM according to the FTC's report:

1. Business Opportunity Scams
2. Making Money by Sending Bulk E-Mailings
3. Chain Letters
4. Work-At-Home Schemes
5. Health and Diet Scams
6. Easy Money
7. Get Something Free
8. Investment Opportunities
9. Cable Descrambler Kits
10. Guaranteed Loans on Credit, On Easy Terms
11. Credit Repair
12. Vacation Promotions

In response to the overwhelming amount of unsolicited e-mail on the Internet, a volunteer group has arisen to create the " Coalition Against Unsolicited Email." http://www.cauce.org" . The organization acts as a lobbying group and informational center on the Internet. Of the eight anti-spam bills passed through the 105th Congress, all died either in Congress or in conference. There are presently 4 pending pieces of legislation addressing SPAM. Most involve monetary fines, which are virtually impossible to address, as the vast majority of SPAM is forged. E-mail forgery masks the true address of the sender, making tracking virtually impossible and in turn, making the law unenforceable. This leaves the responsibility of stopping SPAM squarely on the shoulders of end-users, ISPs and Corporate Administrators.

A Users' Guide to Stopping SPAM

The single most important thing an end-user can do to avoid SPAM is to protect his/her e-mail address, since a spammer can not send to an address that he/she is unaware of. E-mail addresses are most commonly harvested through Internet chat rooms, UseNet News Groups and from Internet Sites, which sell their registered user lists.

One approach a user may take is to not post to Bulletin Boards, participate in Chat Rooms, or Register on multiple web sites for informational purposes. Unfortunately, even if a user refrains from all of the above, a spammer can frequently guess an e-mail address based on Domain names. Many Internet users use two or more e-mail addresses for this reason, one that is kept "secretly" and given only to friends and relatives and one or more for Internet Bulletin Boards, Chat Rooms and Mailing Lists. While a second e-mail address used to be expensive, the advent of free e-mail on the Internet makes a second e-mail account a wise and free investment. Users can go to such sites as yahoo.com, excite.com, hotmail.com and many others to register for a free e-mail address, which can then be used publicly.

One measure a user can take to limit the amount of SPAM received is to set filters. The problem presented to users is the vast amount of overhead in maintaining filters, rendering them virtually useless. A user can set filters on their e-mail to reject messages from specific users or domains, a user can even set filters based on subject lines. For instance, a user can reject mail from specific users such as madspammer@widgets.com or can reject all mail from the widgets.com domain. A user can also reject any mail where the subject line is all in caps or contains specific user-defined key words. This procedure requires a great deal of manual care from the user. Given the vast number of spamming e-mail addresses, variations in subject lines and body content, blocking mail becomes much like plugging a dyke with one's thumb. As soon as one hole is stopped, another opens. Another form of filtering is to accept mail only from the addresses of friends, family and co-workers and reject all else. This method restricts the ability to receive potentially desirable e-mail, but is the best method if the user has two or more e-mail accounts.

From a user perspective there is no user-friendly SPAM blocking solution. Until the FTC is successful in legislation, users will have to either live with SPAM or take the time to manually administer blocks.

User Recommendations

• Take advantage of secondary free e-mail accounts available on the Internet. Use this address for all surveys, registrations, chat rooms, Usenet postings and any other field that asks for your e-mail address.

• Use your primary e-mail for personal and/or business related activities. Only provide this e-mail address to those you know.

• In the event your inbox becomes cluttered with SPAM, forward the offending message to the FTC. The FTC receives over 1,000 SPAM complaints a day and does take action, especially against the fraudulent mailings.

• If you find you are on an unwanted mailing list, you can usually reply to sender with a Subject Line of Remove. This will remove you from that mailing list for a period of three years. After the three-year time span has expired, you may receive the same list again.

• Make use of filters within your e-mail application. They are far from perfect but will decrease the amount of junk mail received

The Authors

Patrick Hayes is a senior research analyst with TechnologyEvaluation.COM. Mr. Hayes' research activities center on Messaging, Groupware and Workflow software solutions.

Bradley L. Hecht is Executive Vice President of TechnologyEvaluation.COM. In that role, Mr. Hecht manages TechnologyEvaluation.COM's global research process and methodology as well as its E-Commerce and Technical Infrastructure practices.

To Visit: Click Here>>>>