The way things are going, it looks like spam will make up 99.9% of all e-mail before too much longer.
The onslaught of spam (and the viruses and spyware that it often carries with it) is turning a significant number of people away from the Internet. In a survey of
U.S. consumers conducted by
Osterman Research from Jan. 18 to 20, more than one-third (34%) said spam, spyware and related problems had reduced their use of e-mail or the Internet “a bit,” with another 10% saying they’d reduced their use “a great deal.”
According to the research firm’s president, Michael Osterman, mail-monitoring companies
say
88% of all e-mail in 2004 was spam. And estimates indicate that the
figure will reach 92% in 2005. Hmm, does that mean we’ll hit 100% by 2007?
But there may be some good news. Antispam experts attending a recent conference expressed some optimism that they may finally have some tools to dramatically reduce spam, if not eliminate it.
A Who’s Who of Spam Fighters
The event was the second annual “Spam and the Law Conference,” held Jan. 28 at a hotel near the San Francisco Airport. The roster of speakers included
representatives of some of the biggest names in the spam wars:
• Lisa Rosenthal, an attorney with the U.S. Federal Trade
Commission, which she said had filed more than 60 lawsuits against spammers since
1997 — three of them since the so-called CAN SPAM Act went into effect Jan. 1,
2004;
• Michael Grow, chair of the technology department of the
Washington, D.C., law firm Arent Fox Kintner Plotkin & Kahn, who is credited
with helping AOL convict notorious “spam king” Sanford Wallace in 1996;
• Aaron Kornblum, an attorney for Microsoft Corp., which he said
has filed more than 120 lawsuits since 2003, reaping $306 million in legal
judgments (although Kornblum acknowledged that an “insignificant amount” of that
has actually been collected from the elusive spammers).
Much of the conference focused on the same legal approaches to fighting spam
that have been employed for years. But two aspects of the spam problem seem to
lend themselves to new defenses, which may be more effective.
Catching Spammers in Four-Tenths of a Second
Matthew Prince, a cofounder of Unspam LLC, an antispam consulting service based
in Chicago, described recent advances that he believes can identify spammers
much more quickly than ever before.
Unspam, which I reported on in this space on
Nov. 30, has massively expanded Project Honeypot, its program that generates
unique, one-time e-mail addresses on Web pages around the globe. Spammers use harvesting
software to collect addresses from pages at random. When an Unspam address is
harvested, the organization makes a record to use against
the spammer.
At the end of November, Unspam had planted only about 4,000 decoy addresses on the
Internet. Since that time, however, the effort has exploded, growing to more than
32,000 addresses, according to a counter on the organization’s
home page.
Prince says his organization’s servers are capable of notifying Internet
services providers (ISPs) and others within 0.4 seconds of a decoy address
receiving a message. Such a transmission could only have come from a spammer,
since the address in question never signed up for any legitimate e-mail lists.
Unspam’s online blocklist, known as HTTP:BL, will become available in spring
2005, Prince says. The list can be used by ISPs to disable accounts as soon as
it’s clear they’re being used for spamming, Prince says.
Although many antispam experts have criticized the U.S. CAN SPAM Act as too
weak, Prince notes that the act includes an absolute prohibition against two
techniques spammers depend upon to acquire addresses in the first place. These
are harvesting attacks, as described above, and dictionary attacks, in which
spammers send messages to random addresses to learn which ones are active.
By linking pieces of spam to their original harvesting attacks, Prince argues,
withering technical and legal measures can be brought to bear against spammers.
CAN SPAM allows ISPs to sue spammers, with damages ranging up to millions of
dollars and jail terms up to five years.
Make Sure Your Address Isn’t in the Dictionary
A major change in the nature of spam, however, is making dictionary attacks more common
than harvesting attacks, according to Andrew Oakley, technical architect for MessageLabs, a
respected mail monitoring service based in London.
He reports that since more homes have broadband access and more home computers
are left on all the time spammers now have access to far greater bandwidth
with which to send spam. About 80% of today’s spam emanates from home computers that’ve been infected with
“zombie” software controlled by spammers.
As a result, Oakley says, many spammers no longer bother to harvest addresses
from Web pages. Instead, they have enough raw horsepower to simply send spam to
every name that might appear on the left-hand side of the “at” sign (@) of a
major company’s domain.
One company that recently asked MessageLabs for help, Oakley said, was receiving
30 million spam messages a day. That number dropped to a more manageable 100,000
a day when the company — which Oakley would identify only as a teen-lifestyle site
— started filtering out mail to nonexistent addresses. The spammers were using a list of
some 6,000 common names, 200 of which happened to match real e-mail addresses at the
company, which used each employee’s first name to form the addresses.
This kind of attack can be deflected, Oakley says, by configuring your mail
servers to drop connections from senders who mail to a lot of addresses that
don’t exist. You should also make sure your e-mail addresses contain punctuation
marks and don’t include names and words that can be found in a dictionary.
The Race Goes To The Swift
Anne Mitchell, president of the Institute for Spam and Internet Public Policy
(ISIPP) and sponsor of the conference, feels the problem of spam is not a
hopeless one.
“I don’t think anyone enters this room with a single plan to end spam,” she
says. “People
know it has to be a multi-pronged approach.” The solution to spam, Mitchell
says, will be a combination of technology, legislation and education.
She points out that, although spam volume is increasing, she’s seen anecdotal
evidence that corporate workers are seeing less and less spam as filters become
more effective and widely used. That doesn’t keep spam from being sent in the first place — the senders are generating more mail
just to penetrate the filters, Mitchell says — but it may be the beginning of the end of spam.
For more information on the ISIPP and the next antispam conference, see
ISIPP.com.
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
FEATURE | By Samuel Greengard,
November 05, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
FEATURE | By Cynthia Harvey,
October 07, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
Top 10 Machine Learning Companies 2020
FEATURE | By Cynthia Harvey,
September 22, 2020
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020
Anticipating The Coming Wave Of AI Enhanced PCs
FEATURE | By Rob Enderle,
September 05, 2020
The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
August 14, 2020
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Advertise with TechnologyAdvice on Datamation and our other data and technology-focused platforms.
Advertise with Us
Property of TechnologyAdvice.
© 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this
site are from companies from which TechnologyAdvice receives
compensation. This compensation may impact how and where products
appear on this site including, for example, the order in which
they appear. TechnologyAdvice does not include all companies
or all types of products available in the marketplace.