April 30, 2003
Spam spam spam spam

There's a spam summit going on in DC right now as the powers that be grapple with The Scourge Of The Internet (tm).


On the first day of the Federal Trade Commission's "spam summit," participants could not even agree on what type of online marketing was unacceptable enough to earn the pejorative tag.

Marketers said that deceptive messages with misleading subject lines like "Re: your account" were to blame, squeezing out more reputable operators who only send messages to consumers who want to hear from them.

Internet providers and consumer advocates said it was the sheer number of messages, not their content, that posed the biggest threat.

"The deception does not mitigate the problem of bulk," said Laura Atkins, president of the SpamCon foundation, an anti-spam group.


Defining spam is trickier than you might think. If they left it up to me, I'd probably be too broad. Not that this would break my heart, but the courts might take a dim view of it.

Personally, I believe that technology will eventually solve this problem, though in the interim it's going to get worse. I read awhile back about a new mail service that only allows mail through from specified senders; everyone else gets an autoresponse that requires them to go to a web page and click a URL to confirm that they're not a spammer. This manual step nullifies bulk mailers. You can specify trusted addresses to spare your friends and desired bulk mailers the annoyance. Can't remember the software's name, unfortunately, but it's brand new.


Sens. Conrad Burns and Ron Wyden said their bill, which outlaws the use of false return addresses, would help track down spammers because it would override the 27 state spam laws already in place.

Without a single national law, "spammers will play one state off another," said Wyden, an Oregon Democrat.

But the Burns-Wyden bill, which so far has won the most support from industry and on Capitol Hill, came in for criticism from providers who said it should include criminal penalties and not override stronger state laws.

All of the proposed bills would prove toothless because they would not allow consumers to sue directly, said Washington State Attorney General Christine Gregoire.


Virginia already has such a law, so I agree with the critics here.

E-mail marketer Bill Waggoner, sporting sunglasses and a ponytail, said that although he did not send messages to customers who did not want them, spam was unavoidable in such an open, global system.

"If you get your e-mail added to the Internet, somebody's going to contact you," Waggoner said. "It's a public deal all over the world."


And some ISPs are blocking all email from notorious spam-relay countries like China until they clean up their act. I must say, I have a lot of sympathy for that approach as well.

Posted by Charles Kuffner on April 30, 2003 to Technology, science, and math | TrackBack
Comments

I used to use an email forwarding system based out of China. The anti-China dictate caused me nothing but grief.

In the end, though, probably still a good policy I suppose.

Posted by: R. Alex on May 1, 2003 12:07 AM

I've been using PopFile (a free Bayesian proxy) since December, and it is doing an impressive job of pre-classifying my e-mail. I have it sort my mail into 11 buckets (personal, spam, work, commercial, atc.) and it is running at better than 95% over all buckets since I started using it, so its current performance is in the 98% correct range. And it looks like I have received 7358 e-mails since I started using it, of which 2098 were spam -- my second most prolific bucket after an active mailing list I'm on.

Posted by: David on May 1, 2003 8:44 AM

I think the problem with client-side solutions is that the mail still gets into your system and has to be delivered and stored by your ISP. The goal is to prevent, or at least reduce, the amount of spam that the ISPs have to actually deal with.

The service I mentioned would have the effect of rendering bulk mail programs unusable because the mail would never get delivered to anyone who used that service. For that reason, I think the concept of requiring senders to confirm their intentions will be the new paradigm. We'll see.

Posted by: Charles Kuffner on May 1, 2003 9:12 AM

I still think that there are two major objections to this kind of scheme.

1) Even if the hard-drive space at the ISP is conserved, the bandwidth isn't -- in fact the cross messages increase it. Most of the reports that I see regarding spam seem to treat bandwidth as a more precious resource that server space.

2) Most legitimate e-commerce is carried out without human intervention as well. From mailing lists that you want to receive to sales receipts from Amazon and their ilk. Either prices would have to increase dramatically to allow for the extra bodies to scan bounce messages, or such companies would go out of business.

OK, more than two.

3) The annoyance factor on legitimate commerce. Joining a mailing list organised as RT is would require some 60-80 seperate confirmations since the messages come From: the sender, not the server. Initial participation in such lists would drop dramatically -- and RT is far from the largest such list that I receive e-mail from.

4) Relying on a third party to process your e-mail for you (as most of these schemes seem to require) seems inherently problematic. If they have bandwidth limitations, server crashes, lightning strikes, etc. then you stop getting e-mail. While this is also true of your current ISP, you are basically adding a second point of failure.

My client-side solution is customized to me, and each morning my spam mailbox has about 20 messages in it. I can scan the subject lines & senders, and then select all -- delete in less than a minute unless I have a false positive, which is a rare occurrence. My control of it makes it a solution that I can trust because I can see all of the evidence of its operation.

Posted by: David on May 1, 2003 12:05 PM

The software I had in mind (sure wish I could recall the name, there was a review of it in one of the Bay Area papers while I was out there) enables you to specify exceptions up front - basically, you can import an address list. Also, once an address has been verified by the sender, it remains verified.

Point four is a strong one, though. There is an increased risk of annoyance and failure with this scheme. Still, if this paradigm essentially wipes out bulk mail marketing, I'd call it a decent enough tradeoff.

Posted by: Charles Kuffner on May 1, 2003 12:49 PM