Note: My Web pages are best viewed with style sheets enabled. |
Unrated |
In a scene from a biographical, made-for-TV movie about Alexander Graham Bell, the inventor of the telephone is sitting in his home. The phone rings, and he answers it. He starts cursing and hangs up. It was a telemarketer, using Bell's own invention to annoy him.
A phone call from a telemarketer might waste my time, annoy me, and even prevent me from receiving a phone call that I want. But I do not pay for the call. Junk mail — the U. S. Postal Service now calls it "standard mail" instead of "bulk mail" — also wastes my time, annoys me, and clogs the landfills. But I do not pay to receive junk mail; the advertiser pays the postage.
The sender of spam (junk E-mail) does not pay for my Internet connection; I do. In some nations, connections to the Internet are metered; the user pays for the connection by the minute or by the number of bytes. This is very much like receiving junk facsimiles; the recipient pays for the paper and toner to receive unwanted advertisements.
There are various actions individuals can take to handle spam.
You can filter out messages from E-mail domains known to be sources of spam. A major source is hotmail.com, a unit of Microsoft. In the latter's favor, they do act promptly and vigorously against spammers; however, they appear to be overwhelmed by the volume of unscreened users for their free Web-mail service. Another source is yahoo.com, whose efforts to control spam is also overwhelmed.
Finally, you can filter based on IP addresses. It is far easier to forge a domain name in an E-mail header than it is to forge an IP address. Blocks of IP addresses are assigned to particular service providers. Other blocks are assigned to entire nations. Where a provider or a nation is lax in dealing with spam, reject all E-mail from that source.
Of course, filtering a message to my E-mail Trash folder did not delete it at my ISP's mail server. It first had to be downloaded before it could be filtered. Further, sending it to my E-mail Trash folder did not delete it from my PC. I still had the opportunity to view the directory entry in case it was mail I really want.
Don't bother! As noted above, by the time you decide to take action, action may have already taken. Of course, there are ISPs that don't seem to care; they will ignore your complaints.
However, I still strongly oppose this practice for E-mail. If I receive E-mail with a munged return address, I cannot reply without bothering to enter the return address manually. (I really do not understand this. Why munge an address in an E-mail message sent only to me? If I were a spammer, why send me E-mail? Since I am not a spammer, why munge your address?)
Many ISPs filter spam at their E-mail servers. This trend responds to two issues. First of all, their subscribers have been complaining about the time it takes for them to search through junk messages to find the message they want. Then there is the large amount of space spam occupies on a mail server until a subscriber downloads those messages.
Level 4 Services (my ISP) uses a commercial spam filter developed by EdgeWave. To protect subscribers against losing an incoming message that has been falsely identified as spam, spam messages are not deleted. Instead, they are saved and made available through a Web interface. If I find a legitimate message has been filtered, I can use the Web interface to have the message delivered to me. The filter allows me to either accept or reject future messages according to the domain or complete address of the message's sender.
All ISPs should use filters that have the characteristics of the EdgeWave filter:
EdgeWave's filter seems effective, contrary to the declaration of the California Legislature. A similar filter concept is used by Mozilla-based E-mail clients Thunderbird and SeaMonkey. The difference is that EdgeWave applies its filter at the mail server before I see my E-mail while the Mozilla clients (not running a mail server for the public) apply their filters in the mail client as messages are downloaded.
Accurately identifying spam via software is highly problematical. It can be worse when an ISP deploys a filter developed by an outside vendor or uses an outside service to identify the sources of spam. The Internet remains a highly technical system, and good filters are also very technical. Many ISPs, however, fail to employ professionals who really understand what is happening.
I read with interest the item in RISKS-22.92 about spam filtering for good e-mail, and note as well the comment about not trusting your ISP. I have recently had to change my ISP from AXX (name changed) because of their aggressive spam filtering policy. AXX advertise that they aggressively filter spam, and equally go after spammers. I applaud the attitude. I cannot applaud their mechanism.
After too many games of "Did you get my e-mail?" … "What e-mail?" leading to missed appointments and what-have-you I was told that 1) AXX was spam filtering my e-mail even though I had set my account not to filter anything, 2) I would not be allowed to see or change the policies used to decide what was spam and what wasn't, 3) It was not possible for me to see what was being "filtered" in order to rescue it, and 4) Filtering could not be turned off. After I gave them a list of addresses that I knew were being blocked I was told that AXX had detected spam from their ISPs… not my people specifically, just the ISP. I was told it was best for me to contact those people's ISPs to ask the ISPs to stop allowing spam. Only then would AXX stop deleting my e-mail. BTW, I don't consider that AXX was filtering my e-mail… they were deleting it, at random, without notice.
They produced some discussion about possibly being able to selectively allow specific addresses, in the concept of allowing known addresses through, but were not sure it would work, and of course that would not solve the problem of e-mails from third parties that I do want being filtered never to be seen again.
I believe some new versions of AXX can allow users more control since then, but I was not told about that at the time (1 month ago), nor am I sure now, nor do I care.
John Bechtel, Surrey, UK
My ISP's analysis indicated that another user had been infected by a computer virus that caused the user's PC to generate a flood of E-mail. Outblaze's list of blocked IP addresses was then updated to block all E-mail from my ISP, not merely E-mail from the infected user. The ISP was never notified of this block, and Outblaze failed to remove the block when the ISP itself took corrective action against the infected user.
I consider it unacceptable that PBI allowed its users to send me E-mail but not receive E-mail from me. This is almost as bad as the "E-mail black hole" that AOL instituted earlier against PBI. Instead, if PBI insisted on bouncing any message from any ISP's server, PBI should have also bounced messages from its own users to that server.
Most of these problems occur when an ISP relies on a simplistic approach to filtering, generally on a filter that uses a list of "bad" IP addresses or mail server domains. This does not work! This approach to filtering relies too much on the past, on what spammers did yesterday. At best, this approach to filtering fails to stop spam when spammers quickly abandon old E-mail accounts and start new ones with different IP addresses or domain names. More often, this approach results in legitimate messages being rejected because of a blanket interdiction against an entire mail server or even an entire ISP. It should be unacceptable for a major ISP to use a simplistic third-party spam blocker that relies on a list of IP addresses rather than on analyzing messages to determine if they are really spam.
Another problem with automated filtering occurs when strings of characters that might be offensive are blocked without any serious contextual analysis. Thus, a message about someone graduating from a university magnum cum laude ("with great honor") might be filtered because of the word cum (Latin for "with", but slang for "semen"). Such problems with string filtering without context analysis are thoroughly explored in the Wikipedia article on the Scunthorpe problem, the term often used to describe this problem.
Note, however, that an ISP can carry filtering to any length it chooses, even rejecting all E-mail messages from a competitor for the sole reason of competition. There is no law requiring an ISP to relay E-mail messages to its own subscribers from an outside service. However, this has never been tested in court. With AOL blocking PBI and my ISP and then SBC Global and PBI blocking my ISP — all for no good reason — perhaps an ISP blocked because of a false reason can successfully sue the blocking ISP. That might be the only way ISPs can be forced to use technically sound methods of preventing spam.
*** Begin Right Sidebar ***
DULLES, Va. (Reuters) — Virginia authorities said on Thursday they had arrested and charged a North Carolina man for sending "spam" e-mail in the first use of a new state law that could bring penalties of up to 20 years in prison.
Virginia Attorney General Jerry Kilgore said Jeremy Jaynes had been arrested earlier Thursday in Raleigh, N.C., on four counts of using fraudulent means to transmit spam. Kilgore told a news conference that officials were in negotiations for the surrender of a second man, Richard Rutowski, on the same charges.
Jaynes was charged with violating limits on the number of messages a marketer can send and falsifying routing information, both illegal under the Virginia law that carries penalties of 1-5 years in prison on each count.
Although based in North Carolina, Virginia is asserting jurisdiction over Jaynes because he sent messages through computers located in the state. Roughly 50 percent of the world's Internet traffic passes through Virginia, home to big Internet companies like Time Warner Inc.'s American Online unit and MCI.
Spam has grown from a minor annoyance to a major threat to the stability of the Internet, experts say, and now makes up more than half of all e-mail traffic, according to several surveys. "These criminals are harming businesses in Virginia, and that concerns us," Kilgore told the news conference at AOL headquarters in Dulles, Va.
Copyright © 2003 Reuters Limited
*** Begin Right Sidebar ***
In California (where I live), several anti-spam laws have been enacted.
While I do not know any details, I do know that anti-spam laws have been enacted in other states. Any legislation should consider the following:
Most important, Congressional action on this issue should not block state laws (contrary to Congress's action on pollution and privacy legislation). Legislation being considered by Congress in 2003 would not only undo state laws and legalize some spam banned by states but would also favor business over consumers by allowing only ISPs to sue spammers. Recipients whose E-mail is clogged with spam would not be allowed to file lawsuits.
Oops! Too bad! Congress passed its legislation that indeed invalidated stronger state laws. And yes, the new federal law only allows ISPs to sue spammers; and it only provides for "opt-out" controls, not "opt-in" as provided in some of the state laws it repealed. But then, spam — very much like personal information — is business. As intended by Republican leaders of Congress, the new federal law has proven totally ineffective in reducing the flood of spam. Advertising über alles!
Nevertheless, a state appeals court in California ruled in 2011 that the Federal CAN-SPAM Act allowed states to enact laws against E-mail fraud and that spamming with deceptive Subject or From header fields was indeed a form of fraud. Since California's anti-spam law addresses such deceptive E-amil, the state law was not preempted by the Federal CAN-SPAM Act.
According to the webzine Salon.com, a new "service" threatens to change the character of spam. Epidemic Marketing, Inc. is soliciting the public to become free subscribers to its service. Subscribers are given advertisements to insert into E-mail messages they send. The advertisements contain Web links. If the recipients select the links, the senders receive a small payment.
Get real! This is still spam, and I intend to handle it as I describe elsewhere on this page. I do not care if the message is from a friend or relative; spam is still unwanted in my E-mail queue. Unfortunately, the senders of these messages will be the ones whose ISP accounts get cancelled. Epidemic Marketing will remain untouched … at least until a subscriber whose account is cancelled sues Epidemic Marketing for causing the cancellation.
Much spam originates in the nations along the Pacific coast of Asia. Not only are these messages unwanted, but also many are unreadable. They are not written in the Roman characters used in European languages.
A typical subject displays as:
I just cannot understand why a business in China, Korea, Taiwan, or other Asian nation would send me messages I cannot understand.
Some spam is truly dumb. Actually, some spammers are totally ignorant.
They send messages that no one can read. For example, I sometimes see both the Subject and body of a message that look like the example I gave of vicious spam. Or it might look like:
=A5=B4=C2Z=B1z=A4F=A1I=A5=D1=A9=F3=A5=BB=A4H=A6=B3=A4@=A8=C7=A7x=C3
Some messages have subjects that are too obviously spam (especially spam promoting pornography).
Draw for a holiday in Florida
you should watch me do my thing
herbal pill will actually ENLARGE you
INVESTORS: Blue-Chip, Stock-Trading System---77% Return---Automated
Good sites to see, you asked to be on our list [no, I did not]
Re: john, size matters to me!
perform to pleasure her today.
Some messages have subjects with strange spacing or spelling, apparently an attempt to confuse filters.
Rx - Valium, Xanaxx, Via.gra...ashby [a misplaced . in the word Viagra]
Stop that SPA M emails forever [an extra space in the word SPAM]
Hérbal Viagrä Altérnativé [es with acute accents, a with an umlaut]
ñever pay for what you can get free [n with a tilde]
Some messages are in a foreign language that I don't understand.
Más de 20.000 solteras y solteros
Mise a jour de votre convention collective au 10 novembre 2003
Some messages have nonsense subjects.
guacamole concierge
gyrocompass loot pervasive
bagatelle friday quintillion
That epochal by managerial
you jacobian he euphoric
Be barnacle whichever inconsistent
calvary menial anticipatory
A it surprising
Back thank the external Galactic Spirit?
I made up none of these. Instead, I extracted them from actual spam. The point is that the spam nature of these messages is so obvious that no one (except possibly an Internet masochist) would do anything other than trash them. These spammers have dropped their junk into a black hole with no chance of accomplishing anything. These messages are NOT being read. Some day, one of these spammers might gain the intelligence of a rock and realize that he or she is expending time and effort on a useless task.
In 2006, I recorded 1,443 spam messages in one month; my ISP's filter caught about 1,080 of them. During one month in 2007, I recorded 4,589 spam messages, a growth of 275%. While the ISP's filter caught 2,735 of them, that was a smaller percentage of the total spam (75% in 2006 versus 60% in 2007). The filter also caught 10 messages that were not spam (0.4% false positives).
Looking at the problem differently, I received 4,759 total E-mail messages in that one month of 2007. Only 170 (or 4%) were "real" messages; 96% were spam. That's 5 legitimate messages against 148 spam messages per day.
In March of 2010, I again collected statistics on spam. In that month, 1,926 E-mail messages were received for me by my ISP's mail server, excluding test messages that I sent to myself and copies of messages that I sent to an E-mail discussion group.
This demonstrates the effectivity of a mail server filter in stopping spam, but it also demonstrates that Congress's "business first" anti-spam legislation is obviously a failure. It is quite likely that spam is a greater cause of Internet congestion and bandwidth saturation than file sharing and the downloading of music and videos.
Despite the toothless federal CAN-SPAM Act, however, the volume of spam seemed to decline in 2010. Much of this decline is attributed to the shutdown of a very large botnet that was the source of spam. Improved anti-spam filters implemented by ISPs may have also contributed to this decline. It is not known whether the decline will continue or whether spam will again increase in volume. Nevertheless, spam still accounts for 65% or more of all E-mail messages. It is also seen in Web forums and newsgroups.
The following links may be useful in dealing with spam:
And then, of course, there is the Spam page, owned by Hormel Foods Corp (manufacturers of Spam processed meat).
Updated 22 January 2014
"Internet" Table of Contents |
David Ross home |
|