MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_NextPart_01C612A6.F8FA1D50" This document is a Single File Web Page, also known as a Web Archive file. If you are seeing this message, your browser or editor doesn't support Web Archive files. Please download a browser that supports Web Archive, such as Microsoft Internet Explorer. ------=_NextPart_01C612A6.F8FA1D50 Content-Location: file:///C:/0E2B4C8D/bw_out_out_damned_spam.htm Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="us-ascii" Out, Out, Damned Spam - Business Week

ht= tp://www.businessweek.com/magazine/content/03_32/b3845079.htm





AUGUST 11, 2003


Out, Out, Damned Spam

Junk e-mail accounts for roughly half of all network traffic. = Here are five ways to beat it back

It was May, 1978. Lauren Weinstein was among those developing an early vers= ion of the Internet when an e-mail popped into his box. It was the first spam e= ver -- a pitch from Digital Equipment Corp. sent, literally, to everyone on the fledgling Net. "People thought it was a little bit annoying but sort of amusing," Weinstein says.

It's not amusing anymore. Junk e-mail accounted for an estimated 49% of net= work traffic in June, according to Brightmail Inc., a San Francisco manufacturer= of anti-spam software. These days, spam attacks Weinstein's computer every two seconds. And the Internet pioneer, founder of the Privacy Forum in Woodland= Hills, Calif., is trying to save the revolutionary communications medium he had a = hand in creating 25 years ago. The open architecture that made the Internet a transformative technology also has spawned the rapidly growing junk e-mail menace. "It never occurred to us that the tools we were developing for ourselves in this highly trusted environment would ever end up in the hands= of the world's population," he says.

As anger at spam has increased, so have efforts to stop it. A confusing thi= cket of lawsuits, state and federal legislation, industry initiatives, filtering software tools, and spam-blocking companies has emerged to deal with the threat. While Congress weighs nine anti-spam bills, 34 states have enacted = junk e-mail laws. Frustrated companies such as America Online, UPS, and Microsoft are hauling spammers to court.

Some of these moves are good ideas; some are bad. None of them, on their ow= n, can eliminate spam. But a combined legal and technological attack could go a long way toward turning the scourge of spam into an occasional nuisance. He= re's how to do it:

The first step is beefing up laws against spam. Rules against snake-oil sal= es pitches, get-rich schemes, and other types of fraudulent come-ons already a= re on the books. Federal legislation sponsored by Senators Conrad Burns (R-Mon= t.) and Ron Wyden (D-Ore.) would go further and raise the standards for spammer= s by requiring them to describe their messages accurately in their subject heade= rs, use real return addresses, and include working opt-out links.

That's a good idea, but it does little to slow spam. A more effective way t= o do that would be to let people choose whether they want to receive it. Both Ja= pan and the European Union have passed tough "opt-in" laws that requi= re commercial bulk e-mailers to receive permission from consumers before sending them unsolicited messages. Because of the power of the direct-marketing lobby, as well as constitutional free speech concerns, this approach is a nonstarter = in the United States. But a Do-Not-Spam registry, modeled after the one that w= as recently created to block telemarketers, would run into fewer such problems= . It would enable consumers to opt out of receiving unsolicited e-mail simply by logging on to a centralized Web site.

Nobody expects a Do-Not-Spam registry to be a panacea. Dishonest businesspe= ople would continue to hide their identities and flout the law. Only responsible bulk e-mailers -- bona fide, law-abiding companies -- would follow the rule= s. How big is this group? Little hard data exist, but an April study by Australia's National Office for the Information Economy found that 18% of s= pam comes from blue-chip corporations.

Once new laws are on the books, they must be enforced. Internet service providers and the Federal Trade Commission have hauled dozens of spammers i= nto court since the late '90s. Every big case so far has brought a penalty. On = July 21, the FTC settled with a California teen who faked return addresses on e-mails that he dangled as bait to lure consumers to legitimate-looking business Web sites. There, they were duped into giving up credit-card numbe= rs.

Such policing is important and will have to be stepped up. But it is inhere= ntly limited. Prosecuting the small-time operators in the U.S. isn't likely to r= ise to the top of the docket for state and federal law enforcers with limited budgets. And using courts to crack down on bulk e-mailers is like playing whack-a-mole: knock one down and another pops up.

One solution: Give users the right to sue spammers directly and set minimum statutory damages of, say, $100 per offending message -- just as was successfully done in the 1991 law against junk faxers. This "right of private action," proposed by Senator Charles E. Schumer (D-N.Y.) and others, would torment spammers with a hailstorm of private claims. Of cours= e, Third World violators would be tough to reach. But litigators say many bulk e-mailers are domestically based, and advocacy groups such as the Spamhaus Project already do a good job of tracking down the biggest offenders. "Only when you distribute the enforcement broadly enough will it put enough fear into spammers' hearts to make them stop," says John Mozena, vice-president of the Coalition Against Unsolicited Commercial Email, a consumer-advocacy group.

To discourage spammers from moving offshore, the White House needs to take = the lead in harmonizing international law and beefing up global enforcement. The 30-nation Organization for Economic Cooperation & Development is workin= g on the problem, but the Asia-Pacific Economic Cooperation forum is a vital pla= yer and needs to be at the table. The good news is that other countries are also working on this issue. EU commissioners will visit Washington in August to lobby Congress to strengthen our laws. State regulation, on the other hand, isn't working. While well-intentioned, these measures create a patchwork le= gal regime that increases corporate compliance costs.

In the Net's infancy, peer pressure deterred spam, with improprieties drawi= ng immediate social rebuke. But the online population boom upended that cozy virtual village. "Like in any large city, some people are going to eng= age in unlawful behavior," says Charles D. Curran, AOL's assistant general= counsel.

Cyberspace needs a new code of conduct, and it's up to industry to help wri= te it. Internet mail protocols -- the technical rules that govern how messages= are transmitted -- need revamping. Designed when the Net was small, they allow spammers to cover their tracks by forging headers, faking domain names, and bouncing e-mails off servers across the globe. New norms can be imposed by grafting changes onto Net protocols. Microsoft, Yahoo! (YHOO ) AOL, and others= are studying ways to build a so-called trusted-sender system that would give priority to known or identified e-mailers. Think of it as an exclusive gated community that would be almost spam-free.

Here's how it would work: Spammers make their mail look legitimate by faking domain names. But it's much harder to forge a domain's IP address -- the individual computer identifier that tells where an e-mail originated. Under trusted-sender rules, recipients' servers wouldn't accept mail unless they verified that the message originated from a valid domain, and the sender's = IP address matched the number associated with the domain. If they want to be trusted senders, large e-mailers such as ISPs, corporations, and institutio= ns would provide their IP addresses to a central registry. Fraudulent spammers would be zapped by the receiving server.

Even with more cops and more spam-free zones, some bulk e-mailers will find= ways to sneak their pitches into in-boxes. So consumers and companies will have = to take the offensive.

The best professional filters, such as Brightmail, can block 95% of spam. At FrontBridge Technologies Inc., a San Francisco-area Internet-security compa= ny, computers check incoming e-mail against 10,000 criteria used to define spam; 500 of those rules are rejiggered every day, depending on what spammers are= up to at the moment. Because teams of human "spam analysts" keep tab= s on the trash bin, big filtering systems rarely lose a real message amid the ju= nk. When the San Diego law firm of Gray Cary Ware & Freidenrich installed a FrontBridge filter in December, "My greatest fear was that some critic= al client would get their e-mail rejected," says Chief Technology Officer= Don P. Jaycox. But after six months, "The false-positive rate is almost immeasurable."

Good filtering is expensive. But assuming that Gray Cary's 420 lawyers each spent 15 minutes a day deleting spam, Jaycox figures the firm was losing $1= 86,000 in billable hours every month. In that light, the $100,000 a year the firm spends to stop spam seems reasonable.

Effective filtering for the masses is a bigger challenge. A community of sp= am vigilantes constantly is improving free programs such as SpamAssassin. And = AOL and Microsoft are rolling out adaptable programs that "learn" how= to define spam based on what people delete. The newest filters also protect against beacons -- signals that let spammers know when a spam has been open= ed by a live user. And some computer users are compiling "white lists,&qu= ot; which allow e-mail from known senders to go into a premium in-box. But these consumer-level filters depend on technology alone. Without a living, breath= ing safeguard, chances are good that a filter will occasionally zap the wrong e-mail.

That's why many people will have to surf smart. By now, most computer users know that replying to most spam only generates more spam. Such smarts can g= o a long way toward eliminating junk e-mail. People who don't take action will suffer. Indeed, the recent flooding of many in-boxes is a sign that spammers are having to work harder. As e-mail filters get smarter, and as laws and lawsuits multiply, junk mail is harder to deliver. To maintain their already thin margins, spammers are upping their output, jamming more junk mail into= the fewer in-boxes that remain vulnerable. "It increases the pain for the = rest of us," Mozena says.

In the end, spam's greatest vulnerability is its economics: It costs very little to send out millions of e-mails, and nothing to send out a million m= ore. Making junk e-mail even marginally more expensive for senders -- by suing spammers, levying fines, or making it harder for it to find an audience -- = can be enough to tip the scales. Such efforts won't make spam extinct. But they= can kill the majority of it -- and hopefully turn spam back into a tolerable, perhaps even amusing, annoyance.

By Lorraine Woellert, with Stephen H. Wildstrom, in Washington

Copyright 2000-20= 03, by The McGraw-Hill Companies Inc. All rights reserved.
Terms of Use   Privacy Policy




------=_NextPart_01C612A6.F8FA1D50 Content-Location: file:///C:/0E2B4C8D/bw_out_out_damned_spam_files/image001.gif Content-Transfer-Encoding: base64 Content-Type: image/gif R0lGODlhLAE2ALMAAPnf5fzv8swAM8wCNdc4X99dfuiJoPG6yPrm6/XP2TMzmWhotJyczs7O5vDw 98DAwCH5BAEAAA8ALAAAAAAsATYAAAT/8MlJq7046827/2AojmRpnmiqrmzrvnAsz3Rt33iu73zv /0CUYEgsGo/IpHLJbDqf0Kh0KpUortisdsvter/gMDdFLZvP6LR6nbSK3/C4/Ctk2+/4vH7pnvv/ gGMme4SFhodOfYGLjHGDiJCRkneKjZaXgiNGBJydnpyQBQUDk02fnwKnnqmqpGWqUZWYWQu1tlu1 s3SaRQYHCRQJBwcBEgcFhQcSAa6lSb4Vwsi/0ccC0BQHBGa+ABMGsQ+6XA0NDhMMWQ0SDeNdvEcG E9tDBcUPCc14FMjOSwUTEsT7doRAsXxqCBCEIsudggXosECcsMDhFhHP5hUxKAFhHn7+/5jcC1Bw wgEkyuipWfikobuJD9JhoVDRopYQGSWoHCJPArg8AB+cDLlEmc4j3h6QRCqQDctE4mxKjIiFgQSZ UmeCyPlgZ6oJAIiG7PmgXxGjXY88+LnmaROX42BizeoFJxKyXgVQEOtPoc+BEswOUZj3jFsmcHXJ pQvGLuC0RvbydWbyCLC/vR5QwtwyatbFjOtuvatxIwVYrFBtLGBg1OABp0jFHmygtb6NtQsUFsDa AD3Yq22/vqy5yIBsRobhbr07VW/BQxbCRk0k8QIG2LXYulWVQU3tVLfnuiL++3XvX7Cj3/WBq9eg Qn3dW1uP2oQiABMYABCAwID+2Bw1zP9p11DQnxEDKHOAAcWwNcQACQQAjQEDFDAUb/js199/BOCF 3wNJLUWEhA8qyCB9R9gjoTcJ7LQQAQckVVkRcK3TAAPnYFUOTQpYNYED35FH1Y4UPUSkG+tM0ECQ V1jlAI4PtCNae6QdlZmVfqFIBFpEADTUAAzKQ4+HPM2znygjNQOhUINxJgAw9BgU41BePhhmV/AJ th+ZXyGz5lB+OVjggWsyU52bAngTAHTReaaFjVjkmIWPD1z35ALnPOAAeFdNWiQWSYpTznVKauFk pFFO6YF7prnpFllEeCPYZXGWVqBPALiSJxE9qWRUPwCJ+BWbiZZVBK1ZOqjfrvU8QEr/r7wGRkSg XRpzqJZD8LdbQ0l6WulUVwEpZKfgxkTLp02iI2WP6Pr4nY9zZeGYEXzaoxR0r943rIN+1WrlrdJe +5NfYVULYpnFRXsStdMeFRARx+nGkgEC+SVsUAW/+a9eVj4FEKOH4sLOuZqWKy6qqZY7F0xBUrqp vOQqkCnJL1802mPCxIiPa5EhCuuwuZ4FWZYqkZVxoyj2dOGwaRnFL5sE65OSAFw2u809F+p369JE M23EZT+xZJCgPW+RZLyfwlTzFUmu+xBV435bVakwm8tuylrJfdPN9H5Tm1EJ8Cxw3xK02ZFKAPkL GcCCLnRP43+hNevCASGeFpn7DVG1/17IPN4zfT0JS7UEBUuXQFNKyAI32+SCBurIKpOs992zKzAk 7Ci7nfeqVS4O5jKC5Vv4EPMtWp3iRU+A71/Jfn4SfELpOlTxZh3IrNYAb0NY8zRae9nSAJOyEIPN Ncpp7Um+7DrreL8ds/uzU8okVasrkH4mvD/mFVlmCZ8wWcYghW4Mtzg+IQ0c8IEcPlIxn3s5B2Em EaD2CBKxZkmrAGFJ4OfCMqMtaYQg+XmLo2jHpFDFrYS4g9/K0EU7m5lrffabAP46wCojyIge/oMY cUi3k65B0CsEAWAGLEgBB62JAgDYSVIEAhBXNG9BANNAlqTIsbVwxFh8GGGomCQ/+P+hsH3rY5m3 Rmi7TsFEAzPkQA2vhKIc6rACByJg8jZWRXCQBXxIgJ6bjjiBOI5OAmBCXbEWCABk3PEZWTraJuqI FkWqRYssJKEXH5XCMLKQUi5MB6V01xi+sTEv8GmKG0UhgN8ZyIm2MmAdGVeUwTSQPqQ0ZR9dgRfs aW4elztMw6yVRaUEAC1k6x4lJcDFIolRHZVc3THTpbpOUSpenaSS/kqiLzfWpksNHFgqbXVAVhYE HJBJUAU6xBZ7vegbWIQgg9SJhA4dh5cp2gY/smSoNoywi8gk5iTz6TZL6nNuzXxh/aqSxg2scZfD c0vVKGYc4izFh9n7HAJ1aSHO4Wf/Pqw5mjiXca1i6IOegKKoQB6GhLTMiCzBNN8YvxiVZbKvn8q8 pAz3JtD3TaWgGjgoAYfiFhmVaX/6gqgqCcI9eoETfFeszeIgSATiCBJpWMwSHq8Bjs1tZCnSmc+2 RgjD++3zdWCM6T+ZSUb6pbAqnCyjNAm3VHauEqHFkYegBpAUOUaLjgtZIhIKybHbBGVB2CplXd16 LFtdxpGJQgZ88uKLbhK2bFrIFNpaF8m2yW6FY20hTWViQrNBU635Y2teiINDNwGwTPW8q11/KFEi vsdQiHqnUlOLMIOl864JwxAdm8i0uRrvraXUaknJ6KO1waRcX4Tp+1yKyc2e8CLv//Akbt/DkqRc SCE/U1rfmiJUbgI3KUYEQNjwWhbtZgZ1WbqNbsEHXuOI9660zZxjiTjVhmTqXTFzaQzDulyZBlRH Zy1HdNf6yauaVnmpEG9214ItZfSju+QlFgMDBqF6gogYKlFIWOTa4Nt2pJ2IumI/KqyP7+kqnT31 Lse4MBEpYapkyB2mcu1G1pbNtG5zkWxVTubC0PKmNvOpTW2+5xU+/gWlHcrgL3WjDHAQwEIm0U0B iKMN/3SojwOcMD6I4ceyJEhCTw7AgTJnj2PAKLBNtmderigMMRfZKL+UFSuMNsAnywjMwmQxO6C0 JImEakkVIRU6Av3n7RT6IS++Sv9NFhAqIC06Uw4wB497TMNjifnSmEbAgnYDpmFYgzeeHkZraONp ekQI02JmEKolpKJVQ4xiGZJalzxNoXo82BfDYGxbPajeUsJaP70GtVK0wZNVi1kAxj52yLzA55U5 4NnQjjSmog1tHFE70pKmNgOyHW3sXPvZk1rHk6Lp48mY+9z7IGNo1k1pNaL73fBeibrZTW/QVjre +M43Q+Zd73XPS98AD3ie+03wfwv84PlODMGzYnCEOxzdCl+4TYJA8YpbvAIS7/fFN87xHmS83iH4 uMhHPnF+k3wcIT+5ylceiIiznBEpf7nMZy4amrsj5jbP+cxdrnNHgKDnQGc5z4MYHoaOG/3oSE+6 0pfO9KY7/elQj7rUdRABADs= ------=_NextPart_01C612A6.F8FA1D50 Content-Location: file:///C:/0E2B4C8D/bw_out_out_damned_spam_files/image002.gif Content-Transfer-Encoding: base64 Content-Type: image/gif R0lGODlhrQAsAHcAMSH+GlNvZnR3YXJlOiBNaWNyb3NvZnQgT2ZmaWNlACH5BAEAAAAALAAAAAAB AAEAgAAAAAECAwICRAEAOw== ------=_NextPart_01C612A6.F8FA1D50 Content-Location: file:///C:/0E2B4C8D/bw_out_out_damned_spam_files/image003.gif Content-Transfer-Encoding: base64 Content-Type: image/gif R0lGODlhwgA3AMQAAP+NpP+csP/X3/8TQqSk0f/J1P9bfP9sidTU6f98lv8lUf9Kbv+rvP84YGtr tkJCofzz9oiIxP/l6v+6yLy83VFRqLCw1+Tk8sjI48zMzJmZmWZmZgAAAP8AMzMzmf///yH5BAAA AAAALAAAAADCADcAAAX/4CeOZGmeaKqubOu+cCzPdG3feK7vfO//wKBwSCwaj8ikcslsOp/QqHRK rVqv2Kx2y+16v+BwrEMum8/otHrNbrvTH498Tq/b7/i5ePTu+/+AbHF5hIV5ex+BiouMcIaPkHJ7 ZAoBlgEACQN+CQmNZJcBlZcLl2wHAQJqg5EVFggOHhEEkXphZgGJHQEQDX0FBZ9kE7oDHxNkDQKb bACqjrUeDx+xGBDRHmJmALodx30DzJ8HH74dAhJkBsFtzqvY2bEPFdjaZdxkxgwCAgcdAAUCdBhg 6QCAA/zOFTiwLsCmAQwAMNjUgAEDA/4SAMCk4IMnBRA+KNjlMOLEgSY3/7lbIMBSGVbSCBCgEIsC glkIaEly4AADAg8EEFiIgIDCg5gWKNCzBWZbIgUMCmwSAIAMsA4JDGAN5u5cvwESPFHFqmrCpgkA GghsAKGDBGQHyPkrYGBsAlV2VXUVoOklnQu0KlyI9eFChGkRdgIdhOACBQ+OPWDA4MEBhKOSbt37 AAAggKlVO1wFMMEXg3/PCqTrsG5BuQ6uFxQAoEABgAUQtApk0FYgBAajXscWnshd3DOsIrBCQPnD Tw85FRNgfBkoggofEmfTnk0zGXwDJQQbKzoY2w8CFqC2KpD1bM4b6ZI7NlLABwhVDXwo1WFC2Ijw BfBeZwKidgAEI5nByv90cxBwzQc6RRfPYnIg8FxQDnxAAQGvcGfPd93kck5oVxkwAAASiNTVbOoU kMAHzIRjAFQQSFDbAQV8cIAxAmj1Il36xfhijKhNAAE7fsnBoBwWPBihTtRQCN2FsEQpx1LdNbVZ GUaO2EFHwRSQYAELrBjaOg18oFUHBzSwmjELePJPVQK01UGaDDSQ5pptqkmGP+7oJycZyX2AWVHZ PCkdY1Q+AIF2DnhogwYamEAppT+YQUw4CUDgDwMSyCbBMgUIoMAAy+wTjgTt1bXLMguc9tsADZAZ 6i66nUZGbqDAeloqA8T66lQQqEcoHRQ85sAFD0xjgTSRZZiYBYZCdoH/HBgwG8EFFTjwGFMyaMAB BxuQm8EHGZQ7LgeV9kBJKLcJSZtBDJ04byqYWAKAAaYYJKcBDWQywI37krHAmv+I428ZC5MUQCmW JAiTLDIdJRMBDlw8i0wbE7BxBB9XVjEdM2hQ7gbqkpvyuu3yIMzLMAsCz8zgvrCByetykMG4N3/A sg8xBy20NzTTPEPP6W4gArsj8IxIFEXPXDIHI5y7c9XjnutD1Fx3/cjEXhdCg7nkoqv00kz/EPba bGfTtiE0iDtupZh+cHIQb+ddNNh61wzDuiXc/fTgSshdtggna0344kTsrPPJct+cNuOU/+C03T/7 THXlnO8QueFzN91y/+ekx52z0+pWenXprMvgOM+K44zy2a3X7kIGlCpOAu4a6G7778CfUDcWmA6/ h/HoXhq777iXMDoM7c4uvc7Co9xu0s+bPHu4s+M++6U8j4t15jhM7kO5gZOrPeLPpxu47y30bHe6 j5ucwuXq6l5u7+XCz0LomkvazjYwQBGI62YFXAEBWSA/H8jNeZsbYPN6N8FzFa9ddbNa9lRnPpQh TmkYbNndXveBSwnOfZfqnfJUeKkRoA9dZcMU2c4mPgN6j27em5/conczTBEQU0mz2wJxILn0jcBw ODug+k4mPpwlDWXU+6DOAPhBxJGLXTssIcvURcDTpW9dK2NXzkTgOP8ohq+LklPazkbHxNOdbn9h 9OIbn1cyyenucJjrn7iSdsUfZu1xYrwi1p5IOxhqbW5pPJsSrSdGuomPflfEohjTqLJG8oyLBxSX EzHXsgJGMnwH1NwUoXiyNkLRfzKYXRSXRjssgvBmXYRhpZSGPk0+rpVUgyMJxCU6k/HyiL2bmy0d GcG5/bGRokSZ9xKoR3bBUWe4m1zotmhJpbHMmVOM3OYCeIO6eZCMTKOfOL93wGj6zInmsuYQ0aey 0f1yZ5B05rnYNcAdtnN/nDynKI2ZOheGM2sr4yLa0FZJdlIKjHEs2ydVBkU6Qi9tADzg9jgZutf1 DJFlu+gQy7jGquFWs3hdZJq67Iazghqwj1q0YCNN1tGTAvSS2NwkDNcVzVvCU4lZMxw+A2lPPAYB lScAKgvgWTqhYs2hwTNgIZPaNPMxtWpIDV7unkrVqlr1qljNqlZJFwIAOw== ------=_NextPart_01C612A6.F8FA1D50 Content-Location: file:///C:/0E2B4C8D/bw_out_out_damned_spam_files/image004.gif Content-Transfer-Encoding: base64 Content-Type: image/gif R0lGODlhAQABAJEBAP///////wAAAAAAACH5BAEAAAEALAAAAAABAAEAAAICTAEAOw== ------=_NextPart_01C612A6.F8FA1D50 Content-Location: file:///C:/0E2B4C8D/bw_out_out_damned_spam_files/filelist.xml Content-Transfer-Encoding: quoted-printable Content-Type: text/xml; charset="utf-8" ------=_NextPart_01C612A6.F8FA1D50--