“One likes to believe in the freedom of music,
But glittering prizes and endless compromises
Shatter the illusion of integrity.”
-Rush, The Spirit of Radio
Between 5:00 PM Friday afternoon and 8:00 AM Monday morning I received 151 pieces of spam – email “junk mail” – in my corporate inbox. As you might guess, my email address is completely, and I fear permanently, polluted. What I once considered to be just a mild nuisance is now a genuine drain on daily productivity. I probably spend twenty to thirty minutes a day evading spam, and this is up from maybe one or two minutes a year ago.
Spam is fast becoming an epidemic. Brightmail, one of the leading providers of spam-fighting technology systems, estimates that the percentage of incoming emails considered junk has more than doubled since September to well over 15% of all email. Research house Gartner estimates that spam increased at least five-fold in 2001. Left unchecked, spam will undoubtedly cost corporations billions of dollars in lost productivity and squandered IT resources. Overzealous and overly clever electronic marketers are desperately compromising this highly efficient new corporate communication medium of email.
Why is spam such a problem? The most relevant answer to that question is pure economics. The cost to send an incremental email is fast approaching $0.00. With no variable costs, the e-marketer is encouraged to send as many solicitations as it possibly can – there is no diminishing marginal return as you might experience in direct mail or telemarketing. Moreover, email lists can be replicated with mind-numbing simplicity, and as a result, there are several places on the web where you can buy a CD of over 10 million email addresses for under $200. Lastly, thousands and thousands of email servers are unknowingly being used as hosts for spam assaults due to a problem known as “open relays”. By bouncing their offers off these ill-programmed hosts, parasitic solicitors simultaneously reduce their costs as well as their likelihood of being caught.
The first and most common spam prevention advice is to educate employees with regards to proper email user behavior. This is like telling someone that learning to swim will be helpful in the event of a tsunami. For starters, if your email address has ever been posted anywhere on the web you likely already have a significant spam problem. Web “spiders” electronically crawl the web and assemble email address lists that are fast included on the above-mentioned CDs. Other spammers simply “guess” as to what your email address might be, by appending a common name to a popular domain. I would hate to see how much spam john@aol.com has to comb through. Another common trick is to include in a spam solicitation instructions for “unsubscribing” from a list. When users do unsubscribe, the spammer knows this is a live address – now your address is sold for a premium to direct marketers. Remember, it only takes one misstep for your address to be completely compromised, due to the ease of electronic replication.
Once you realize the futility of the “user behavior” defense, you or your corporation will likely seek out a technical solution to this problem. Several companies sell email filter technologies which help identify unwanted emails by recognizing key phrases, or by helping you manage a list of perpetrators. With these mundane solutions it is impossible to keep up with the spammers – it’s like cutting the lawn with nail clippers. More sophisticated solutions run large data-centers and analyze messages sent to a large number of locations on the Internet. With this global knowledge, these companies are better suited to recognize spammers using large lists across several ISPs and domains. Brightmail is generally considered the leader in this category.
While these technology solutions can help reduce the problem, I am not convinced that they can solve the problem outright. The reason is something known as a “false positive.” These non-deterministic solutions are built to make a best guess as to whether or not an email is indeed spam. The problem with this educated guessing is that eventually you make a mistake. If one or two pieces of spam are allowed to pass, no real harm is done. However, if you mistakenly identify a “real” email as spam and delete it, you have a major problem in the corporate world. Imagine what happens when your company misses a key sales opportunity because the SpamNoMore software guessed incorrectly. The software is removed that’s what happens. This zero false-positive hurdle creates a real dilemma, and any company that can solve it will likely make millions.
With legislation as a possible solution, one could wonder why we even need a technology solution. Consider that our government could depend on each and every company to protect itself from murder and theft by requiring them to defend all of their locations with armed guards. It is simply more efficient to make these things illegal and rely on our public police for enforcement. The same is true for spam. With the exponential rise of spam, its obvious impact on corporate productivity, and its relative uselessness within the corporate setting – the members of the senate and congress should act swiftly and vigorously to put an end to spam. There are proposed bills in front of the house and the senate, but they all fall short of what is truly needed. Ironically, most government officials have moved to web-based contact forms on their web sites instead of disclosed email addresses. Clearly they “know of” the problem – let’s just see if they have the guts to take care of it.
Of course legislation is just the first step with enforcement being the second. The government must not only pass desperately needed legislation, but also simultaneously and ruthlessly prosecute offenders. Additionally, as spam is a global problem, not a U.S. problem, our government will need to work with other countries to completely stop the abuses. Email is fast becoming the preferred communication medium for many corporations. Moreover, email is also the baseline for many new cross-company workflow applications. We simply cannot allow a bunch of Viagra ads to put a dent in the evolution of the global economy.
For more information on stopping spam, please see the following resources:
http://spam.abuse.net/
http://www.cauce.org/