Canning Spam

Can spam be stopped? Worldwide, people are asking that very question. Only three years ago, spam took up about seven percent of inboxes, but now that number has reached almost 50 percent. By 2007, it is expected to rise by an additional 20 percent if nothing is done. As lawmakers scramble to find a solution, the threats of things to come don’t seem to be making a difference. Arrests have been made, fines handed out and even jail time awaits some spammers, but yet, it continues.

Gary Thuerk sent out the first spam message on May 3, 1978. Working as a marketing manager, he wanted to let others know when and where the company’s new products would be revealed. There were several thousand people on the ARPAnet (modern day Internet) at the time, but Thuerk only chose about 600 computer scientists on the west coast to receive the e-mail invitation.

Now, spam is rising at a rate of about 15 percent each month in some areas, and is expected to cost businesses $10 billion in yearly expenses. After all, most Americans receive an average of 42 spam messages per day.

Brightmail, the world’s leader in anti-spam technology, announced that it had encountered 7.5 million pieces of spam in May after filtering 60 billion e-mail messages. (The total was only 4.7 million in May 2002.) The highest percentage was related to products (25 percent), while adult site promotion was next at 19 percent.

In March, America Online (AOL) announced its junk e-mail filters had trashed one billion pieces of spam in a 24-hour period. That same month, an ACNielsen Internet user survey found that junk mail and intrusive marketing are users’ biggest concerns. It is also costly to consumers in countries where unlimited Internet access isn’t an option - they too are paying to download this junk.

Attempts to Stop Spam

Nevada passed the first U.S. anti-spam law in July 1997, with the most recent enacted in Arizona (May 2003). Although some states, such as Florida, Kentucky and Oregon, still do not have laws regarding spam, of those that do, almost every law determines that the unsolicited e-mail must have a label in the subject line denoting it as an advertisement (“ADV”), have an “opt out” link that works, and the routing and sender must not be camouflaged in any way - it must be obvious who sent the e-mail.

California is currently working on a bill that would allow consumers, Internet Service Providers (ISPs) and the state to sue spammers - $500 for every piece of unsolicited e-mail. The bill proposes that judges be able to triple this fine if the spammers knew that they were in violation of these provisions.

In April, Virginia passed the toughest law to date. Tools that automatically send e-mails are banned and headers cannot be forged. If someone sends the same e-mail to 10,000 addresses in a single day, or makes $1,000 from unsolicited ads, penalties of up to five years in prison apply and the spammer must give up any profits and assets from the “business”.

But even though these laws are getting tougher, many still feel that a federal law is needed to curb it. Different rules in individual states can be confusing, especially since each unique law relates only to that given area.

Enter the U.S. Congress. There have been two bills introduced this year in an effort to stop the annoyance of spam. The first was the Computer Owner’s Bill of Rights, which would create a national “do not e-mail” list.
This would mean that spammers would have to be sure no one on this list was being sent junk e-mail.

The second bill is the Assault of Non-Solicited Pornography and Marketing Act - banning many of the methods used by spammers and incorporating a fine of $10 per e-mail if the spammer refuses to stop.

There are a couple of problems with these bills. If spammers ever got a hold of the opt-out list it could be a nightmare. This could happen because the lists would have to be available to the public so that names could be removed. Spammers could merely take the addresses and use them. And what about the individual states’ solution to have a genuine opt-out link? With so many spam e-mails having fake opt-out links in place, how would consumers know which ones are real? One of the ways of stopping this junk now is to avoid these links so that spammers don’t know the address is legitimate.

Others argue that by imposing such legislation, it might drive spammers out of the country, but it won’t stop the spam. They will just take it to places where there are no laws governing it, such as Canada. Many anxious Americans want to see something done because otherwise spammers could just go a little north of the border and still annoy millions of people.

The problems in Canada begin with the fact that the country does not even have a legitimate definition for spam, therefore making legislation virtually impossible. (They are currently using a definition from the Australian National Office for the Information Economy, which basically says it can be assumed that the recipient did not request to receive the messages.) Secondly, Canadian figures feel that since the majority of mail is not coming from this country, it would be hard to prosecute those who are sending the spam.

The Direct Marketing Association has joined forces with the Canadian Marketing Association to introduce an e-mail preference service, where e-mail addresses are added to an opt-out list, thus demanding that no spam be sent their way. Direct marketers do not have to abide by this list because they have had prior permission to send out the information to the recipients.
There is a Canadian law in place however, that says any spammer who sends an e-mail which interferes with critical computer systems, and puts the safety of Canadians in jeopardy, could go to jail for up to 10 years. To date, no one has been charged under this law.

Some of the best advice to stop spam comes from those calling for similar measures followed in marketing-by-fax - communication cannot take place unless the recipient has requested it. ISPs should be allowed to opt out of receiving any advertising at all. Or, some even suggest hitting spammers with a fine (therefore their pocketbooks). Then spamming is no longer profitable and many will most likely give up on the action all together.

What is being done?

Recently, EarthLink introduced a challenge-response system as an option for its five million members. They were the first of the major ISPs to offer the service, which checks all incoming mail against the customer’s e-mail address book, and if the addresses do not match, the recipient is offered several ways to accept or reject the message. Although it may be frustrating at first, it does pay off in the long run as the system begins to recognize “friends”. It is a way of controlling unsolicited e-mail and can ultimately offer 100 percent spam protection!

Many ISPs are now bringing lawsuits forward for those who blatantly ignore the non-spamming policy in contracts. AOL filed five lawsuits in mid-April after eight million of its customers complained about spam.

The most recent reward was given to EarthLink - a $16.4 million decision that the company will probably never see. Charges were brought against Howard Carmack (a.k.a. the “Buffalo Spammer”), an unemployed 36-year-old who used the identification of his uncle Joseph, his mentally disabled brother James Jr. and others to open 343 e-mail accounts with stolen credit cards. From these accounts he sent about 820 million spam messages. It didn’t really pay off either. A mere 36 sales were all he made over a three-month period, making $360 in commissions. That’s a far cry from the $16.4 million he still owes to EarthLink.

In an effort to stop spam, Microsoft announced in March that account holders with its MSN Hotmail service would not be able to send more than 100 messages per day. Behind the scenes, the MSN spam-abuse team generates its own IP address list of known spammers and blocks all messages from them before they can reach recipients.

Yahoo! also has limits, as determined by the usual patterns followed by spammers. They do not disclose the amount of e-mails they consider to be spamming however, because it would defeat the purpose of having this number in place.

In a first of its kind, students at John Marshall Law School in Chicago, Illinois are being offered a summer seminar on the legal and policy issues raised by e-mail marketing and spam. Discussions will include litigation and legislation involving spam; traditional doctrines of spam; constitutional concerns; legal aspects of blacklisting; and other relevant issues.

Foreign law enforcements from Australia, the U.S., Canada, Japan and Chile are working towards closing the thousands of open relays in 59 countries, which can be used to send spam. Basically, these relays are open systems that allow e-mail to be sent without needing an account. They stem from the early days of the Internet when an alternate route for e-mail was needed since the main transmission wasn’t completely dependable.

Tips to Avoid Spam

Stopping spam from arriving in inboxes throughout the world isn’t easy, but there are a few helpful hints. Personal e-mail addresses should contain both the first and last name, according to representatives of the GMX German e-mail portal. Or, a combination of numbers and letters together also helps (especially non-binary numbers).

Basically, since the electronic spam harvesters (that collect e-mail addresses over the Web) look for a combination of words or terms found in any dictionary, or words up to 10 letters long, it is important to learn how to side-step these systems.