Dam that spam

Spam-fighting standards and services won't make anti-spam products obsolete any time soon

Spam annoys everyone, even Bill Gates. That’s why Microsoft recently proposed a technology it called "Caller ID for e-mail" which is intended to verify that the sender shown in the From: part of an e-mail is the real sender. Several other organizations have come up with their own versions of this idea, and the different standards may become integrated into a single standard called the Sender ID Framework -- if all interested parties can come to an agreement.

In the meantime, there are several incompatible standards, some of which are already in use by large ISPs such as Yahoo. Ironically, according to Brightmail technicians, their monitoring of e-mail shows that spammers are complying with these new standards much faster than the population as a whole -- more than 12 percent of spammers versus less than 2 percent of all e-mail users.

Even if everyone agrees on a single Sender ID framework, there’s no guarantee it will stop spam. Instead, it just verifies the identity of the e-mail sender. Assuming that spammers don’t find a way to circumvent the standard before it’s agreed upon, it will be easier to track down spammers and prosecute them if they violate the CAN-SPAM act.

Other organizations are also trying to help stop spam. For instance, a number of volunteer organizations maintain lists of spammers or suspected spammers, called black hole lists, or RBLs (real-time black hole lists). These lists are made up of e-mail servers that send spam, e-mail servers that will relay e-mail from anyone, or e-mail servers that are running on cable modem networks.

The intent is laudable, but the results are sometimes less than perfect. These organizations are not responsible to anyone. They are volunteer outfits offering free services, and they can decide on a whim whether to blacklist companies or individuals who may not have anything to do with spam. Many of the e-mail servers on these lists may not be actually sending spam. They may be servers that only have the potential to be used to send spam, or servers run by small companies that are trying to save money. Some RBLs, including sorbs.net, have even decided that all users of DDNS are spammers, resulting in all e-mail, spam or not, sent from DDNS domains to users of the sorbs.net RBL being bounced.

Fortunately, there are alternatives to these non-standard standards. Given the performance of the anti-spam gateways in my most recent tests, the ability to filter out 95 percent to 98 percent of spam with few or no false positives is not dependent on either Sender ID or RBLs.