Spam e-mail is now officially near epidemic levels. Anti-spam software firm MessageLabs says that 53 percent of e-mail received in the UK is spam. In the US it has now reached 78 percent. So isn't it time service providers (ISPs) took more action to stamp out spam before it reaches subscribers?
Some of the larger ISPs already believe they are. Last month, AOL announced that it was filtering
out 2 billion spam e-mails a day. Yahoo! and Hotmail filter out about 1 billion each.
ILLUSTRATION MOUNTAIN PEOPLE
In the UK, the Internet Service Providers Association (ISPA), which represents the interests of about 100 British ISPs, says spam should be tackled at all levels: by legislation, by consumer awareness of desktop spam blockers, and by ISPs themselves.
But the ISPA admits that many of its members do not have anti-spam filtering in place because they are concerned about how to make it pay. In addition, it says they are finding it complex negotiating their way around the legal issues of blocking spam on behalf of users. As a result, the ISPA recommends that ISPs offer centralized filtering services as well as urging subscribers to install anti-spam software at the desktop -- a double defense against spam.
The reality is that most ISPs do a certain amount of filtering that is never seen by subscribers. They monitor bulk e-mails and use blacklists provided by spam watchers to block those that they believe are from known spam-mers or carrying viruses -- so called "blackholing."
But filtering e-mail before it gets to users is somewhat problematic. The main concern is the issue of "false positives" -- the blocking of e-mails that subscribers actually want, or that have been sent by legitimate e-mail marketers.
Most spam filters get around this to some degree by placing spam in an accessible folder for a defined period of time: users can look through the spam folder if they wish. Once they have found that the filters are working effectively, users rarely check, but it only needs a few to complain about losing important e-mail to cause a problem.
Another drawback with spam folders is that they put a storage burden on the ISP while it temporarily holds huge volumes of filtered e-mails. AOL tackles this problem by operating a two-tier system: it filters some spam centrally and also gets its subscribers to install anti-spam software on their desktops for free, setting up a spam folder for them to manage. This software allows spam to be blocked collaboratively, in that information about the spam blocked by users is fed back to
the in-house system.
But AOL has been criticized for its in-house filtering. In 2002, it angered US publisher ZDnet because it was filtering out ZDnet's e-mail newsletters. More recently, it has been involved in a legal dispute with US web-hosting company C I Host, which claims its customers are being unfairly filtered by AOL. AOL maintains it is only filtering out bulk mail that its subscribers have rejected.
Not surprisingly, the direct marketing industry is monitoring the situation, bolstered by recent research by Return Path which found that 17 percent of legitimate e-mails were being blocked by America's top 12 ISPs. In the US, a marketing e-mail is allowed unless a subscriber chooses to opt out, whereas in Europe it can only be sent if the receiver has opted in.
Some ISPs are still testing filtering with small numbers of users before a full-scale roll out. In the UK for example, Pipex has been running a service using Brightmail software for 1,500 Cix subscribers as part of a bundle of services costing ?7 (US$13) per month.
But Pipex found that, despite the small number of users, the service has been unable to cope with the volume of spam and was not filtering satisfactorily. It now plans to install a new system using different technology, which it hopes will be more effective.
BT Yahoo! also started filtering using Brightmail last year, but switched to the Spamguard system developed by Yahoo! so that it could offer users more customization. Like AOL's system, which swallows the cost, it is essentially collaborative in that it uses spam reports from subscribers to constantly update the database of known spam.
Mike Galvin, director of online services at BT Retail, says that around 50 percent of BT Yahoo!'s traffic is spam, which is filtered directly or ends up in users' spam folders. Users have up to four weeks to check before spams are automatically deleted. BT typically handles 25 million e-mails a day, but recently this jumped to 100 million when it was the victim of a spam attack.
Galvin is at pains to point out the central conundrum for ISPs: "There is no agreed definition of what spam is, but we say it's anything that causes distress to a subscriber."
He says that BT has won court cases against e-mail marketers who claim they are being unfairly filtered on the basis of this definition, but admits that BT has had the same problem as AOL in occasionally blacklisting legitimate newsletters due to the difficulty of differentiating such e-mails from spam. He estimates that the service, which is free, cuts spam to an average of 10 percent.
He says: "I think spam is peaking now: it will slowly begin to be less of a problem because the software is getting more sophisticated and ISPs are working more collaboratively."
But not everyone is so optimistic, and Dan Scobie, business solutions manger at Star Internet, reckons most ISPs are still not doing enough: "There is something of a wall of silence on the matter.
Most ISPs don't want to invest in these services right now, but I question their thinking. How can they afford not to do it? ISPs are expected to protect their customers: the industry has to face up to this," he said.
Scobie is convinced that ISPs can cover the cost of anti-spam services if they charge appropriate amounts. Star Internet
runs an anti-spam service using MessageLabs' CleanMail software, which costs around ?1 (US$1.80) per month.
But he admits that Star also faces the "false positives" problem, and says the company is about to introduce spam folders so that subscribers can keep an eye on the filtering themselves.
It will hold spam for 24 hours before it's deleted.
Graham Cluley, senior
technology consultant at anti-virus vendor Sophos, believes that the in-house approach is often not effective enough: "The anti-spam technology is often failing to deliver effective barriers against spam and in-house solutions often fall short of users' expectations."
He blames the problems on poor installations and ineffective product updates.
The EU’s biggest banks have spent years quietly creating a new way to pay that could finally allow customers to ditch their Visa Inc and Mastercard Inc cards — the latest sign that the region is looking to dislodge two of the most valuable financial firms on the planet. Wero, as the project is known, is now rolling out across much of western Europe. Backed by 16 major banks and payment processors including BNP Paribas SA, Deutsche Bank AG and Worldline SA, the platform would eventually allow a German customer to instantly settle up with, say, a hotel in France
On August 6, Ukraine crossed its northeastern border and invaded the Russian region of Kursk. After spending more than two years seeking to oust Russian forces from its own territory, Kiev turned the tables on Moscow. Vladimir Putin seemed thrown off guard. In a televised meeting about the incursion, Putin came across as patently not in control of events. The reasons for the Ukrainian offensive remain unclear. It could be an attempt to wear away at the morale of both Russia’s military and its populace, and to boost morale in Ukraine; to undermine popular and elite confidence in Putin’s rule; to
A traffic accident in Taichung — a city bus on Sept. 22 hit two Tunghai University students on a pedestrian crossing, killing one and injuring the other — has once again brought up the issue of Taiwan being a “living hell for pedestrians” and large vehicle safety to public attention. A deadly traffic accident in Taichung on Dec. 27, 2022, when a city bus hit a foreign national, his Taiwanese wife and their one-year-old son in a stroller on a pedestrian crossing, killing the wife and son, had shocked the public, leading to discussions and traffic law amendments. However, just after the
The international community was shocked when Israel was accused of launching an attack on Lebanon by rigging pagers to explode. Most media reports in Taiwan focused on whether the pagers were produced locally, arousing public concern. However, Taiwanese should also look at the matter from a security and national defense perspective. Lebanon has eschewed technology, partly because of concerns that countries would penetrate its telecommunications networks to steal confidential information or launch cyberattacks. It has largely abandoned smartphones and modern telecommunications systems, replacing them with older and relatively basic communications equipment. However, the incident shows that using older technology alone cannot