Spam, Spam, Spam...
RIVER BENDER - February 2002
I
t took Hormel Foods to explain the use of the term "Spam" in the Internet context as coming from a Marty Python skit in which a group of Vikings sang a chorus of "SPAM, SPAM, SPAM...etc.," in increasing crescendo, drowning out other conversation. Hence the analogy applies because unsolicited e-mail called spam is drowning out normal discourse on the Internet.There’s no question that spam is increasing. Everybody seems to know what it is but are having trouble agreeing on a definition. Besides, it keeps changing. Spam once meant crashing a program by overloading its buffer. Later it became the cross posting of messages on numerous USENET newsgroups, regardless of the subject. Now spam has come to include unsolicited e-mail and more specifically the mass mailing of junk mail.
But we have a problem. If I send you a message and you don’t know me is it unsolicited? Should I be barred from sending you a message? This dialog can continue ad infinitum but what it boils down to is that spam is e-mail you don’t care for, for whatever reason. For example, we had a new attendee sign up for membership in NBCUG that placed him on the club’s e-mail list. Shortly afterwards I received a message from him asking who all those people were sending him e-mail. After explaining that he was on the NBCUG list where any member could broadcast a message to all others, he demanded that I remove him from the list. The first lesson is that if you don’t want e-mail you shouldn't have your address on an e-mail list. By the way, NBCUG and RBmail lists are both "closed" lists, which means that you can only receive mail from members. It is not possible for an outside company to spam the two lists.
Where do spammers get your e-mail address? Quite often you gave it to them. Remember those free coupons on the web? They were likely a ploy to get your address. There are numerous ways that spammers get your address. Many companies make a business harvesting addresses to sell to companies wanting to advertise. For example, software can now scan some 50,000+ newsgroups and pluck addresses of those posting messages. Practically all web pages have e-mail addresses on them that can be scanned. Just type "mailing list" in any search engine and you’ll see how easy it is to purchase a mailing list with thousands of addresses.
What’s being done to stop spam? Activity is going on in the legislative arena that will hopefully make the sending of spam less commercially appealing. Laws finally got rid of fax spam so perhaps the same will happen to e-mail spam someday. In the meantime people are taking matters into their own hands and blacklists of Internet Service Providers (ISPs) that happen to be friendly or complacent to spammers have appeared. Many ISPS subscribe to the blacklists and are blocking e-mail from the listed sites.
Anti-spam vigilantes constantly scan the Internet for spammers and enlist ISPs to help thwart them. Many think this is a noble cause but others say the cure is worse than the disease because innocent people are often denied e-mail service. The heavy-handed anti-spammers agree that a few babies have to be thrown out with the bath water but simply reply that it's the price one has to pay to fight spam.
Anti-spamming, blacklisting and blocking is quite complicated and requires knowledge of how e-mail transits through the Internet. We'll probably discuss this in a future article but for now here are the basics. One of the major anti-spammers is the "Mail Abuse Prevention System" or MAPS at http://www.mail-abuse.org. They maintain what is called the "Real-time Blackhole List" or RBL. MAPS constantly searches for Internet Protocol (IP) addresses that originate or even relay spam and investigate spam reports sent to them. You need to go to their web site to see how they define spam. Guilty IP addresses are added to the RBL (Blackhole list) and the list becomes updated at all ISPS that subscribe to it. Subscribing ISPs then block e-mail traffic to the listed IP addresses. Thousands of ISPs are said to be using RBL. This may be reducing spam but it's increasing friction between ISPs, companies and users when end users' e-mail becomes severed and they haven't the foggiest notion why. Removal from RBL becomes another problem and court cases are starting to appear. So far it appears that anti-spammers are winning.