Philip Machanick
Just when you thought it safe to use the Internet, junk mail sharks have started to bite. What’s more, they’re made of spam.
Thanks to “bulk mail e-mail lists”, millions of users of the Internet can be hit at once with unwanted mail, selling anything from porn to more bulk e-mail lists. Sellers of such lists apparently defend themselves as engaging in legitimate marketing.
Increasingly, junk mailers don’t allow you the option of replying by e-mail. A common trick is to forge return addresses. This is easier than it sounds.
If a snail mail order company sends unsolicited junk mail, I can get on the phone and complain or I can mark it “return to sender”. But receiving junk e-mail with a forged header does not allow such an easy option. In some cases, the advertiser goes to great lengths to make it hard to contact them – which would appear to defeat the object of advertising – but no doubt the trade off is that the small fraction of recipients who want the product will take the trouble, and those merely irritated with the mail will simply trash it.
One trick in newsgroups is people adding junk to their e-mail address, and you have to edit the junk out if you want to reply to the person. If everyone does this and in different and inconsistent ways, it becomes hard for an address trawler to automate picking up addresses from newsgroups.
Unfortunately, there are limits to how far you can go with putting junk in your e-mail address. For example, if you are a member of a mailing list, you have to use your real address, since mail is sent to you by a program which can’t edit out random junk. And I’ve seen evidence that spammers are trawling mailing lists.
Another possibility is to block spam. Your mail program may have a feature for filtering mail. If you can find a way of identifying a particular spammer, you can set the filter to trash such mail. Or you could use a firewall – a system designed to protect the internal network from the outside world. A firewall can be set to reject some kinds of incoming mail.
The problem with any strategy for blocking spam is that you need to receive at least one message to know what to look for in the filtering process. Some of the spammers are now starting to vary the form of their messages frequently to make this hard.
Are there more robust solutions, or is everyone who lets their e-mail address float into a public place doomed to be spammed? One possibility is an improvement in mail authentication, a process by which you identify yourself to another party in a communication and prove you are who you say you are. To impose a new standard of authentication on e-mail will be difficult, given how many people use existing mail programs.
But if spamming becomes enough of a problem, demand for improved authentication will grow. Then a message claiming to be from a particular site when it’s not can be blocked.
A sad possibility is that the Net as we know it could die out as a result of such abuse. If the Net were run by a closed organisation where users’ identities had to be verified and tactics like forging mail headers could be clamped down on by a controlling body, spamming could be stopped.
But other valuable features of the Net would be lost. For example, there is value in the concept of anonymous posting services, which allow users to send messages to a discussion group. Also, the current situation where anyone who can afford a computer can hook up to the Net with minimal bureaucracy would be lost.
More information on spamming can be found in the PCReview at