Combating the onslaught of spam

Chances are you’ve received several e-mails that promise you cheap Viagra, diet pills that really work, a chance to win a million-dollar lottery in some country you’ve never heard of, and several million dollars needing to be liberated from a Sudanese government minister’s bank account. If you have, then you’ve been spammed.

Spam, or unsolicited bulk e-mail, is fast becoming the bane of every Internet user’s existence, clogging our in-boxes and wasting our time with dodgy sales offers. It is an increasing problem worldwide, with companies such as local Internet service provider (ISP) M-Web estimating that as much as 80% of all e-mail sent is spam.

Spam consumes server time and bandwidth, making the Internet and e-mail slower and more expensive for ISPs and users alike, says Anthony Southgate, general manager of Security for Internet Solutions.

The onus is increasingly falling on ISPs and companies to prevent spam before it gets to users’ desktops, because sexually explicit or otherwise offensive spam may open up the service provider to legal liability, says Southgate. As a result, South African ISPs are increasingly taking a pro- active approach to spam and filtering or deleting it before it reaches your e-mail inbox.

Adrian Punt, service delivery manager at Tiscali South Africa, says that spam is a “massive” problem and that Tiscali adopts an aggressive approach: “We treat spam the same way as viruses — we delete it.” Like other ISPs, Tiscali uses sophisticated software that checks all incoming e-mails, analysing their content to determine whether they are spam.

This analysis takes into account the subject matter, the words used, whether the message contains images (spammers often send messages containing an image, hoping to fool systems that check words), and the e-mail address it is sent from. Each message is given a score on these checks and messages that have a high score are rejected as spam.

ISPs also use databases of addresses provided by spam-busting organisations such as Spamcop or Spamhaus routinely to block mail from known spammers. This is only partially effective, because spammers tend to move faster than the people maintaining these lists. ISPs also set up “honeypots” — dummy addresses posted on websites, used to attract and divert spam from legitimate e-mail addresses.

The problem with filtering e-mails before you, the user, get them, is that ISPs run the risk of “false positives” — mistaking legitimate mail as spam.

Mervyn Goliath, general manager of technology operations at M-Web, agrees that false positives are the biggest risk of spam-filtering software, but says that M-Web has not seen an increase in complaints about deleted e-mails.

This has not been the case internationally. Recent research in the United States found that 17% of legitimate e-mails were being blocked by the US’s top 12 ISPs.

Although technology experts agree spam is a large problem, they disagree on whether it will remain a problem and on what should be done about it.

Southgate thinks that as anti-spam software gets more sophisticated it will eventually force spammers out of business. Others are less optimistic, saying that current spam-busting methods are barely keeping pace with the deluge of junk e-mail.

Microsoft has proposed a solution called Penny Black, which requires the e-mail sender’s computer to spend 20 seconds calculating a complicated algorithm for each e-mail that is sent.

Microsoft’s argument is that for the average user, waiting 20 seconds to send an e-mail is not onerous, but it should deter spammers, who send out hundreds of thousands of messages.

Response to this proposal has been mixed, as has response to other ideas, such as authenticating each sender, or even charging for each e-mail sent.

Whether any of these proposals will be adopted remains to be seen.

Additional reporting by Ken Young

Web guideM



Subscribe to the M&G

These are unprecedented times, and the role of media to tell and record the story of South Africa as it develops is more important than ever.

The Mail & Guardian is a proud news publisher with roots stretching back 35 years, and we’ve survived right from day one thanks to the support of readers who value fiercely independent journalism that is beholden to no-one. To help us continue for another 35 future years with the same proud values, please consider taking out a subscription.

Related stories

A game of cat and mouse

Geoff, a South African software developer, says that he downloaded about 30 gigabytes of music to his computer over the past year. This collection, which, depending on the quality of the files, would take him about 20 days of continuous playing just to listen to, didn't cost him a cent -- he downloaded it all from the Internet. Until intellectual property rights can be properly enforced, piracy will continue to be 'part of Internet culture'.

Is open source the saviour?

Open-source software (OSS) has had a lot of publicity recently, the most noticeable of which was the launch of the Mark Shuttleworth-backed Go Open Source campaign earlier this month. Everybody, it seems, from the government to private corporations, NGOs and home users, is hailing open source as the saviour of the IT industry in South Africa. But is it really?

Worm in the machine

On Monday morning, thousands of computer users woke up to the news that yet another worm was wreaking havoc on computer desktops and networks across South Africa and the world. The fact is, that these attacks are becoming more frequent, and in some cases more sophisticated, than ever before. The whole thing is a race between virus writers, developers and security experts, and it's getting faster.

press releases

Loading latest Press Releases…

The best local and international journalism

handpicked and in your inbox every weekday