hit more fairways. make more putts. avoid the hazards. play by the rules.
Houston, We Have A Concert »
« Beware: Static Electricity Can Put Your Blackberry to Sleep
This Won’t Work Either

Posted on Wednesday 28 January 2004

I can say categorically that the Can-Spam Act has had no effect whatsoever on the flood of spam that hits my mail server. And I have the stats to prove it. This proposal about porn spam from the FTC will likewise have no effect.

The FTC, which is charged with enforcing the Can-Spam Act…proposed a rule that would require senders of adult-related e-mail to include the phrase, “Sexually-Explicit-Content:” in messages. That way, recipients would be able to recognize and easily filter such e-mail before viewing it, according to the FTC and backers of the law.

It’s simple, really. True spammers (not to be confused with legitimate commercial emailers) don’t care about the law, and won’t adhere to it. It’s more profitable for them to continue to spam and defend themselves if caught than to obey the law.

I doubt that spam will ever go away, but it will become less of an intrusion as technical anti-spam measures become more effective and make spamming less effective and thus less profitable. The technical measures are fairly simple.

  • Honest people who operate mail servers must make sure those servers are locked down against unauthorized use. That is, relaying by unknown users must never be allowed. This will cut down on the old-fashioned ‘open relay’ type of spam, which is still all too common. Server software developers should make sure their products, whether paid or open source, come with clear documentation explaining how to lock down the server. Preferably the server should come locked down out of the box.

  • Server operators should also implement some sort of server-side filtering to block inbound spam bound for their customers’ accounts. The actual methods and thresholds used for these filters will range from server to server and from domain to domain.

  • End users should insist that their mail clients have good spam filters and they should use them. If their preferred mail client doesn’t come equipped with robust filtering they should install one of the commercially available filters, or insist that their IT department install one for them.

  • End users (and their IT departments) must make sure their anti-worm and anti-virus defenses are up to date and active, and end users must become more educated. This week’s Mydoom outbreak could have been nipped in its earliest stages if only people would stop opening attachments from people they don’t know.


Sorry, the comment form is closed at this time.