How to put the lid on spam in the enterprise: Part 2

Spam is big business; it's economical and cheap. If a spammer sends 500,000 mass e-mails, and the mailing elicits only five or six responses, the effort would be considered a success in many spammers' books. There is really no cost involved with sending out the mailing in the first place.

Spammers aren't about to give up an easy, profitable living easily. Here are some ways spammers avoid detection:

  • Spammers are creative. They stay on top of the latest detection and filtering techniques and find ways around them. Unsolicited commercial e-mail not only requires programming savvy; it also requires creative trickery to avoid coming across as obvious spam. Most spammers go to great lengths to disguise their messages to look like legitimate e-mails to avoid detection.
  • Spam is polymorphic in nature. Think back to just a couple of years ago and how much easier it was for software to spot spam. There were hints such as subject lines written in all capital letters, overuse of exclamation points and, of course, the keyword "free." All these were dead giveaways that the e-mail was spam. Today's spammers know what keywords not to use in subject lines. To get around the filters, they might insert a space between each letter of a banned word so that it's still readable, but won't be detected by software.
Chris Miller

American Online, Yahoo and Microsoft recently announced a joint initiative to combat spam through techniques such as identifying and restricting messages with deceptive headers (see story). At the same time, these industry leaders are calling for national legislation to regulate spam in the U.S.

Legalities of spam

Most of the spam in the world comes from the U.S., which has no national antispam laws. Europe, Australia, Korea and Japan already have tough laws that restrict spam, including opt-in requirements, subject-line labeling, provisions for accurate return addresses and a range of criminal penalties for mass-mailing violations. Twenty-nine states in the U.S. have their own antispam laws on the books, but most agree that a strong federal antispam law would be more effective.

The Federal Trade Commission (FTC) recently wrapped up a three-day forum dedicated to spam (see story). At that conference, the FTC said that in 2001 it received 10,000 junk e-mails each day forwarded by complaining consumers. The agency now receives 130,000 messages daily. According to estimates at the FTC hearing, 40% to 75% of all e-mail traffic is spam, and the FTC released a study saying two-thirds of all spam contains false information.

To date, efforts to restrict spam have been averted, but legislation appears to be on the horizon that will stick. Three separate spam bills are pending before Congress:

  • The Lofgren bill: U.S. Rep. Zoe Lofgren (D-Calif.) proposes placing guidelines on commercial e-mail and authorizing the FTC to use 20% of the money from fines it would collect to reward individuals who identify spammers.
  • Burns-Wyden bill: Also known as the CAN-SPAM bill. Sens. Conrad Burns (R-Mont.) and Ron Wyden (D-Ore.) propose that unsolicited e-mail marketing messages have a valid return address so recipients can ask to be removed from mass e-mail lists. Spammers would also be prohibited from sending any further messages to a consumer who has asked them to stop.
  • Schumer bill: Sen. Charles Schumer (D-N.Y.) proposes creation of a national "no e-mail" list similar to the do-not-call lists aimed at telemarketers. The proposal would also require mandatory subject-line identification of spam so recipients can quickly determine whether to look at messages or delete them. This bill proposes stiff civil and criminal penalties, including prison time of up to two years for severe repeat offenders.

Antispam solutions

If any of these bills is passed into law, the legislation would help to curb spam, but it's likely that spammers won't give up easily. Spam is always evolving, making it a challenge to detect. Just as what works for spammers one day may not work the next, the same applies to those of us responsible for curbing spam at our companies. There is no single tool that will eliminate spam completely, but there are many different approaches for filtering it. As the amount of spam increases and clogs the information superhighway, enterprise administrators are looking for ways to detect and block spam before it hits their employees' in-boxes.

The most effective way to provide long-term protection against spam is to take a multilayered approach that maximizes detection but minimizes false positives. Use antivirus software that provides several layers of protection, including:

  • Support for multiple real-time blacklists
  • Heuristic antispam engine
  • Custom blacklists
  • Subject-line blocking
  • False-positive prevention and management, including:

    • Subject-line tagging, allowing the administrator to filter at the gateway or client levels
    • Quarantining of suspected spam to a special administrative e-mail account

Copyright © 2003 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon