Robin Arnfield, newsfactor.com
In January 2004, Bill Gates, the chairman of Microsoft, famously
predicted the end of spam in a speech at the World Economic
Forum. "Two years from now, spam will be solved," Gates said in his
speech. But, as any e-mail user knows, spam is still flying over the
Internet into everybody's inboxes.
"Spam is not dead, obviously, nor is it dying," said Forrester
Research analyst Jonathan Penn. "But I do think that it is a problem
that has been largely solved for end-users, employees, and consumers."
There are plenty of good antispam products from enterprise-security
vendors as well as solutions developed by and deployed at Internet
service providers (ISPs), according to Penn. "These are far from
perfect, to be sure, but very good," he said.
"However, for ISPs especially, the spam problem is not fully solved by
any means," Penn said. "They still spend a lot of money on R&D in a
cat-and-mouse game with spammers, as well as the infrastructure
investment to deal with the inbound volume that gets rejected at or
near the gateway."
Sender Authentication
In 2004, Microsoft came up with the concept of Sender ID, an e-mail
authentication technology, as a means of combating spam. Sender ID
checks a registered list to determine whether a message came from the
same domain as the e-mail address indicates. The technology has not
caught on among ISPs and corporations.
"Sender authentication solutions are very slow to reach maturity, and
that is simply a shame on the ISPs, who have not been aggressive
enough in developing the specs and deploying them in full force," Penn
said.
"In this case, the 'perfect' is the enemy of the 'good enough,'" Penn
explained. "The world would not stop spinning if ISPs would implement
effective, albeit imperfect, solutions available today. We've seen
much more tolerance by companies for imperfect solutions -- those that
might temporarily block some e-marketing messages, for example -- than
the ISPs seem comfortable deploying."
Penn pointed out that, in addition to helping solve the spam problem,
sender-authentication technologies can be useful for stopping phishing
attacks. "These problems, especially phishing, have not even
diminished, much less gone away," Penn said.
Dynamic Filtering
Ken Schneider, chief architect at U.S. Internet security vendor
Symantec, said that his company is generally supportive of
e-mail-authentication efforts.
"These do not solve the problem of spam, but they provide an
additional level of filtering on top of antispam filters," Schneider
said.
"You need very dynamic antispam filters, as the spam being sent out
changes on a daily basis," Schneider pointed out. "But if e-mail users
have a good antispam filter in their e-mail system, they should catch
most of the spam. And if an ISP deploys effective filtering, they
will block a lot of junk e-mails."
Court Cases
In recent months, there have been several high-profile U.S. court
cases in which spammers have received heavy sentences.
On Monday, January 23, Jeanson James Ancheta, of Downey, California,
pleaded guilty to federal charges related to his assembly of a botnet
consisting of hundreds of thousands of computers to spread spam and
malicious software, and of profiting from the zombie machines through
the unauthorized distribution of adware.
Last month, CIS Internet Services, a Clinton, Iowa-based Internet
service provider, was awarded $11.2 billion in a court judgment
against a Florida man who sent millions of unsolicited pieces of
commercial e-mail.
Copyright 2006 NewsFactor Network, Inc.