It’s been nearly a decade since spammers and their enemies began evolving
competitively. As with the classic cheetah/gazelle model originally formulated
by Darwin, each time one group becomes a little faster or more agile, its
adversaries develop traits for outwitting and outrunning it.
Only, in the spam wars, the anti-spam gazelles have a little problem: the
cheetahs seem to be winning.
The number of unsolicted commercial electronic messages received by the
average American in 2001 was 571, according to Jupiter Media Metrix. By
2006, Jupiter says, that number will increase to 1,400, with more than 206
billion spam messages going out over the course of the year. While these
numbers are notoriously difficult to calculate, every survey and ISP
record points to dramatic increases in spam, sometimes as much as 300
percent year over year.
The issue of of great interest and frustration to enterprise IT execs, who are finding
that
the need to solve the spam problem has never been more critical – and it
promises to become more of a problem. Spam leads to multiple costs for the
enterprise, using up valuable bandwidth resources, jamming e-mail servers, and
lowering employee productivity. There is good news: There are many efforts underway to
eradicate spam.
The Spam Resistance
One reliable indicator of the problem’s magnitude is the size of the anti-spam
effort. The range of tools available to ISPs, enterprises and consumers in the
fight against spam grew considerably during the Web bubble.
“There are a huge number of individual projects,” according to Tom
Geller, executive director of advocacy group SpamCon Foundation.
“Some of them are technical, some are complaint focused, some are running
statistics.”
The list includes reporting tools; complaint generators; block-lists like
SpamBag.org, Spam Prevention Early Warning System (SPEWS) and
Mail Abuse Prevention System (MAPS); advocacy and legal support groups;
information services like the Register of Known Spam Operators (ROKSO);
and filters of all kinds. If you want to get a sense of the scale of the
anti-spam community, just spend a few minutes browsing the posts on news.admin.net-abuse.email. It’s truly staggering.
A Play for Self-Regulation
Simultaneously, heavyweight Web marketers and interactive ad players have been
scrambling to distinguish their services from the bad guys, as well as to
counteract growing calls for government controls on digital marketing.
In one of the biggest such moves, the Direct Marketing Association (DMA),
through its subsidiary, the Association of Interactive Marketing (AIM), has
released online commercial solicitation guidelines in an effort “to promote
high ethical standards among marketers.” The rules require that members let
e-mail recipients know how they can refuse future mailings and allow consumers
to prevent the sale or rental of their addresses.
“The guidelines demonstrate that industry self-regulation is working,” said
DMA president and chief executive H. Robert Wientzen. “The guidelines
are fair to consumers and marketers alike.” (Contrary to Wientzen’s remark,
it’s not clear that self regulation is what all members of the DMA want, a point we’ll examine later.)
The DMA rules require that members give opt-out information for sold, rented
or exchanged consumer information. Additionally, every e-mail must reveal the
marketer’s identity, and the subject line must be “clear, honest, and not
misleading.” Marketers must also offer a detailed disclosure of each sender’s
use of customer info, offline contact information, and a statement of
adherence to the standards.
ISPs, for their part, are feeling real pressure from network administrators
and their customers to block spammers from their e-mail servers — pressure
that goes beyond the typical complaint and reporting methods. Many
spam-supporting ISPs are even finding themselves on the receiving end of
denial-of-service attacks.
Still Not Enough
All of this is insufficient for the gazelle to protect itself, however.
“Technical approaches are unlikely ever to eradicate spam,” according to David
Sorkin, associate professor of law at the the John Marshall Law School. “(This
is) partly because of the time and resources that spammers devote to their
activities and partly because of the inherent openness of the Internet and
e-mail protocols. ”