For the past several years, there has been much debate regarding what to do about unsolicited bulk email from strangers, or spam. Unsolicited email is annoying to almost everyone. However, the two most popular strategies for combatting it – legislation and anti-spam blacklists – have fundamental flaws. Anti-spam bills have been badly written and frequently wander into areas where legislators have no expertise, such as the establishment of Internet standards. Anti-spam blacklists, such as the MAPS RBL (Mail Abuse Prevention System Realtime Blackhole List), result in blocking large amounts of non-spam from innocent people. This is done with no notice to the users, who often do not even know that their mail is not being delivered.

The focus of efforts to stop spam should be to protecting end users and not stopping spammers at all costs. Specifically, any measure for stopping spam must ensure that non-spam messages reach their intended recipients. Proposed solutions that do not fulfill this minimal goal can themselves cause more problems that solving them. This may impact on the growth of the Internet.

Legislative Shortcomings

The legislative proposals that have dominated the anti-spam policy debate for the last several years have failed. The several existing laws against spam are too hard to enforce and have done nothing to stem the tide of spam.

Serious problems with the anti-spam legislation we have seen to date include:

• misdefinitions of key terms and concepts, including “commercial,” “list,” and “spam” itself;
• technology-specific requirements that will be rapidly obsolete;
• jurisdictional problems; and
• requirements with which senders will find it impossible to comply.

Blacklists

Poorly-drafted legislation is not the only issue with attempts to prevent spam. Many groups of often well-meaning people have worked on technical solutions to avoid the various annoyances and problems caused by unsolicited spam. Anti-spam blacklisting groups, such as MAPS and ORBs, put heavy pressure on ISPs to conform to a set of restrictive anti-spam policies and to virally pressure other ISPs to adopt the same policies. It is estimated that over 50% of US-based ISPs and up to one third of global ISPs already participate in the blacklisting.

But blacklisting is interfering with the delivery of a significant amount of non-spam email. Systems administrators who will not adopt the suggested anti-spam policies find themselves unable to deliver their non-spamming users’ mail to recipients who are on systems that participate in blacklisting.

The search for the elusive legislative or technical “magic bullet” solution has distracted the Internet community from looking at alternative solutions: better voluntary user-end filtering and/or voluntary, informed and flexible ISP-level filtering. An end user-controlled solution will give the end users the choice of deciding what types of bulk emails he or she does not want to receive while serving to deter spam by removing most of the audience and making it unprofitable to continue junk emailing. Such solutions are beginning to be adopted by more and more end-users or are being offered by ISPs to end-users.

The Right Way to Deal With Spam

The choice should be given to end-users on how they want to deal with spam. They must be made aware that wide all encompassing anti-spam legislation and technical solutions can result in legitimate emails and marketing efforts being curtailed. In addition, end-users should express their dismay at spam by boycotting products advertised with spam.

End-users must be provided with adequate tools to filter unwanted messages on the receiving end. ISPs should provide such tools to their users who are also their customers. More robust and subtle technology should be developed for this purpose. Some of the technical solutions are listed at http://spam.abuse.net/tools/mailblock.html. From a technical standpoint, we would like to see the development of better filtration software on servers, something that could work interactively with the mail recipient in defining what he or she regards as spam using pattern recognition. That is, every time somebody gets a message of a sort he or she does not want, he or she could send it to the filter, thereby making that filter smarter over time, as well as giving it the ability to “learn” as spam techniques develop.

Once it becomes clear to spammers and to advertisers that to use and pay spammers will have no commercial gain that this form of marketing will slowly and eventually stop.