|
Anti-Spam Tech Talk
Featured article in Computer Technology Review, July 2003
Spam, also known as unsolicited email and junk mail, has caused extraordinary damage to people and businesses. As the founder of Block All Spam, Gregory Way, puts it, "It is stealing. It should be a crime with a punishment equivalent to theft." Many of our nation's leaders are acting now to introduce powerful legislation, creating laws to end spam. The first such law was recently enacted in Virginia. Everyone wants the problem solved. The solution has arrived. It is called Source Authentication. This patent-pending technology absolutely stops spam its tracks at the email server, never allowing it to get to the desktop. It also assures you that the emails that you receive can be trusted.
Spam exists because spammers can use various methods to hide their identities. If it were easy to expose the identity of a spammer, the large majority of them would not bother to use spam as a way to make money. With new laws in place, spammers--whose identities are revealed--may face criminal and civil penalties.
When Source Authentication is adopted as an industry standard, spam will end forever for everyone, yet it does not have to have widespread use for it to be effective today. In the SA world, in order for spammers to distribute spam, spammers would have to maintain the support of ISPs who are willing to help them break the laws against spam. In addition, because of reverse IP tracing, we can discover who they are and possibly have enough information to send to the authorities in order to prosecute them. Only a few will attempt to spam in this environment. Those few, who attempt to send spam, will have their efforts thwarted, in addition to facing the consequences of their crime.
Is Your Email Legitimate?
Source Authentication technology provides us with a solution to spam beyond unmasking the spammer. It provides us with a secure confirmation that the sender of the email is who he says he is. Without Source Authentication, you can receive emails from people who are pretending to be other people. You cannot be sure of the sender, and it is unbelievably easy for people to fool email servers. Almost every spam email message uses email spoofing. Occasionally, one may even receive email messages that are "From" your own e-mail address! Imagine the havoc a spammer can cause with the ability to spoof one's identity, in addition to spoofing that individual. This form of identity theft must be stopped. Source Authentication achieves that goal by forcing email to come from the real owner of the address that is in the "Return-Path:" portion of the e-mail header. It is good practice to view a header for this return path statement at the top of all email message headers. With Source Authentication combined with SPF, the return path will someday be fully trusted.
Comparison: Source Authentication vs. The Problem
One element of Source Authentication is that the senders of email are asked to reply to the recipients by clicking on "reply" and then "send". Question: Is responding to reply inquiries as much of a problem as spam itself? Answer: Absolutely not. Consider how much effort it takes for that person (10-30 minutes per e-mail session) to deal with spam every day. Spam is the problem. Since most people have no problem with the reply/send to a confirmation email it is a long-term solution that works.
Cost of Implementation
Since Source Authentication is an email server-based technology, it will often be implemented at the ISP (Internet Service Provider) level. Today, many ISPs have put spam filtering systems in place. The cost of Source Authenticaion to the typical ISP will be less in processing power than it takes to run most filtering systems. In side-by-side tests Block All Spam has found that email servers that were running filters, rules and other technologies processed less email per hour than the servers running Source Authentication. This results in reduced costs of equipment and resources per email account.
Cost of Development
Compared to the costs of forever looking for and implementing filter-based, rules-based and AI-based technologies to solve this problem, Source Authentication offers a solution for a one-time development cost. Email server manufacturers will be able to redirect their energies into productive features instead of "the war on spam."
Reduces Human Error
Inboxes with zero spam are used more productively and fewer legitimate emails are accidentally deleted. When someone gets large numbers of spam each day, it is very likely that one or more legitimate emails will get accidentally deleted along with the spam.
Cost to Business and Personal Relationships
Cannot be fully documented.
|
A Solution that Works 
