NEW YORK, 23 September 2003 — Since e-mail spam began crashing into our computers and ruining our Information Age party, we’ve been told that new technology, not new laws, would be the most critical component of a solution.
Some might debate the point, given the continuing success that spammers have in evading most systems designed to block it. Good products make a dent, but it’s generally not long before they are circumvented.
And there are the recent SoBig viruses, which some security experts believe were the equivalent of a huge military exercise by spammers to test code that hijacks computers and turns them into junk e-mail generators. But with world preoccupied with another war, and still divided over how best to legislate against spam, it’s a good time to look at some newer ideas and products that are out there.
Here are three that get my awards for, respectively, the most fun, most intriguing and most bizarre.
For the most fun, run — don’t dawdle — to your keyboard and type in www.mailinator.com.
The idea is disposable e-mail addresses. Say you’re on a website that wants your e-mail address and you just know that not long after you give it, you’ll be spammed forever.
Or you meet someone who asks for your e-mail address but you’re really not sure you ever want to hear from him or her. Instead, just make up an address, on the spot, and put it in front of @mailinator.com.
So suppose you choose [email protected]. Whenever you think you might receive mail at that address, go to the Mailinator site and check on it. There’s no sign-up, no fee, no fuss.
The site doesn’t allow you to reply or send anything under the name you chose. And if other people happen to also have picked “picklepuss,” they might see your e-mail, and vice versa.
Yes, it is a thoroughly insecure system. People with too much time on their hands could go to the Mailinator site, think up addresses that people might have used and see their mail if they get a match.
But, as the hilarious frequently-asked-questions page on the site explains, if you allow someone to send you anything sensitive to a Mailinator address, you are a stupid-head.
The award for most intriguing idea goes to a Massachusetts outfit called Messagefire LLP (www.messagefire.com).
Most spam filters work by analyzing the content of messages, or the subject lines, or the “header” information to block out certain words and phrases, or senders known to be spammers. But as such systems are tweaked and improved, so too are the techniques of spammers to get around them.
The most important tool of spammers is the ability to “spoof” their identities by routing mass mailings through other, unprotected servers. This and other techniques for disguising the source of spam makes it difficult to track down the bulk mailers and shut them down.
Messagefire claims that its technology can tell whether the message was delivered from the original sender or was rerouted in a likely effort to disguise the originator.
You can take a test drive on Messagefire’s website by providing your current e-mail address and password, which the company promises to destroy without saving.
I ran the test, which was inconclusive. It looked at my five most recent e-mails, none of which was spam of the most pernicious kind. And it flagged two legitimate pieces of mail from an e-mail list I subscribe to, claiming they were sent from overseas servers. But like all filters, Messagefire can be tweaked to correct for false positives. If the usual spam filters are failing you, it might be worth a try.
Finally, the winner in the “most bizarre” category is Global Removal.com (www.globalremoval.com), the creation of Tom Jackson of White Salmon, Washington.
This is the private, free-market version of a do-not-spam registry, much like the popular do-not-call list for telemarketers recently started by the Federal Trade Commission.
So far, the FTC has resisted creating a similar list for spam, claiming that it would not work. Jackson is trying to make it a business, but with a twist.
For a $5 introductory price, you can put your e-mail address on the Global Removal list. Meanwhile, the company is signing up bulk mailers who, also for a fee, will agree to honor your request and remove your address from their lists.
The deal works this way: For every user who pays the $5, Global Removal pays the spammer $1, and the spammer removes that name from his e-mail list. Some spammers claim to have lists of as many as 200 million addresses, so there might be real money in it for them while Jackson keeps the leftover $4 for each name. Some spammers might even decide to send e-mail to everyone on their lists offering the recipients a chance to join Global Removal.
In Jackson’s view, that is the dictionary definition of “win-win.” For $5, a customer is removed from e-mail lists used by notorious spammers. The spammer has incentive to remove them by getting paid.
