Spam is an ever-increasing annoyance for e-mail users. Most people have some form of spam filtering application that reduces the instances of the frequently offensive unsolicited commercial messages. Many of these filters seek to identify spam based on the address from which the message is sent, but spammers are already wise to this trick, and spoofing is now commonplace. By hiding or misdirecting their transmission source, spammers make it exceedingly difficult for most users to determine from where the spam message actually came.
But there’s some hope for spammer identification. An loose alliance formed by large e-mail services (Microsoft, Yahoo, America Online, and Earthlink), the Anti-Spam Research Group (ASRG), and Intelligent Computer Solutions (ICS) is working on an e-mail sender-authentication system that’s been dubbed the Big Gorilla Project.
Using an identification system based on public key encryption, ISPs who have control over outgoing e-mail can include a piece of encrypted code in header of each outgoing message. The code snippet can be used by receiving ISPs to confirm the identity of the outgoing e-mail server and the authenticity of the e-mail message’s return address.
By confirming the identity of the transmission site, it’s a simple matter to blacklist and block known offenders.
I use a combination of anti-spam filtering applications, both on our incoming mail servers and our client workstations. So far I’ve been able to drop my daily spam tally from over 600 messages to about a dozen, maybe double that on a bad day. But that’s still not good enough. It’s not just receiving junk mail that bothers me, it’s the offensive content.
I’m all for proposals, both legislative and technical, that help kill off spam.
Call for Comments
What do you think? Leave your comments below.