|
|
|
ONLINE FEATURES
Book Reviews
BW Video
Columnists
Interactive Gallery
Newsletters
Past Covers
Philanthropy
Podcasts
Special Reports
BLOGS
Auto Beat
Bangalore Tigers
Blogspotting
Brand New Day
Byte of the Apple
Economics Unbound
Eye on Asia
Fine On Media
Green Biz
Hot Property
Investing Insights
Management IQ
NEXT: Innovation
NussbaumOnDesign
Tech Beat
Working Parents
TECHNOLOGY
J.D. Power Ratings
Product Reviews
Tech Stats
Wildstrom: Tech Maven
AUTOS
Home Page
Auto Reviews
Classic Cars
Car Care & Safety
Hybrids
INNOVATION
& DESIGN Home Page Architecture Brand Equity Auto Design Game Room SMALLBIZ Smart Answers Success Stories Today's Tip INVESTING Investing: Europe Annual Reports BW 50 S&P Picks & Pans Stock Screeners Free S&P Stock Report SCOREBOARDS Hot Growth 100 Mutual Funds Info Tech 100 S&P 500 B-SCHOOLS Undergrad Programs MBA Blogs MBA Profiles MBA Rankings Who's Hiring Grads |  |
JULY 7, 2003
A Spam-Fighter More Noxious Than Spam Challenge-response filtering systems are likely to wipe out e-mails you want, too Overwhelmed e-mail users are so disgusted by the volume and the nature of junk flowing into their in-boxes that they are ready to try just about anything that promises to ease the problem. As is often the case with desperation measures, there's a danger that some of the steps being taken will end up making matters worse. The development that causes concern right now is the rapid growth of what are known as challenge-response systems. This approach, which bills itself as the only method capable of blocking 100% of spam, tries to verify that a message was sent by a human being -- rather than via a mass-mailing program -- before accepting the e-mail. It does this by requiring that senders personally confirm that they are actual people before their messages are accepted. Mailblocks promises to eliminate spam in its $9.95 a year Web-based mail service. MailFrontier Matador, a $29.95 add-on to Microsoft Outlook or Outlook Express, offers it as an option along with more conventional spam filtering. And in the biggest boost yet to challenge-response, EarthLink (ELNK ) has made it available without additional charge to its 5 million or so subscribers. Here's how it works: When you receive an e-mail, the program checks the sender against a list of acceptable names (your address book is generally used as a starting point for compiling the list.) If the name is not found, a message asking the sender to solve a simple problem is sent back. The goal is to pose a challenge that is very easy for a human being but difficult or impossible for a computer. Typical challenges ask how many kittens are in a picture, or to read a number that is displayed in an odd, distorted typeface against a complex background. If a correct response is received, the mail program puts the message in your in-box. Otherwise, it throws it away or puts it in a special "suspect mail" folder. The concept is that Aunt Minnie will quickly respond with the correct solution and her mail will go through, while the mailbots trying to sell you drugs, larger appendages, and cheap mortgages will be stumped. Challenge-response definitely stops spam. The problem is that it has unintended consequences. These can be serious, because most of us depend more on machine-generated mail than we realize. Consider this typical e-commerce scenario. You buy a plane ticket on ual.com, and United Air Lines sends you a confirmation and itinerary. Since confirmation@uasupport.com isn't in your approved list, your system sends back a challenge to which United cannot respond. Your confirmation gets buried among the spam. The same fate will befall all messages generated by mailing lists unless you have manually entered the address in your approved list. I regard certain lists as valuable sources of information, and I even like getting promotional mailings from companies I choose to do business with. Even conventional antispam filters pose problems for such lists, but with challenge-response, you are sure to toss out the baby with the bathwater unless you carefully scan all rejected messages and add those you want to your approved list. Challenge-response has other problems as well. Some systems, including EarthLink's, require you to click on a link to a Web page to answer the challenge. If you are working on a device that can't access the Web or display graphics -- a BlackBerry, for example -- you cannot respond. In addition, an often overlooked consideration is the impact of the challenges, which generally involve graphics, on the visually impaired. EarthLink suggests that a visually impaired sender telephone and ask to be added to the recipient's permitted list. But that seems to put the burden in the wrong place. For federal agencies required to provide equal access by the Rehabilitation Act, and for the corporations voluntarily complying with those rules, visual challenges won't do. Spam has become a serious threat to the usefulness of e-mail. So it's no surprise that spam-fighting products are hitting the market much faster than I can hope to evaluate them. Most use conventional filtering and work more or less well. Challenge-response systems are a special problem, though, and I fear that their widespread adoption could be almost as great a threat to e-mail as spam itself.  By Stephen H. Wildstrom Get BusinessWeek directly on your desktop with our RSS feeds.  Add BusinessWeek news to your Web site with our headline feed. Click to buy an e-print or reprint of a BusinessWeek or BusinessWeek Online story or video. To subscribe online to BusinessWeek magazine, please click here. Learn more, go to the BusinessWeekOnline home page  | | |
 Copyright 2003, by The McGraw-Hill Companies Inc. All rights reserved.Terms of Use | Privacy Policy |
Printer-Friendly Version
