Magazine

Stamp Out Smutty Spammers


My e-mail is getting uglier every day. The regular flood of get-rich-quick schemes and phony Viagra offers has been joined by a stream of increasingly explicit solicitations for pornographic Web sites, sometimes accompanied by sample pictures.

I'm no prude, and I don't much care what consenting adults choose to do. But I don't want this thrown in my face. It is time for the Internet community to take concerted action against junk e-mail in general and porn spam in particular. Unfortunately, the parties in a position to act, Internet service providers and the big network operators, all seem to believe this is someone else's problem.

There is little that individual mail recipients can do because the spammers are smarter than the filters designed to block them. A few months ago, the junk-mail filters at Hotmail caught more than three-quarters of the spam; today, it is less than half. If you rely on the do-it-yourself filtering in programs such as Microsoft Outlook or Outlook Express, the task is hopeless.

I have spent many dispiriting hours tracking the sources of porn-spam e-mail and the Web sites the messages promote. The returns on these messages, often popular free mail services such as Yahoo (YHOO) or Hotmail, are invariably fake, so it takes some detective work. This much has become clear: The distribution of spam, including porn, relies on facilities provided by major carriers and ISPs that either provide Internet connections or host the Web sites of spammers.

Complaints to abuse-prevention mailboxes at the UUnet unit of WorldCom, NTT Verio, and EarthLink (ELNK) produced only automatically generated form responses. Asked about mail offering "live Indian sex shows" that appears to have originated within the UUnet system, a WorldCom spokesperson declined specific comment, saying only, "Our acceptable use policy speaks for itself." That policy states that "the sending of unsolicited messages...is strictly prohibited." Surely the industry can take more responsibility than this. The only substantive response I received to a complaint came from Rogers Cable in Canada, which reported that "we have taken appropriate action with this subscriber."

Network operators should enforce their own terms of service, which always prohibit spam and usually bar operation of adult sites. But there is more dramatic, and probably more effective, action that service providers and other mail system operators should take.

Spammers either use tolerant ISPs or hide their tracks by bouncing messages off other people's mail servers. Such "open relays" are relics of the days when the Internet was a small, trusting community. Now the relays are an invitation to abuse. Responsible mail system operators--ISPs, corporations, and institutions--should refuse to accept mail from any network that allows spammers to operate or that hosts open relays. And they should support the volunteers at organizations like Open Relays Blackhole Zone (orbz.org) and the Spamhaus Project (spamhaus.org) who struggle to detect and list rogue operations.

Blacklisting whole networks is rough justice, since the legitimate customers of ISPs that abet spam will have theirs rejected along with the offenders. But those honest customers will force the ISPs to dump the miscreants and make honest but clueless customers configure their mail servers properly.

Another simple step to bring some accountability to the system would be for the Internet Corporation for Assigned Names & Numbers, one of the Internet's few regulators, to require every domain to publish the name of a responsible individual with a physical address and a genuine phone number. Many now list no individual and only a post office box.

The Internet began life as a community and in some sense still is one. But communities that fail to sanction members who won't live by the rules do not survive. The Internet has to act to restore some civil order. Do you have an idea on how to do it? Send your suggestions to tech&you@businessweek.com. By Stephen H. Wildstrom


Hollywood Goes YouTube
LIMITED-TIME OFFER SUBSCRIBE NOW

(enter your email)
(enter up to 5 email addresses, separated by commas)

Max 250 characters

 
blog comments powered by Disqus