Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

The State Of Spam: Page 5 of 8


"The technological cat-and-mouse game does little to solve the problem; rather, it just masks it." —Michael Geist, University of Ottawa

Another cost relates to people's perception of the reliability of messages sent electronically. Filters turned up to their highest strength also have a habit of blocking genuine e-mail -- what's known as false positives. Geist estimates that as much as 10 percent of mail tagged as spam may actually be honest messages. "As their junk folder grows, the ability to pick out the legitimate from the spam is a task people don't bother with," he says.


How Not To Fight Spam


In the war against spam, fighting fire with fire might seem like a good idea, but in practice it's had disastrous results.

First there was Lycos Europe's effort to launch denial of service (DoS) attacks against spammers in late 2004. The Web portal distributed a "Make Love, Not Spam" screensaver that continually requested Web pages from servers it said were "verified to be spam advertising sites." The idea, said Lycos, was not to bring those sites down but to eat up bandwidth and drive up their costs. Within days, however, spammers had fought back with DoS attacks of their own against Lycos, and the company pulled the plug on its anti-spam scheme.

Then, in the summer of 2005, an Israeli startup called Blue Security announced its own fight-fire-with-fire strategy: The company monitored and analyzed the spam e-mail received by users of its BlueFrog client, followed links to the spammers' Web sites, and automatically filled out feedback forms on those sites with requests to be removed from their mailing lists. These opt-out complaints occurred simultaneously, overwhelming the target sites -- and skating awfully close to being DoS attacks.

Anti-spam groups and security firms criticized Blue Security's tactics over a variety of legal and ethical concerns. Nevertheless, Blue Security claimed to have enlisted more than 500,000 users in less than a year. But it all came crashing down when a spammer known as PharmaMaster sent threatening e-mails to BlueFrog users and launched a DoS attack against Blue Security.