A technology blog for The Economist Group IT team

Thursday, May 29, 2003

Ineresting moves in the quest to defeat spam 

Microsoft has announced that it will be offering image filtering capabilities for both MSN and Hotmail web-based e-mail services. All images will be filtered out of messages from e-mail addresses that are not listed in the recipient's contact list. Microsoft say that it has implemented this feature for to protect their subscribers from having to view pornographic or other offensive content and to prevent spammers from authenticating the validity of e-mail addresses by embedding web beacons.

EarthLink are in the process of two anti-spam tools: Spaminator, which works with EarthLink's inbound e-mail servers, and SpamBlocker, a "challenge-response" tool that is optional and free to EarthLink subscribers.

Spaminator works in conjunction with inbound mail servers. It analyzes characteristics of inbound e-mail (from a particular source) such as volume, bounce-backs and content, and takes a digital fingerprint of the e-mail message. If the analysis indicates that a message is spam because of content, volume or other characteristic, a notification is sent to all mail servers that are part of their network to block incoming messages that match the fingerprint. Subscribers have the option to turn this technology off; at this point the adoption rate is approximately 90% with EarthLink subscribers.

EarthLink will also begin offering SpamBlocker as an optional and free feature of their email subscription service in late June or early July. The system automatically responds to every piece of email that is not on an approved list. The auto-responder asks senders to verify themselves by following steps that cannot be automated (i.e., "look at this picture and tell me how many cats you see"). This is another example of the use of a CAPTCHA. Economist.com is in in the process of introducing something similar to distinguish between crawlers and real people (so that bad crawlers can be blocked, but people can continue browsing). Yahoo! and Hotmail already use CAPTCHAs to stop mass creation of e-mail accounts. There is a downside to this, though, as reported by the BBC; visually impaired readers cannot get past a CAPTCHA.

Of course, the big daddy of them all, AOL, do this too and the AOL 8 e-mail client has a button to instantly report a message as spam.

I wonder how long it will be before a system of first class e-mail becomes standard. In addition to the systems being deployed by the likes of EarthLink and Microsoft, simple filter rules on an e-mail client do the same kind of thing. I have a rule set up which sends e-mail from external senders to a folder (which I've called "Priority 2"; maybe I should rename it "Second Delivery" or something). I can check this when I need to and it's much easier to delete spam as it's not as interspersed with genuine messages. For GroupWise users, the body of the rule says: [From contains '<*@*>' and From does not contain 'cohen' and From does not contain 'seery' and From does not contain 'cfo']; I'll leave you to work out why I added additional constraints.

To be able to deal with spam properly, however, it has to be done at the ISP level, before it gets to an individual. To further this aim, I think that ISPs will increasingly need to demonstrate to corporates their capabilities in dealing with spam. Their use of something like Spaminator is a start.

It's also worth looking to tomorrow's technology for solutions. Instant messengers (IMs) give me the ability to ignore certain "friends". The adoption of "closed" IM networks, provided by the likes of Reuters, gives an insight into where this technology is going. Fortune reports that Gartner reckon that by 2006 more people will be using IM than e-mail as their primary communication tool at work. Scary.

Look out for this story in tomorrow's Economist (it should be readable by 18:00 UK time today) about linking ads with relevant content (see the ad at the top of this page and see if it's relevant to anything written here - it's usually for Olympus cameras; I mentioned one in my first entry). This blog is hosted by Pyra Labs, who were purchased by Google earlier this year. CFO.com do this in reverse - some advertisers don't want to appear alongside articles containing certain content (think Enron and audit firms).


We have pretty senior contacts within DoubleClick (which is where some of the info came from). They have a very strong interest in stopping spam and have high level meetings with the ISPs. Challenge-Response responses will be sent to the client (i.e. us, the publisher) via DARTmail).

However, I suspect that we may have to say that the subscriber (to the e-mail) needs to verify their address will accept e-mail from us (or our agents) as part of our ts & cs.
Mike Seery 05-29-2003 12:31 PM ET (US)

The Info Mike posted about anti-spam tactics impacts us on two fronts.

1. As legitimate email marketers we need to update our systems to remain compliant. This might mean adding a review process to replies from our newsletters… and also changing our subscription process so that we get added to the subscribers “white list”

2. As email users we should identify the anti-spam mechanism that we are going to use and deploy it to the Economist Group. And also participate in public discussions to encourage other businesses and influential users to quickly converge on a standard.Do we have any self-anointed experts in the area of “anti-spam mechanisms”? I’d like to learn more about what our options are and the direction that influential industry leaders are advocating.
Rob Cohen 05-29-2003 09:09 AM ET (US)

This page is powered by Blogger. Isn't yours?