Robin Arnfield, newsfactor.com
In January 2004, Bill Gates, the chairman of Microsoft, famously predicted the end of spam in a speech at the World Economic Forum. "Two years from now, spam will be solved," Gates said in his speech. But, as any e-mail user knows, spam is still flying over the Internet into everybody's inboxes.
"Spam is not dead, obviously, nor is it dying," said Forrester Research analyst Jonathan Penn. "But I do think that it is a problem that has been largely solved for end-users, employees, and consumers."
There are plenty of good antispam products from enterprise-security vendors as well as solutions developed by and deployed at Internet service providers (ISPs), according to Penn. "These are far from perfect, to be sure, but very good," he said.
"However, for ISPs especially, the spam problem is not fully solved by any means," Penn said. "They still spend a lot of money on R&D in a cat-and-mouse game with spammers, as well as the infrastructure investment to deal with the inbound volume that gets rejected at or near the gateway."
Sender Authentication
In 2004, Microsoft came up with the concept of Sender ID, an e-mail authentication technology, as a means of combating spam. Sender ID checks a registered list to determine whether a message came from the same domain as the e-mail address indicates. The technology has not caught on among ISPs and corporations.
"Sender authentication solutions are very slow to reach maturity, and that is simply a shame on the ISPs, who have not been aggressive enough in developing the specs and deploying them in full force," Penn said.
"In this case, the 'perfect' is the enemy of the 'good enough,'" Penn explained. "The world would not stop spinning if ISPs would implement effective, albeit imperfect, solutions available today. We've seen much more tolerance by companies for imperfect solutions -- those that might temporarily block some e-marketing messages, for example -- than the ISPs seem comfortable deploying."
Penn pointed out that, in addition to helping solve the spam problem, sender-authentication technologies can be useful for stopping phishing attacks. "These problems, especially phishing, have not even diminished, much less gone away," Penn said.
Dynamic Filtering
Ken Schneider, chief architect at U.S. Internet security vendor Symantec, said that his company is generally supportive of e-mail-authentication efforts.
"These do not solve the problem of spam, but they provide an additional level of filtering on top of antispam filters," Schneider said.
"You need very dynamic antispam filters, as the spam being sent out changes on a daily basis," Schneider pointed out. "But if e-mail users have a good antispam filter in their e-mail system, they should catch most of the spam. And if an ISP deploys effective filtering, they will block a lot of junk e-mails."
Court Cases
In recent months, there have been several high-profile U.S. court cases in which spammers have received heavy sentences.
On Monday, January 23, Jeanson James Ancheta, of Downey, California, pleaded guilty to federal charges related to his assembly of a botnet consisting of hundreds of thousands of computers to spread spam and malicious software, and of profiting from the zombie machines through the unauthorized distribution of adware.
Last month, CIS Internet Services, a Clinton, Iowa-based Internet service provider, was awarded $11.2 billion in a court judgment against a Florida man who sent millions of unsolicited pieces of commercial e-mail.
Copyright 2006 NewsFactor Network, Inc.