Security UPDATE, Web exclusive, March 5, 2003

Targeting Spam Defeat spam in the long and short term! By: Mark Joseph Edwards

In December, I wrote about the nuisance of unsolicited email and one simple way to help filter it out before it reaches your Inbox. You might want to review "Tired of Unwanted Email? Try This Simple Solution." \[http://www.secadministrator.com/articles/index.cfm?articleid=27495\]

Last week, I learned that the Internet Engineering Task Force (IETF) has created a new Anti-Spam Research Group that's now working to create standards that will help determine how to detect spam. Probably the biggest hurdle in detecting spam is determining exactly what constitutes junk mail. Does the term refer only to unsolicited email advertisements, or does it also refer to email sent to a wide array of people who didn't formally ask to receive mass mailings? Personally, I think of junk mail mainly as unwanted advertisements--the electronic version of paper-based advertisements that most of us receive and immediately throw in the nearest trash can.

The Anti-Spam Research Group will hold its first meeting March 20 at the 56th IETF Meeting, \[http://www.ietf.org/meetings/IETF-56.html\] to be held in San Francisco. The group expects hundreds of participants from all areas of the online industry. And I think we can expect a handful of spammers to slip into the meetings too, if for no other reason than to learn how their money-making schemes might become squashed.

In August of last year, Paul Graham released a paper that describes a plan to help stop unsolicited email. According to Graham, the paper "describes the spam-filtering techniques used in the new spamproof web-based mail reader we're building to exercise Arc" (Arc is an improved version of the Lisp programming language). At the Massachusetts Institute of Technology (MIT), Graham organized a conference, \[http://www.pcworld.com/news/article/0,aid,108859,00.asp\] which about 500 programmers attended, to discuss ideas for creating a spam filter that would totally eliminate unwanted email. You can read more about the IETF group as well as Graham's conference \[http://www.pcworld.com/news/article/0,aid,109614,00.asp\]. You can also read Graham's paper \[http://www.paulgraham.com/spam.html\] and more about Arc. \[http://www.paulgraham.com/arc.html\]

If you're a Microsoft Outlook user interested in another way to help stop unsolicited email right now, I've discovered another helpful tool you can use. Cloudmark SpamNet \[http://www.cloudmark.com/products/spamnet/learnmore/security.php\] is an Outlook plugin that sends information about spam back to a central network. The plugin is a filtering and reporting tool that includes a toolbar button in your Outlook client. When you receive new mail, the tool creates and sends a message digest (fingerprint signature) to Cloudmark. Cloudmark checks the message digest against the SpamNet database to see whether the message is known to be spam. If it's known junk mail, SpamNet tags the mail so that you can filter it into a spam folder. If previously unknown junk mail slips through, you can select that message and click the SpamNet button to report the message to the SpamNet network. SpamNet can then filter it from other users' Inboxes. I'm not sure whether SpamNet performs checks against submitted information to determine whether a given message truly is spam. However, the SpamNet tool checks messages individually, so even if someone were to report something you consider a legitimate message as spam, that wouldn't prevent you from sending a SpamNet user another message with different content.

SpamNet is a slick idea and easy to use. But it's not the only solution. Many similar networked solutions are available, such as SpamAssassin \[http://www.spamassassin.org\] and SpamCop. \[http://www.spamcop.com\] Plugins and scripts are available to help you participate in those networks too. In addition, the Spam Prevention Early Warning System (SPEWS) \[http://www.spews.org\] provides a database that tracks known spammers and spam-friendly networks, so you can use the database to help filter your email. The site also maintains lists of other helpful email-filtering technologies that you might want to consider, including spam-filtering gateways.

If junk mail is a problem on your network--and I bet that it is--be sure to check out the resources I've mentioned. They definitely help you reduce the clutter in your Inbox and help you reduce wasted bandwidth and disk space.