Windows & .NET Magazine UPDATE—brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies.
http://www.winnetmag.com

Mark Minasi, senior contributing editor for Windows & .NET Magazine, provides insights into and analysis of today's hot Windows 2000 and .NET trends.


THIS ISSUE SPONSORED BY

Get Flawless Windows 2000 Performance!
http://161.58.99.48/cgi-local/redirect.pl?MTBDAFGNA

Security Administrator Web Site
http://www.secadministrator.com
(below COMMENTARY)


SPONSOR: GET FLAWLESS WINDOWS 2000 PERFORMANCE!

Take Mark Minasi's Windows 2000 Resource Kit—a comprehensive 4-volume/1 CD set—for $9.99 with membership in Computer Books Direct (click below for details)! A $124.96 value, this ultimate resource contains over 4,300 fact-filled pages to help you make Windows 2000 Server and Professional deliver top performance, master Active Directory, and troubleshoot the Registry with confidence. Each volume includes hundreds of insider techniques on installing, configuring, and optimizing Windows 2000, undocumented tips and warnings, real-world examples, and scores of illustrations and screen shots.
Click here for details!
http://161.58.99.48/cgi-local/redirect.pl?MTBDAFGNA


April 26, 2002—In this special issue, Mark Minasi continues his discussion of the pervasive spam problem and possible solutions.

1. COMMENTARY

  • MORE ON CANNING SPAM

2. ANNOUNCEMENT

  • CAST YOUR VOTE FOR OUR READER'S CHOICE AWARDS!

3. HOT RELEASE (ADVERTISEMENT)

  • MARK MINASI'S WIN2K SERVER AUDIO SEMINARS NOW SHIPPING!

4. CONTACT US

  • See this section for a list of ways to contact us.

1. COMMENTARY

  • MORE ON CANNING SPAM

  • As is often the case, many of you had opinions about last month's commentary about email privacy ( "Privacy Policies Dissolve During Tough Economic Times," http://www.winnetmag.com/articles/index.cfm?articleid=24647 ). Thanks to those who shared their thoughts—and thanks in particular for the generally positive nature of those thoughts. This month, let's consider suggestions that won't abridge the freedoms of spammers, but also won't leave Internet mail as fouled as it is now.

    I don't like spam (also known as unsolicited commercial email—UCE), and certainly I'm not unique in that dislike. But what, specifically, is objectionable about spam, and are any of those objectionable aspects potential legal defenses against spam?

    One of the most irritating aspects of spam is the spammer's demonstration of contempt for customers. For example, most spammers use fake return addresses, apparently feeling that using my email address to communicate with me is fine, but receiving return email isn't. This paradox puzzles me: Why would I (or anyone) do business with a company so shady that it fears email? If the product or the product's marketing is so objectionable that the marketers are afraid we might actually send an email response, how can they expect to stay in business? Perhaps I'm missing something about spam—you see, I've never bought anything as a result of an unsolicited email. Assuming that the rest of the world is not that different from me, I wonder how these spammers can continue doing business.

    Does a legal hook exist on which to hang a complaint against a fake-return-address spammer? Certainly, offering a false name while acting as an agent for an organization might be considered deceptive and perhaps fraudulent. Most US email crosses state lines, so perhaps a mail-fraud potential exists. I admit that although I usually take the side of privacy, I don't think that people have the right to contact me anonymously. I don't answer telephone calls from people who block their caller ID, and I'd like the option to automatically delete emails that use the technological equivalent.

    I'm not a true SMTP techie, so I don't know whether the following solution is possible, but I'd like to see someone create an option whereby my email server could verify with the originating mail server that this email from "joe@acme.com" is, indeed, from an account "joe" on a machine at the acme.com domain and was sent by an acme.com mail server; if not, my email server would delete the mail. Of course, that option would introduce some extra concerns for those who administer mail servers, and traveling professionals who often must use whatever SMTP server is nearby to send their mail would have to find a workaround. But I think such a feature would be so popular that it would soon be available with every mail server. Digital signatures are one way to verify a sender, and although few people currently use them, they might be the long-term answer; perhaps in a few years, I'll be able to configure my mail server to automatically delete messages that don't have a digital signature.

    Message subject lines such as "In reply to your request," or "Re: the information you requested," also show a spammer's disrespect for potential customers. And I particularly like the tag line that many spam messages include these days: "This message is not spam." Well, golly, I guess that settles it: No spam here. Think of that disclaimer as the email version of Richard Nixon's famous "I am not a crook" answer: More fraud—perhaps actionable fraud?

    Spam also puts objectionable material in my inbox. Not only do I get email messages offering links to Web sites featuring women in compromising positions with lower species as well as offers to enlarge my body parts, I'm now starting to receive HTML-formatted emails that include images of explicit sexual content. If I had a 12-year-old child who started receiving that kind of email, I certainly wouldn't be happy. And what if I worked in an office and such a message—image and all—popped up on my screen as a coworker walked by? Some firms would let that employee file sexual harassment charges against me. What would I do—file charges against the poor fool who administers the company's mail servers? Or could I sue the spammer for the damage that such an occurrence would do to my career? Let's see, if the 10,000 of us who received this spammer's junk filed a class-action law suit, we might be able to bankrupt him or her. (Collecting would be a bit more difficult, I suspect.)

    Finally, unwanted email consumes my resources or my company's resources (e.g., hard disk space, bandwidth, the time to delete such mail), and although in 2002 that concern is a relatively minor point, I can imagine a day in the not-too-distant future when everyone receives 500 junk emails a day filled with HTML text, image, and perhaps even audiovisual content. At some point, excessive amounts of email start looking less like an annoyance and more like a Denial of Service (DoS) attack. What's the answer in that case?

    Some readers suggested that one solution is to shift the cost burden. Currently, the cost to spam someone is small or, if the spammer hijacks your email server through an open relay, zero. But if sending each piece of mail costs the sender, we could curtail indiscriminate spamming by one of the best regulatory mechanisms available—the free market. However, who would collect the money? I already pay a lot of money for my Internet connection, and I run my own mail servers; I don't want to hear that I also have to pay an email tax.

    In the final analysis, I think the best way to end spam is to force spammers to reveal themselves, to provide a viable return mail address, and to honor mail list removal requests. Now we simply need to get every country to pass such a law. Sigh...

    Mark Minasi, Senior Contributing Editor, Windows & .NET Magazine, help@minasi.com


    SPONSOR: SECURITY ADMINISTRATOR WEB SITE

    WINDOWS IT SECURITY NEWS, BULLETINS, AND MORE!
    When you suspect a hack or virus attack, don't waste time surfing the Web. The Security Administrator Web site delivers news, articles, discussion forums, FAQs, and hotfixes (in one easy-to-navigate Web site), so you can mitigate the effects of today's disaster and prevent tomorrow's. Discover:
    http://www.secadministrator.com

    2. ANNOUNCEMENT

  • CAST YOUR VOTE FOR OUR READER'S CHOICE AWARDS!

  • Which companies and products do you think are the best on the market? Nominate your favorites in four different categories for our annual Windows & .NET Magazine Reader's Choice Awards. You could win a T-shirt or a free Windows & .NET Magazine Super CD, just for submitting your ballot. Click here!
    http://www.winnetmag.com/readerschoice

    3. HOT RELEASE (ADVERTISEMENT)

  • MARK MINASI'S WIN2K SERVER AUDIO SEMINARS NOW SHIPPING!

  • Mark Minasi's Win2K seminars are now available in an audio CD package. Learn 2K/.NET planning and administration at home, while exercising or commuting. Like Mark's writing? Then you'll love how he teaches!
    http://www.minasi.com/audiosales

    4. CONTACT US

    Here's how to reach us with your comments and questions:
    • ABOUT THE COMMENTARY — help@minasi.com
    • ABOUT THE NEWSLETTER IN GENERAL — gayle@winnetmag.com

    (please mention the newsletter name in the subject line)

    • TECHNICAL QUESTIONS — http://www.winnetmag.net/forums
    • PRODUCT NEWS — products@winnetmag.com
    • QUESTIONS ABOUT YOUR Windows & .NET Magazine UPDATE SUBSCRIPTION?
      Customer Support — winnetmagupdate@winnetmag.com
    • WANT TO SPONSOR Windows & .NET Magazine UPDATE?
      emedia_opps@winnetmag.com

    This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for Windows professionals who want to learn more and perform better. Subscribe today.
    http://www.winnetmag.com/sub.cfm?code=wswi201x1z

    Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters.
    http://www.winnetmag.net/email