Empty Promises, Overflowing Spam Folders
So Danny Westneat is musing on the future of email, on the occasion of the announcement that spam volume has doubled this year, to 120 billion emails per day. Remember the Spam King, he asks? Remember the drop in spam we were promised? Well, it's been more of spike.
At our work email, our spam folders fill up solely with ED medication and upscale watch pitches. The narrow range of products is puzzling, but the magic filters get everything sorted out for us. That's thanks to local IT wizards Orbis Lumen. We thought we'd get their input on this issue, and found their near-term suggestion is, of course, the end-user filtering we use. Mark uses it himself:
I receive over 1,000 spam messages every day. Four or five make it into my inbox. About 20 go into my "these might be not spam, but I think they are" folder, which I check daily. About a hundred to into my "these are almost certainly spam" folder, which I quickly scroll through. And the rest go into the "most assuredly spam" folder. I'm not even bothered by spam any more, really.But what about long-term, we asked. If spam volume is doubling year-over-year, won't that eventually crush the network in a virtual tragedy of the inter-commons?
Yes -- spam uses up an enormous amount of bandwidth across the net. There are many ways you could approach the problem, but probably the best solution is a technical one. A huge amount of spam could be eliminated with sensible definitions within DNS and more rigorous mail-relaying rules on mail servers.After the jump, Mark gets technically specific about how to deal with spam-senders (rather than spam-getters) in ways that don't have to do with instituting goofy "postage" schemes, or ISPs doing invasive scanning of emails for content or deciding what constitutes spam for you.
Technically, data packets are the "atoms" that make up email messages and will be utilizing TCP port 25 (and sometimes port 465 encrypted relaying via SSL). As such, data streams of the email type are easily identifiable. If your routers see ongoing and incessant streams of TCP packets along port 25 coming from a residential network IP address, it can raise a flag. This is one little example of something you can look for that might point to a problem source which you can investigate.Some residential ISPs may disallow altogether SMTP connections from home systems trying to connect to mail server relays outside of their network. However, this is a little draconian. There are very legitimate reasons why you might want to connect to external SMTP relays directly, which these draconian ISPs would squash. However, grandma probably wouldn't need to. And these draconian ISPs think it's better that everyone be a nice grandma.
But if you see steady, ongoing streams of SMTP connections coming from a home network, it's a red flag that ought to be dealt with. Maybe it's a sleazy spam-monger doing their deeds for cash. Or, it could be someone who's gotten their computer infected with a virus that has turned it into a spam distribution machine. Systems can be put in place to monitor statistically, rather than reading the content of mail.
Also, every DNS zone should identify the mail servers that are valid relays for that domain. Spam filtering systems can look at this information and score mail accordingly. For example, if you are getting an email from yourfriend@theirdomain.com and the email came from an email server not defined as a valid relay with the DNS zone information, you can score it with a heavy weight to say, this is highly suspect!
There are problems even with this, though. There are some web-based email hosting providers, and even many ISPs that allow you to mail through their systems as if you were someone else not on their systems. This creates many problems when you're trying to see if email that says it is from someone, actually is. The only way to be certain it seems is to have cryptographic identity information associated with all email originators. There is work going on in this field.
By the way, cryptographically signing messages is a good thing. You might even want to start encrypting all your email to people, just to drive the government nuts. It's always seemed a little strange to me, their intercepting all communications between people.
