Stopping Spammers
by Gene
Koprowski (01/04/00; 9:00 a.m. ET) - Planet IT
How CIOs, IT pros are tackling the
onslaught of unwanted e-mail
Computer cognoscenti call unwanted e-mail
spam for a specific reason: They think it is as unappealing
as that gelatinous meat-in-a-can popularized by TV
commercials decades ago. Beyond the mirth-making, however,
lies a serious problem: Unneeded e-mail can slow the
productivity of workers, forcing them to scroll through
irrelevant files, and it can retard the performance of
computer networks, clogged with content with no real
corporate purpose.
“Sending millions of e-mails is
virtually free for the sender,” says Rick Leavy, president
and CEO of Msgto.com. “But there is a high cost to the
recipient in terms of their attention, having to look at
something they don't want to look at. There is a very high
cost to network managers, who have to carry the messages,
store the messages.” The problem appears to be getting
worse. According to a survey conducted this past spring by
Esearch.com, 93 percent of Internet users surveyed reported
receiving unsolicited e-mail; 77 percent reported they often
found the e-mail to be offensive, but 78 percent indicated
they read the unwanted messages, a slight increase from
previous surveys. New technologies and tactics are emerging
that can help IT departments keep spam out of your corporate
network and improve your company's overall output.
Msgto.com has developed an e-mail
screening service that eliminates spam sent by e-mail
robots, permanently, and Ventera is touting several
techniques that minimize the chance that an e-mail system is
targeted by spammers in the first place. Some e-mail
filtering programs, such as GFI USA's Mail Essentials and
Trend Micro's InterScan Virus Wall, among others, have been
on the market for some time. These programs aren't
100-percent successful in scrambling spam, however. They
work by scanning through an incoming message's subject line,
location of the sender and the content of the e-mail itself.
The problem is that once a system has successfully scanned
spam, spammers can figure out what the rules are and change
their subject line and location of origin. This tricks the
automated systems, which are stored on special spam servers
on corporate networks. “If your filter eliminates files
with `FREE!' in them, the spammer simply substitutes the
words `no cost', and gets through,” says Leavy. “Any set
of rules like those can be gotten around.”
The Msgto.com technology takes a different
tack. It looks at whether the sender is a human or a
machine. Users enter a table of names of people from whom
they frequently receive e-mail, a list similar to the
address books in many e-mail systems. Anyone who sends
e-mail to your account, who is not on the list, is
subsequently pinged by the Msgto.com system. The system
returns an HTML image informing the sender that he or she is
being screened. The automated message asks the sender to
perform some task, such as completing a commonly known
sentence -- for example, “Mary had a little lamb.” The
basic idea is that a spam robot could not complete such a
request; only a person could. If the sender can answer the
request correctly, the original e-mail is delivered. (Of
course, if the e-mail turns out to be offensive, the sender
can be added to a blacklist filter and kept from sending any
future e-mails.) “We classify this as an active filter,”
says Leavy.
In addition to installing anti-spam
software on a network, network administrators can seek to
enforce policies that minimize the amount of spam the users
on their networks receive, according to Josh Larsen, a
network architect and senior associate at Ventera. For
example, he says, administrators can encourage users who
troll through online sites, such as user groups, when doing
research, to avoid typing in their real e-mail address at
the site. “There are software robots which search these
sites and pick up e-mail addresses and assemble them into
mass mailing e-mail lists,” says Larsen. Instead, he
suggests that users create an obviously fake e-mail address
that a scanning robot would misunderstand, but that a human
would know how to handle. Thus, if a user's e-mail address
is gene@aol.com, the user should post it at the newsgroup as
gene“No Spam”@aol.com. “Humans who see the message
will interpret what the real e-mail address is,” Larsen
says.
Stopping spam is a concern for CIOs. Some
have assigned personnel to tackle the problem, but,
increasingly, like many areas of IT, it can be outsourced.
Msgto.com for the past two months has been beta-testing its
software at msgto.com, a spam-free, free e-mail service,
similar to Hotmail.com. The company is in discussions with
portals, ISPs and major corporate enterprise networks to
deploy the software. Moreover, it is hiring software
developers and marketing and sales personnel. “We're
hiring on all fronts right now,” says Leavy. Managing
unwanted e-mail is not the only task CIOs must face. They
also have to manage regular e-mail and make sure it is used
properly as part of corporate knowledge management projects.
Interest in groupware continues to grow among corporate
users as a way to manage messaging. According to a survey by
IDC, the market for groupware, which encompasses e-mail,
calendaring and project management software, was just $1.3
billion in 1997. By 2002, it will grow to a $2.4-billion
market. The dominant players are Lotus Domino/Notes,
Microsoft Exchange and Novell Groupwise, according to IDC.
These programs have been steadily replacing ccMail since
1998.
“E-mail is now mission critical. It is as
important to the enterprise as the phone or the fax is,”
says Nick Magliato, president and general manager of US
Internetworking. “E-mail started out as, very simply, POP.
But now it has to be fully integrated into a desktop
solution and managed by an IT department. They have to tweak
the applications to the specific needs of a department,
adding calendaring, scheduling or public folders, if they
use conventional POP. But Groupwise and those other programs
do offer that kind of integrated platform, making it easier
to manage.”
The rap on these programs, though, is that
even though they are integrated, overall packages have to be
continually updated, managed and monitored by IT
departments, many of which may not have the expertise to do
so, says Magliato. A potential solution is on the way,
however. A report from the Gartner Group says that 40
percent of e-mail programs will be outsourced in the coming
years. Companies such as Earle Palmer Brown are finding that
replacing and upgrading groupware programs is increasingly
expensive. So, in an experiment, the $1-billion ad agency is
using free project management programs from eproject.com, on
the Internet, to manage advertising projects. “We're going
to post ads online and show them to our clients,” says
Chuck Southworth, chief technology officer of Earle Palmer
Brown. “It's a lot less expensive than sending the
materials by FedEx every day. And by using the free service,
it is also less expensive than having to continually upgrade
groupware programs.” If the experiment works, the CIO may
choose to implement the same system across the company's
entire network, says Southworth. “We don't have to pay for
upgrades,” he says. “You can't beat that.”
Gene Koprowski is editor of Executive
Strategies. He can be reached at gkoprowski@cmp.com.
Related Links:
Stopping
Cybershoplifters
Y2K
Sedative?
Customer
Knowledge
Outsourcing
Security
New
Viruses Lurk
Digital
Certificates
Wireless
Networks
Mainframe
Mania
Wireless
Work
Talking
Computers
TOP
