Spam: the Battle Cry Uniting ISPCON

BALTIMORE — During three contentious spam-related sessions at the ISPCON conference Wednesday, each filled with debates and varied approaches to combatting spam, one point rang clear.

Current methods to fight the rising volume of spam, such as blacklists and filters, are not working.

ISPs and inboxes are being hit with a rapidly escalating amount of spam, said Rebecca Lieb, executive editor of internet.com’s Interactive Marketing channel (this website is also part of internet.com).

“We are losing the spam war,” she said during one of the panel discussions. “Marketers, ISPs, and customers need to work together so that it’s everyone against the spammers.”

According to anti-spam software provider Brightmail, at least 40 percent of all email is now spam. EarthLink says spam working its way through its network is rising very quickly — by as much as 500 percent annually. Market research group Ferris estimates that, factoring in IT costs and the costs of lost productivity, spam could cost the U.S. economy $10 billion this year.

Ken Slaughter, CEO of Springfield, Mo.-based Active Internet Communications, a regional ISP, said, “we face two incompatible demands. Our customers want no spam, but they also want no censorship.”

Coming at the problem from the other side, Jeff Cordeiro, CTO/CIO of Blue Dolphin, a company that sells magazine subscriptions over the Internet, said that complaints about being blocked by an ISP are often not resolved at all, and are never resolved quickly.

“In one case,” he said, “even though the ISP’s CEO’s daughter was complaining about being blocked, it still took us two weeks to get through.”

As filters acquire more and more prohibited domains, maintaining them becomes unwieldy, Slaughter noted. The filters start to produce false positives, and sometimes the ISP won’t even understand how the false positives are occurring.

Filters also don’t address another part of the problem — misconfigured servers across the Internet, the groups said.

Of course, much spam comes from outside the country. ISPs will sometimes block entire nations, especially countries such as China that route all email through a proxy server so they can record and filter it.

Phil Raymond, CEO of anti-spam bonded server solution provider Vanquish of Marlborough, Mass., said that he has relatives in China, and can no longer be certain that his email will reach them or that theirs will reach him. The Vanquish product works by asking anyone sending unsolicited email to post a bond in order to do so, theoretically eliminating spam by increasing the cost of sending email that people don’t want.

(For more, see the article Anti-Spam Startup Seeks ISP Partners.)

Cardeiro said that companies like his do not mind facing complaints, but would like to be able to deal with a standard policy on spam across all ISPs. Since each ISP — and even each individual — may have a different definition of spam, it is impossible to formulate a policy for handling complaints. Each complaint resolution process may be different.

One ISP attendee said that any marketer with a working phone number is probably not a spammer. “If they care enough to contact us, we assume they’re legit,” he said.

Another complained, however, “just because I bought Nike shoes doesn’t mean I want an email from a shoe store. I want no spam at all.”

A subsequent session moderated by Anna Zornosa, President and CEO of San Francisco, Calif.-based Topica, Inc., covered whitelists. The idea is that marketers that have proven they’re legitimate should be allowed to avoid an ISP’s spam filter completely.

Topica provides free hosting and assistance to individuals who want to start their own online communities. The company provides highly targeted newsletters and discussion lists to companies trying to reach specific audiences.

Carl Hutzler, technical director of anti-spam operations at AOL, said that in January 2002, AOL received 400 million emails, of which 200 million were legitimate. Last month, the company received 1.6 billion emails, of which only 500 million were legitimate.

Trevor Hughes, executive director of the Network Advertising Initiative’s Email Service Provider coalition (NAI ESP), said member companies foresee two email distopias: either spam will overwhelm email so that no inboxes can be read because they will contain too much spam, or anti-spam efforts will block so much email that email will no longer be guaranteed to reach its destination.

Hutzler admitted that his company allows legitimate marketers to reach users even if some of the users complain. “Customer satisfaction is our number one concern,” he said. “We need to find out why users are complaining with legitimate mail. We need to work with marketers too.”

Others argued that when spammers imitate AOL’s own email messages to its customers in order to steal passwords, accounts, and private information, anti-spam tactics such as filters, blacklists, or even whitelists are ineffective.

AOL’s Hutzler said any email marketer sending out mailings on a list where at least 30 percent are known to be false addresses must realize that there is a real cost to an ISP’s servers.

Other members of the ESPC agreed that “there is room for an appropriate debate on list acquisition techniques” and that “member companies should be responsible for list hygiene.”

As spam increases in volume and severity, the problem is made more acute by the growing importance of email. On Tuesday, Stamford, Conn.-based Meta Group, a research firm, released a report saying that given a choice between phone and email as a business communication tool, 80 percent believed email was superior.

Asked which of the two it would be easier to do without, 74 percent said they would rather be without phone service than email. E-mail was cited as more rapid, allowing communication with multiple parties, and as generating a valuable, written record of all communication.