Spam on the internet: is it here to stay or can it be eradicated?

............................................................................................................................. 3 INTRODUCTION: ..................................................................................................................... 3 PART ONE: THE PROGRESS OF SPAM ...................................................................................... 4 PART TWO: DEFINING THE DIFFERENT TYPES OF UNSOLICITED BULK E-MAIL ...................... 7 PART THREE: COMBATING SPAM ........................................................................................... 7 CONCLUSIONS: IS SPAM HERE TO STAY?.............................................................................. 16 ACKNOWLEDGEMENTS......................................................................................................... 17 REFERENCES ......................................................................................................................... 17 APPENDIX A: CLASSIFYING SPAM ........................................................................................ 21 de Freitas and Levene Page: 2 JISC Techwatch Paper. Spam on the Internet ABSTRACT This report outlines the growing problem of spam (unsolicited bulk e-mail), which has become a pervasive problem for Internet activity and has important implications for further and higher education institutions. The report provides a brief history of the development of spam, an explanation of how to define the different types of spam and an overview of technological and social ways of combating spam. The report provides a starting point for understanding the scale of the problem and begins a consideration of what further and higher education institutions can do to readdress the pervasive problem of unsolicited bulk e-mail.This report outlines the growing problem of spam (unsolicited bulk e-mail), which has become a pervasive problem for Internet activity and has important implications for further and higher education institutions. The report provides a brief history of the development of spam, an explanation of how to define the different types of spam and an overview of technological and social ways of combating spam. The report provides a starting point for understanding the scale of the problem and begins a consideration of what further and higher education institutions can do to readdress the pervasive problem of unsolicited bulk e-mail. INTRODUCTION: At a recent address to the World Economic Forum, Microsoft’s Bill Gates promised that ‘spam will soon be a thing of the past’ (Weber, 2004). Although others do not share Bill Gates’s optimism (Arthur, 2004), his hopes to completely eradicate all spam by 2006 reflect a growing impatience with the problem of escalating amounts of unsolicited bulk e-mail. Unsolicited bulk e-mail – or spam as it is popularly called – currently accounts for 63 per cent of all received e-mail in March 2004 (Brightmail, 2004; Salem, 2004). Of the 70 million e-mails that Brightmail filtered in September 2003 alone 54 per cent was unsolicited mail and that percentage is increasing year on year. In addition, Shinya Akamine, chief executive of Postini Inc., a US spam-filtering company, told a recent US Congress hearing that she believes spam has grown from 78 per cent to 83 per cent of all e-mail traffic this year (Krim, 2004). But although Bill Gates’s plan to use a combination of different ways of filtering e-mail may lead to a significant reduction of spam in the short term, many are concerned that spam will never be completely eradicated (Hypönnen, 2004; Linford, 2004). Spam has increasingly become a problem for all sectors of industry and education since the development of the World Wide Web and the increased use of e-mail for business and education (Salem, 2004). A series of attempts, both technological and non-technological, have been made to try to combat the increasing problems of congested mailboxes and to counter the heavy weight of unwanted e-mail traffic, which will have a strong effect upon the overall performance of the Internet. This has obvious implications for further and higher education in terms of the priority of maintaining institution-wide systems that are being used to support administrative tasks, and are increasingly being used for the delivery of learning materials and to support online communities of learners (de Freitas and Roberts, 2004). In order to more fully consider the possible solutions to the spam problem, this paper will provide: a brief overview of the development of spam from the earliest direct marketing of Charles Ponzi to the modern day spammers, and a consideration of the different types and examples of spam. We will also consider the scale of the problem de Freitas and Levene Page: 3 JISC Techwatch Paper. Spam on the Internet and provide a technological review of the current methods being used to filter, track and block spam. We will also consider some current and future non-technological solutions including legislation, financial penalties and collaborative systems. We will conclude with some observations about the possible future of spam. While the authors note a paucity of academic literature, with a particular need for literature on spamming written from social scientific perspectives, the report therefore draws upon interviews with noted experts in the field as well as sourcing from a wide range of technical and journalistic reports and articles. Notably there is an increasing issue of spam affecting instant messaging and texting services delivered to mobile devices (Syntegra, 2003). This paper primarily concerns the use of e-mail for spamming due to the large scale of the problem. PART ONE: THE PROGRESS OF SPAM This section will provide a brief overview of spam from the earliest direct marketing in 1919 until today when the increasing use of spam is creating potential problems that may even lead to a collapse of the e-mail system (Hypönnen, 2004). In 1919, Charles Ponzi developed the direct marketing pyramid scheme allowing investors to ‘double their money in 90 days’, a claim that resulted in mass investment into the scheme, making it an overnight success. Ponzi had promised money back fast but these promises turned out to be unfounded and within four months many people had lost a lot of money and Ponzi was imprisoned. Direct marketing using the postal system was established and its potential applications were just beginning. While Ponzi was the first to use the postal service for direct marketing, the uses of spamming have evolved since then but remain mainly commercial. With the advent of the electronic mail system in the 1970s a new opportunity for direct marketing using unsolicited electronic mail became apparent. In 1978, Gary Thuerk compiled a list of those on the Arpanet and then sent out a huge mailout publicising Digital Equipment Corporation (DEC – now Compaq) systems. The reaction from the Defense Communications Agency (DCA) who ran Arpanet was very negative and it was this negative reaction that ensured that it was a long time before unsolicited bulk e-mail was used again (Templeton, 2003). As long as the U.S. Government controlled a major part of the backbone, most forms of commercial activity were forbidden (Hayes, 2003). However, in 1993 the Internet Network Information Center was privatised, and with no central government controls, spam, as it is now called, came into wider use. The term ‘spam’ was taken from the Monty Python Flying Circus (a British comedy team) and their comedy skit that featured the ironic ‘spam song’. The purpose of the sketch is to say that ‘spam is something you get whether you order it or not, and de Freitas and Levene Page: 4 JISC Techwatch Paper. Spam on the Internet eventually the noise of ‘spam’ will drown out everything else’ (Viatel, 2004, p. 3). Conversely, where ‘spam’ came to mean unsolicited e-mail, the term ‘ham’ has come to mean e-mail that is wanted. Brad Templeton, a UseNet Pioneer and chair of the Electronic Frontier Foundation, has traced the first usage of the term ‘spam’ back to MUDs (Multi User Dungeons) or real time multi-person shared environment and the MUD community. These groups introduced the term spam to the early chat rooms (Internet Relay Chats). The first major UseNet (the world’s largest online conferencing system) spam was sent in January 1994 and was a religious posting: ‘Global alert for all: Jesus is coming soon’. The term spam was more broadly popularised in April 1994 when two lawyers Canter and Siegel from Arizona posted their message advertising their information and legal services for immigrants applying for the US Green Card scheme. The message was posted to every newsgroup on UseNet, and after this incident the term spam became synonymous with junk or unsolicited e-mail. Spam spread quickly amongst the UseNet groups who were an easy target for spammers simply because the e-mail addresses of members were widely available (Templeton, 2003). More recently spam has been spreading at an increasingly rapid rate, and while groups of spammers were relatively small in the past, the wide availability of ‘spam kits’ over the Internet (which include mailing lists and detailed instructions on how to set up a spam outfit) has spread the practice from the United States to China, Russia and South America (Thomson, 2003; Linford, 2004). Since 2000 the threat from ever-increasing volumes of spam, the spread of viruses through spamming and an increasing number of those spamming has contributed to significant increases of email traffic and an increasing problem for IT Systems Groups everywhere. The scale of the problem is perhaps best highlighted when we consider the growth of spam since 2001, when the percentage of spam, according to Brightmail Inc., was 7 per cent of all received e-mail. By 2002 this had grown to 29 per cent, and by the end of 2003 the total stood at 54 per cent (Salem, 2004). In March 2004 the percentage had increased to 63 per cent and this is set to rise considerably higher. See Graph 1, below. de Freitas and Levene Page: 5 JISC Techwatch Paper. Spam on the Internet Graph 1: The Escalation of Spam Worldwide, 2001-2004. Source: Brightmail. 0 10 20 30 40 50 60 70