Packetizer Logo

The Never-Ending Fight Against Spam

December 26, 2009

It has been a couple of years since we started implementing new spam prevention measures on Packetizer. Spam had reached such levels that it was almost impossible to read legitimate email, because individuals (including me) were receiving in excess of 600 spam messages every day. To say the least, it was insane.

We now have spam volumes reduced to a level that is manageable, perhaps allowing 10 to 20 spam messages through per day per user on the system. Of that, virtually all of it is effectively detected and filtered out as spam.

While the situation today is significantly better than where we were a couple of years ago, what concerns me is the fact that so much spam originates from "trusted networks". We operate a blacklist on Packetizer so that "repeat offenders" get blocked, but some networks are known repeat-offenders, but we simply cannot block them. Examples include Yahoo! and Hotmail. For Packetizer, those are the top two spam transmitters, with Google often right behind them (though not lately, interestingly). More troubling, though, is that they are not just a little more problematic, but significantly more problematic. But what can they do? They are web sites where anybody without an email address can quickly and easily create one: they provide a great service. Even so, there is no way to imagine how many "disposable" spam accounts get created daily on those networks.

As noted in the Packetizer News section, organizations that are supposed to be helping to fight spam are actually becoming a problem themselves. Organizations like Spamhaus, MAPS, SORBS, and UCE PROTECT have proven to be a disservice to the public to some degree this year. The reason is simply that they just block mail based on IP addresses. Packetizer does that too, but it's because there are no alternatives.

What the industry needs to do is to start implementing DKIM. Do it immediately. DKIM is not intended to be a spam prevention tool, but it can be a valuable tool nonetheless in fighting spam. If every domain owner signed messages with DKIM and required all mail transmitted from their domain to be signed, then it would be relatively easy to establish a certain level of trust in those domains. Rather than blacklisting IP addresses, we can blacklist domains. I believe this would be a better solution, because domain owners can usually be tracked down. If registrars follow the rules as required by ICANN and insist on having accurate domain registration information, it would most definitely be easier.

I am tired of receiving spam and I think it's time that we -- all of us on the Internet -- encourage changes that help address the problem.

Click here to view the main blog page.