Can Spam

How serious is spam? The Postini Resource Center says 10 out of 12 e-mails are spam and The Wall Street Journal estimates it costs business $8.9 billion a year for the software and labor to separate it from regular mail. But the Direct Marketing Association says there’s a positive side to unsolicited e-mail. In a recent 12-month period, 45.8 million Americans (9% of all mail users) made a purchase in response to an e-mail ad, yielding $7.1 billion in sales.

Efforts to outlaw spam have failed mostly because it’s hard to define. Microsoft says spam is “unsolicited commercial e-mail sent to advertise a product or a service,” but merchants contend that most advertising—through the mail, magazines, radio or television—is unsolicited. Federal Trade Commissioner Orson Swindle has adapted the oft-used definition of pornography: “It’s anything I don’t like.”

The technical name for spam is unwanted commercial e-mail. Using the name spam for junk e-mail comes from a Monty Python skit in which a song containing the word was repeated many times.

Products That Fight Spam Brightmail Antispam 6.0 ( www.symantec.com ). Price based on the number of licenses; designed for businesses, governments and other organizations. Updates and maintenance are automatic, but do require a link with Brightmail. Commtouch Anti-Spam Enterprise Solution 4.1 ( www.commtouch.com ). Price starts at $2,000/year, depending on number of users; designed for businesses of all sizes. The software is connected with a real-time Commtouch database over the Web. Maintenance is minimal because the software is fully automated. MailWasher Pro ( www.firetrust.com ). Costs $37, free trial version available; primarily for personal use. It can block unwanted messages before they are downloaded. It separates e-mails into three categories: probably spam, possibly spam and probably legitimate, and can be set to download, delete or report spam. It does not come “pre-trained,” so there is an adjustment period. McAfee’s SpamKiller ( www.mcafee.com ). $39.95, for business or personal use. It works by filtering incoming mails using predefined rules and datasets. It runs behind the scenes of any e-mail software using POP3, MSN/Hotmail or MAPI protocols, but does not currently support Yahoo, AOL or any other Web-based e-mail. The software has pre-set filters and custom filters; users can set up “friend’s lists” so e-mails from those they know are not filtered. It can filter e-mails according to sender, subject line, heading, origin and/or body text. It is supported and updated by releases for new known spammers. Upon boot-up, it automatically searches for updates. Norton AntiSpam 2005 ( www.symantec.com ). $39.95, for business or personal use. It must be installed on each PC. It can be easily customized, automatically synchronizes with Outlook, and features live updates. Its custom filters are tricky to use but effective. It does slow down Outlook, however. OnlyMyEmail Personal ( www.onlymyemail.com ). $3/month, 30-day trial, available in both personal and corporate versions. Installation from the Web site takes about a minute and there’s no maintenance. The software redirects e-mail through the OnlyMyEmail’s server, where it is filtered and viruses are blocked. SpamAssassin ( http://spamassassin.apache.org ). Free. This product works on many different e-mail systems and on both PCs and servers. It requires frequent update installations and must be trained by the user.

REDUCE THE CLUTTER
Although you can’t totally beat the spammers, here are some defensive steps you can take to reduce the clutter:

Step 1: Never reply to spam. This includes clicking any link from sources you don’t recognize inviting you to unsubscribe.

Step 2: Use “plus-addressing.” You can obtain several addresses, each with a slight change, from any of several free e-mail services, including www.hotmail.com , www.juno.com and www.yahoo.com . So in addition to rjones@sbc.net, you can use rjones1@sbc.net or rjones2@sbc.net. When registering online for content or services, use one of the plus-addresses—and keep your regular address private.

Step 3: Use the spam filters provided by your e-mail software—Outlook, Eudora and Thunderbird, as well as antivirus software and firewalls. Or check whether your e-mail Internet service provider (ISP) is using spam-filtering techniques. If not, consider switching.

Step 4: Consider not using the preview pane in your e-mail package. When you open a message in which that feature, showing the first few lines of each e-mail, is activated, it reports back to the spammer that your account is active and valid.

Step 5: Do not include links to your e-mail address on your Web site.

Step 6: Use antivirus protection and firewalls to protect your computer from being used by spammers.

Step 7: When registering for information or content on the Web, uncheck boxes that invite mailings.

Step 8: Don’t forward chain letters, petitions or virus warnings from sources you don’t trust. They’re used by spammers to collect addresses.

MANAGEMENT STRATEGIES
The second line of defense is to attack spam at the organizational level by educating employees, establishing an e-mail address on which they can report spam to the IT department and installing software to minimize it. It’s possible to block about 90% of spam at an acceptable level of errors.

One of the headaches caused by spam-fighting programs is false negatives that fail to block spam and false positives, where the software labels a legitimate e-mail as advertising. Manage false positives by using software that blocks suspect messages in a quarantined area while letting users set up lists of trusted sources.

Remember to test your antispam strategy and software prior to full implementation. You can create shadow e-mail accounts and try out your antispam program on them.

Some day spam may be a thing of the past. In the meantime, the only defense is constant vigilance, and the best it can achieve is keeping the annoyance under control.

DOUGLAS HAVELKA is an assistant professor of management information systems at Miami University in Oxford, Ohio. His e-mail address is havelkdj@muohio.edu . CATHERINE S. NEAL is an assistant professor of business ethics and business law at Northern Kentucky University in Highland Heights. Her e-mail address is nealc1@nku.edu .