ISPs See New Tech As Key To Beating Spam
It was bad enough that about two-thirds of Leah Simon-Weisberg's e-mail was spam, but the graphic sexual images she couldn't abide. Blocking individual e-mail senders wasn't working, so the frustrated Los Angeles lawyer played her only other card: She jettisoned a six-year relationship with America Online, Time Warner Inc.'s (TWX) Internet-service provider unit.
"I switched in February or March, and I've yet to get a single bit of spam, not even one," she said, in praise of her new provider, EarthLink Inc. (ELNK).
To be fair, America Online has worked as aggressively as any ISP to spare its customers from spam. Lately, it has been screening out a staggering 70% to 80% of the 2 billion to 3 billion messages it handles each day. And plenty of people who use EarthLink get spam and complain about it. The stuff is everywhere, multiplying and extremely difficult to stop.
But what's clear is consumers are holding their ISPs responsible. Unnerved by the complaints, concerned about losing subscribers and worried consumers could one day shun e-mail altogether, ISPs have taken up the challenge.
Despite hot rivalries, America Online, Yahoo Inc. (YHOO) and Microsoft Corp. (MSFT), owner of the MSN and Hotmail services, are now coordinating what they characterize as a multi-front fight on spam that includes technological innovation, lobbying for anti-spam legislation, prosecuting egregious spammers and educating users about how to keep their addresses private.
But technology, they concede, has the best chance of turning the problem around, mostly because spammers have shown little respect for laws or fear of getting caught. And with e-mail so cheap to send, they have every economic incentive to persist. As such, ISPs are working hard to create smarter spam filters, find new ways to block spam attacks and ensure the e-mail users want gets through.
"In a year or two, it's possible you can contain this" with technology, at least as a problem for users, Kevin Doerr, business manager for anti-spam technology and strategy at Microsoft, said at a conference last month. And that will eat away at spammers' ability to profit from their labor.
Brian Sullivan, senior technical director at America Online agrees: "If they are no longer getting their return on investment because they're no longer going to get their mail in front of a user, they'll move on to something else."
With barriers to entry fairly low, breakthrough anti-spam technologies are apt to come from companies large and small in the coming years. But ISPs, because they handle such large amounts of e-mail, have both a unique opportunity to make a dent in the overall problem by implementing them and a special advantage when it comes to creating them. Big ISPs can quickly see spammers' latest tactics for evading roadblocks and then respond in kind. And they can see trends that might just help them get a step ahead.
Technological innovation is already helping. Each time Yahoo introduced new tools this year, its customers' spam complaints took a permanent step down, even though the volume of spam that Yahoo saw rose steadily. In July, its users reported about 700,000 spam messages a day, down from 2 million at the beginning of the year.
"Technology has... and will continue to (produce) a step-function decline, and we think this trend can continue for us," says Vice President of Communications Brad Garlinghouse.
ISPs are rolling out a host of new anti-spam tools and pursuing myriad new ideas at the ISP, user and infrastructure levels to get to this brighter future.
"No wooden stake drives in the heart of this beast," Sullivan says.
ISP Tools
Service providers are using ever more sophisticated filters to catch spam before it reaches customers, while checking messages against "white" lists of legitimate senders to avoid blocking wanted messages. And they're increasingly using anti-virus scanners to remove e-mail viruses, which can look and clog up systems like spam.
ISPs are also looking for ways to block spam attacks. For instance, so-called dictionary attacks, which involve blasting a domain with randomly generated user names, most which don't exist, can be identified as they attempt to connect and get stopped.
Filter innovation is now centered on two main approaches: mathematician-created heuristics, which are complicated but set formulas, or rules, that identify spam, and algorithms, which are self-learning programs that hone rules by studying examples of spam and then make intelligent judgments about new messages received.
"We can get a lot more sophisticated in ways that spammers can't even begin to guess or predict," Microsoft's Doerr said in an interview.
While filtering is a key element, it isn't enough, says EarthLink Vice President Matt Cobb. Heuristic filtering "is typically only 70% to 80% effective," because it's hard to keep rules current and they have to be loose enough that users don't miss messages they want. The newer algorithmic filters are "a good thing, but you still have the problem that you're building rules all the time, and you're still combating ever mutating legions of spammers," he says.
User Tools
There may be drawbacks to filters, but ISPs are increasingly giving them to users, too, along with other tools that provide more individual control. This is key to addressing the problem that spam is often in the eye of the beholder, they say.
AOL 9.0 users can use heuristic filters to stop messages with keywords, such as "Viagra." And both America Online and Yahoo subscribers can use personal algorithmic filters. Yahoo's new SpamGuard Plus allows users to click a "this is spam" button, sending the message to the bulk mail folder and giving the filter more information about that user's personal definition of spam.
Some ISPs let users choose not to accept any unsolicited mail. About 15% of EarthLink's subscribers now use a permission-based system that blocks mail from any sender not on their white list and grant entry to senders not on the list who ask to join. America Online members can choose to receive messages from people in their address book only and check their spam folder for other messages they might want.
Yahoo recently started offering a new feature, dubbed AddressGuard, which helps its subscribers protect their primary e-mail addresses from spam by giving them up to 500 disposable addresses. So, for example, Simon-Weisberg, who doesn't shop online for fear of ending up on a spammer's list, could use
leah-shopper@yahoo.com on e-commerce order forms instead of her true address. If it's harvested by a spammer, she can delete it and use
leah-bargains@yahoo.com.
Infrastructure Solutions
All these creative ideas are improving life for users, but in the end they only treat the symptoms. ISPs will continue to be inundated, they say, unless changes are made to the Internet infrastructure.
Worldwide financial losses from spam are on track to reach $20.5 billion in 2003 and, if nothing is done to curtail spam's proliferation, will reach $198.3 billion by 2007, according to The Radicati Group Inc., a Palo Alto, Calif., market-research firm. It only measures "hard" costs for items like extra e-mail servers and maintenance costs incurred as spam rises from 45% of all e-mail in 2003 to, it predicts, 70% in 2007.
"I think the technology approach that has the best opportunity for controlling (spam) is going to come from cooperation from the infrastructure providers," Cobb says. "We'll find a way to bring it under control."
The ISPs are tightlipped about just what they're considering, but one major goal is to end the common spammer practice of "spoofing," or faking, sender information, which has foiled sender blacklists.
Yahoo has proposed establishing a system that would allow responsible e-mailers to prove they are who they say they are by signing mail with private domain keys generated by their e-mail programs. Recipients would open the messages using a public key embedded in the domain name system. ISPs could then blacklist e-mail from parties who won't identify themselves with keys.
"Developing that identity and trust is a really major step that can help us get to the end of the spam problem," says Miles Libbey, anti-spam product manager for Yahoo Mail. And this kind of system wouldn't be dominated by anyone.
America Online's Sullivan says: "All the companies involved, we're very self conscious... about being the 800-pound gorilla and imposing some kind of standard on the rest of the world."
ISP寻找新技术克制垃圾邮件
丽?西蒙-维茨博格(Leah Simon-Weisberg)的电子邮件中有大约三分之二都是垃圾邮件,这已经够让她头痛的了,而最让她不能忍受的是那些色情图片。
阻止个别电子邮件发送者的邮件根本没有效果,于是,这位失望之极的洛杉矶律师只好打出了最后一张王牌:舍弃了与时代华纳(Time Warner Inc., TWX)互联网服务供应子公司美国在线(America Online)长达6年的合作关系。
她说:"我在二、三月份换了供应商,到现在为止都没有收到过垃圾邮件,连一封都没有。"言谈中不乏对新的供应商EarthLink Inc. (ELNK)的溢美之辞。
公正地说,在让客户免受垃圾邮件之苦方面,美国在线付出的努力并不比其他任何一家互联网服务供应商(ISP)少。近期,该公司每天处理的信息大约有20亿至30亿条,而屏蔽的比例高达70%-80%。实际上,许多EarthLink的用户都会收到垃圾邮件,并对此怨言颇多。
有一点很清楚,那就是客户认为ISP应对此负责。疲于应付客户的抱怨并对客户的流失忧虑颇多的ISP们,已经决定接受这一挑战。
尽管竞争激烈,但美国在线、雅虎(Yahoo Inc., YHOO)以及MSN和Hotmail服务的供应商微软(Microsoft Corp., MSFT)目前却在联手打击垃圾邮件,他们将此称为多方面的战斗,其中包括技术革新、游说通过反垃圾邮件立法、起诉大量发送垃圾邮件的人、并教育用户如何保持其邮件地址的私密性。 但是,他们承认,最有可能解决这一问题的方法是技术,这主要是因为那些发送垃圾邮件的人对法律根本不屑一顾,也毫不担心会被抓住。
微软的反垃圾邮件技术和策略业务经理凯文?多尔(Kevin Doerr)上个月在一次会议上表示,在一两年内,就有可能通过技术来遏制垃圾邮件。这将会阻碍垃圾邮件发送者通过发送垃圾邮件而获利的能力。
由于进入这一技术领域的要求相当低,因此未来数年内大大小小的公司都有可能在反垃圾邮件技术方面取得突破性进展。但由于ISP们处理著数量如此众多的电子邮件,因此,他们既拥有独特的机会,可以通过使用这些技术使整个问题得到一定程度的解决,又有开发这些技术的独特优势。大型ISP可以很快发现垃圾邮件发送者在躲避障碍方面使用的新技巧,从而迅速作出反应。他们也能看到那些可能有助于自己继续前进的趋势。
技术革新已经在发挥作用了。今年以来,每次雅虎推出新的工具,客户对垃圾邮件的抱怨就会永久性地下一个台阶,尽管EarthLink的垃圾邮件数量仍在稳步增加。今年7月,雅虎用户公布每天收到大约70万条垃圾邮件,远低于年初的200万条。
ISP工具
服务供应商正在使用复杂程度前所未有的过滤工具,一方面要识别垃圾邮件,阻止这些垃圾邮件到达客户端,另一方面还要与合法邮件发送者的名单相对照,以免将客户需要的邮件屏蔽掉。而且,ISP还越来越多地使用防病毒扫描工具来删除那些像垃圾邮件一样可以阻塞系统的电子邮件病毒。
ISP们也在寻找办法,阻止垃圾邮件的攻击,例如所谓的字典攻击(dictionary attack)。字典攻击是以随机生成的用户名(多数并不存在)攻击网站,ISP希望在这种病毒试图攻击网站时可以对其进行识别,从而阻止它们的攻击。
过滤技术目前主要采用两种方式:一种是数学家创建的算法,这是一套可以识别垃圾邮件的复杂但固定的运算法则;另一种是试探法,这是一种自我学习式的方法,通过对垃圾邮件的范例的研究不断对法则进行完善,然后对新收到的信息进行智能化判断。
微软的多尔在一次采访中表示,邮件屏蔽方式可以更加复杂,垃圾邮件发送者也许甚至连想都不曾想过。
EarthLink副总裁迈特?科布(Matt Cobb)称,虽然过滤是一种重要方式,但这还不够。算法过滤方式通常只有70%至80%的有效性,因为屏蔽规则很难及时更新,而且必须留出足够的空间以免屏蔽掉客户需要的信息。
过滤方式也许有其自身的缺点,但ISP们却在越来越多地向用户提供这种方式,以及其他更具自主控制权的工具。他们说,这对解决垃圾邮件邮件的问题非常重要。 AOL 9.0的用户可以使用算法过滤工具阻止含有"Viagra"等关键词的信息。美国在线和雅虎的用户都可以使用个性化的"试探法"过滤工具。雅虎新的SpamGuard Plus工具使用户可以通过点击"这是垃圾邮件"的按钮,将这一信息发送到大宗邮件文件夹,使过滤工具对用户自身对垃圾邮件的定义有更多的了解。
一些ISP让用户自己选择是否接收任何主动发送的邮件。在EarthLink的用户中,大约有15%的用户现在在使用一种基于用户许可的系统来阻止不在其许可名单上的邮件发送者发送的邮件,或授予要求加入名单的邮件发送者进入其邮件系统的权利。 雅虎最近开始推出一种名为AddressGuard的新的特色服务,帮助其客户保护主要电子邮件用户地址免受垃圾邮件的攻击,例如,这种服务可向客户提供多达500个可自由处理的地址,让客户在进行网上购物时使用这些地址。
基础设施解决方案
所有这些具有创造性的方法都在不断改善用户的生活,但归根结底,这些方法只能治标不能治本。ISP们表示,如果不对互联网基础设施进行改造,他们将始终被淹没在垃圾邮件之中。
据加州帕洛阿尔托的市场研究公司The Radicati Group Inc.的研究结果,垃圾邮件造成的全球经济损失在2003年有可能会达到205亿美元,如果不采取措施阻止垃圾邮件的增长,这种损失在2007年将达到1,983亿美元。该公司只仅仅衡量了增加电子邮件伺服器和维护成本等产生的"硬性"损失。该公司估计,到2007年,垃圾邮件数量占所有电子邮件的比例将从2003年的45%升至70%。
ISP们对他们打算采取的行动缄口不言,但他们的一个主要目标是结束常见的"欺骗性"或"虚假"邮件发送者信息,这类信息可以避开发送者黑名单。
雅虎建议构建这样一个系统,让负责任的电子邮件发送者以其电子邮件系统产生的域私钥(private domain key)作为其邮件签名,来证明自己的身份。邮件接收人可以用域名系统中嵌入的公钥(public key)来阅读这些信息。这样,ISP就能够将那些不愿以私钥来证明自己身份的人列入黑名单。
