SPAM - The Issues, Impact and Reducing SPAM (Part 1)

by Jeff McDermott [Published on 8 Feb. 2006 / Last Updated on 23 Jan. 2013]

SPAM is one of the biggest challenges facing Internet consumers, corporations, and service providers today. Part 1 of this article explores the Issues and Impact of Spam. Part 2 provides some insight into methods for reducing Spam.

If you would like to read the next article in this series please go to SPAM - The Issues, Impact and Reducing SPAM (Part 2).

SPAM - The big Problem!

SPAM, has become one of the biggest problems facing the Internet today. In fact Spam and the "patchwork" attempts to reduce Spam have turned email into an unreliable Internet tool today. If you talk to some end users they don't see much difference between Spam and the ordinary junk mail that mail carriers have delivered for years. They may say "all you have to do is hit delete". Obviously these people have never had hundreds of Spam messages hit their inbox in a very short period. Additionally they have never run a network or email gateway. The cost to corporations in bandwidth, delayed email, and employee productivity has become a tremendous problem for anyone who provides email services. Many customers think their Internet Service Provider (ISP) should be able to fix the problem. But Spam is a world-wide problem, and email systems around the world are not setup in a consistent manner. This article is the first in a two part series that sheds light on the concerns, costs, and methods for reducing Spam. Unfortunately there is no "silver bullet" for killing Spam. If that magic bullet existed, ISP's and corporations worldwide would have already pulled the trigger!

Issues Created by SPAM

  • Unwanted email irritating Internet consumers.
  • Critical email messages are missed and/or delayed.
  • Consumers change ISP's all the time looking for consistent email delivery.
  • Loss of Internet performance and bandwidth.
  • Millions of compromised computers.
  • Billions of dollars lost worldwide.
  • Identity Theft.
  • Increase in Worms and Trojan Horses.
  • Spam can crash mail servers and fill up hard drives.

SPAM from the Consumers' Perspective

Many modern Internet users are really naive. They don't understand the issues surrounding Spam. They want to take advantage of all the cool things they see more savvy Internet users doing. They expect someone to stop all the madness, and become frustrated when a message they sent becomes delayed, missed and possibly lost in the patchwork attempts to reduce Spam. Even if their company or Internet provider has implemented all the most recent methods to reduce Spam and keep email data flowing, it doesn't mean the person sending or receiving the email has all the latest protections in place.

SPAM from the Corporate or Internet Service Providers' Perspective

Spam protection schemes can become expensive. Constant change and maintenance is required to try and stay in step with Spam. End user support and education is frustrating and costly. Mail Servers often become busy with Spam, delaying mission critical communications. Churn of end users, frustrated with Spam and email problems.

Methods Spammer's Use

  • Buying lists of addresses from other Spammer's or persons looking to profit from valid lists.
  • Harvesting email addresses from web sites with automated programs.
  • Stealing users address books on compromised computers.
  • Setting up fake accounts with ISP's to use for sending Spam.
  • Collected via Internet Relay Chat (IRC) programs.
  • Directory Harvest Attacks - Guessing email addresses, then sending email to see if it goes through.
  • Social Engineering - Using false reasons to trick a user into giving up their email address.
  • Harvesting email addresses from UseNet News posts.
  • Signing up for legitimate dial-up accounts under fictitious credentials.

Realtime Black-hole Lists (RBLs)

RBL's are lists on the Internet that track the IP addresses of machines recently known to be Spamming. Subscribers use these lists to check if a sender is a suspected Spammer and reject email from IP addresses on the list. Unfortunately there are several lists, and they don't all work the same. Some actually charge you to get off the list, and then others may block addresses of innocent users that are in the same IP range as a Spammer. Blacklists prevent millions of innocent e-mails from arriving at their destinations. Don't get me wrong. Blacklists mean well, and have been a helpful tool in helping curb Spam, however too many lists run differently sometimes creates a real problem for email administrators, ISP's, and legitimate users of email. But RBL's have also been very helpful in bringing awareness to the Spam problems, and have played an important part in helping curb issues. Hopefully someday the need for RBL's will be obsoleted.

Patchwork Attempts to stop and reduce Spam

If you've been reading carefully, I've used the word patchwork twice now. Here is what I mean. A patchwork quilt is a blanket made of various patches of material. That really is a good definition of Internet email systems today. If only the early designers of Internet email had a crystal ball, things today would be different. Unfortunately, nobody knew where all of this was really heading and how commercialized the Internet would become. Millions of email servers have been setup around the world, and many changes in email services have been developed over the years creating a patchwork design of servers with various degrees of vulnerability. In other words not all these email servers are setup the same, and with all the latest safeguards. Many servers follow current Request For Comments (RFC's), and others do not. Not all servers subscribe to the same RBL's, and not all RBL's are implemented the same or even correct or ethically (as described above). Thus what you get is email problems beyond the control of end users, and outside complete control of the companies providing email services.

Why don't they just track down and stop sources of Spam

Typically the goal of Spam is to sell some product or service. Of course not all of these services are always good and proper, but then again some are. It would be nice if all Spam advertising could be tracked back to a store front like typical advertising, however Spammer's typically do not operate this way. Why, because if it were easily traced it would be easily stopped. Of course there is always the Spam that comes from "off-shore" where laws do not apply. But the majority of todays Spam comes from compromised end user machines. Think about it, if you could use the computer of some unsuspecting person to send out millions of emails to huge lists of people, your now using the resources of someone else's computer, and some service providers bandwidth to do your "dirty advertising" for free. Then if the recipient of the Spam complains, they are are never really reaching the actual Spam advertiser. Many ISP's have thousands of these compromised computers on their network spewing out Spam. An almost impossible problem for service providers to keep up with. We will touch more on this in Part 2 of this white paper.

Part 1 Summary

Many of us who deal with email issues on a day to day basis understand how bad the Spam problem Spam really is. As a person working in an ISP environment, I would say it is the biggest problem we all face currently. If you think about it, the average person using the Internet today thinks email is the most important part of their Internet usage. In this section I have provided information to help you understand the "Impact & Issues" regarding Spam from both a end user and corporate or ISP stance. In Part 2 we'll explore some of the methods used to help reduce Spam for all. Understand again, there is no "Silver Bullet", but there are many things that can be done to help reduce the problem. I think someday things will get better, but it's going to take time, money, education, laws, and changes and consistency in protocols in order to get there. Everyone using the Internet today must understand that the Internet is much like the "American Old West". When the pioneers initially headed west for new opportunities they had no real idea what they were getting into. It was a tough adventure, but eventually even the old west was tamed. The Internet is similar, and is really still in it's infancy. Stay tuned for Part 2, to help understand what can be done for now.

If you would like to read the next article in this series please go to SPAM - The Issues, Impact and Reducing SPAM (Part 2).

See Also


The Author — Jeff McDermott

Jeff has been involved with computers and technology since 1977 and currently has over 27 years of experience. He recieved his initial computer training and experience while serving in the U.S. Army. He has studied computers through various college and industry courses over the years, has taught courses in computing, has been Internationally published for his work with both software & hardware development for the physically and mentally handicapped. Jeff has been a computer consultant, helping many small to medium sized businesses take advantage of computer technology. Jeff has served as a security specialist and firewall administrator/engineer for a major Fortune 300 company. Jeff has a very diverse computer background, with the following areas of influence: Programming & Software Development; Networking/LAN/WAN Web Development; Information Security; Relational Database Design; Consulting; Hardware design and support; Years of management in the technical arena; I.T. Director; Creator/Webmaster of securitypanel.org for several years. Jeff is currently is the Supervisor of the Network Operations Center of a major ISP, and additionally heads up the advanced technical support team.

Featured Links