• United States

Anti-spam alliance discusses best practices

Jun 29, 20042 mins
Enterprise ApplicationsMessaging Apps

* Anti-Spam Technical Alliance makes recommendations to curb spam

Last week, the Anti-Spam Technical Alliance released a document that discusses a variety of technologies and best practices that its members are implementing in an attempt to curb the spam problem, as well as related problems like denial-of-service attacks.

ASTA represents some of the biggest players in the messaging industry – AOL, British Telecom, Comcast, EarthLink, Microsoft and Yahoo – with tens of millions of e-mail users, and so their recommendations are likely to carry a lot of weight in the industry.

Many of the recommendations discussed in the document are basic common sense and most of them should have been implemented by ISPs long ago: close open relays, carefully monitor applications and scripts on Web servers that can turn them into spamming engines and reconfigure open proxies to make them less able to send spam and other unwanted content.

The document also offers other recommendations, including implementing authentication mechanisms for users to be able to send e-mail; detecting and quarantining computers that may have been turned into “zombies,” or spam-generating engines; disallowing new accounts to be created automatically. Recommendations for bulk-mailing organizations include a variety of good practices, including not spoofing others’ domains, monitoring SMTP responses from mail servers that receive these mailers’ content, providing recipients with the ability to unsubscribe or opt out, and not harvesting e-mail addresses through SMTP.

One of the more controversial recommendations offered in the document is the proposed creation of rate limits on sending mail. The document suggests that an account should be limited to sending e-mail to 150 recipients in a one-hour period and 500 in a day. While this would be no problem for the vast majority of legitimate home users, there are a large number of home-based businesses that might be adversely impacted by such limits.

Overall, the ASTA recommendations make good sense for anyone that uses e-mail, provides mailbox services to others or sends out large quantities of e-mail. Whether they will make much difference has yet to be seen.