Talking spam, hold the baloney

Nathaniel Borenstein can sound blunt and arrogant – his words – when talking about efforts to control spam. He’s also accomplished, insightful, articulate, funny and, above all else, pragmatic. So much so that a listener quickly forgives his curious insistence that the CAN-SPAM law passed last year will prove useful.

Nathaniel Borenstein can sound blunt and arrogant – his words – when talking about efforts to control spam. He’s also accomplished, insightful, articulate, funny and, above all else, pragmatic. So much so that a listener quickly forgives his curious insistence that the CAN-SPAM law passed last year will prove useful.

An IBM Lotus distinguished engineer and president of Computer Professionals for Social Responsibility, Borenstein spoke last week in Boston before members of The Open Group, a consortium of industry do-gooders. Here’s what he had to say:

On would-be spam slayers – “clueless bozos” – who insist they have the answer that no one else has imagined:

“At the risk of sounding blunt and arrogant, leave it to the vendors. Because everyone who has e-mail understands what a problem spam is, there are way too many people trying to fix it. . . . Your brilliant idea is indeed brilliant, but not nearly as brilliant as you thought – and what’s more, people are already working on it.”

On certitude among the professionals:

“I would like to propose as a starting point that anyone who knows the answer is wrong.”

On Microsoft’s claim that we’ll all know the answer in practically no time:

“One major vendor has promised a spam-free world by a year from December. I’m skeptical, although I wish them all the luck in the world.”

On future volumes:

“I don’t think we’ve seen the worst yet, but I think we’re getting close. Spam will peak in 2005 or 2006, then decline, but it’s not going to go away in our lifetime.”

On schemes that revolve around charging fees for e-mail:

“It’s a great idea, but there are a couple of problems. One is that there is no suitable technology for it today, and any kind of suitable solution is going to require some kind of solution to authentication problems. Another one is that there are so many models for who gets paid. If I have to pay a penny for every mail message, where does that money go? You’ll be stunned to know that there are a lot of volunteers to collect it.”

On ending anonymous e-mail:

“A lot of people see the fundamental problem that’s responsible for spam as being the potential anonymity of Internet e-mail and if only we had perfect authentication of every message we wouldn’t have spam. I think that adds a very dangerous perspective to it because there’s no such thing as perfect authentication, and there’s great social value to the potential for anonymity,” including its use by whistle blowers in the U.S. and civil rights activists in totalitarian countries.

On the snail’s pace of emerging standards:

“I’ve never seen an area where it’s slower or more difficult than it’s been with spam, and it’s because there are so many people who care.”

On the merging of two e-mail authentication schemes: Microsoft’s Sender ID and Meng Weng Wong’s Sender Policy Framework:

“The bad news is that it won’t reduce the spam you get a bit. The good news is that it will make it much harder for spammers to pretend to be well-known actors on the Internet.”

On the role of open source:

“Spam Assassin is the best example I’ve seen of where open source doesn’t necessarily help. Because every time they improve Spam Assassin and put it out there, spammers are among the first people to pick it up and study it.”

On what actually might help:

“The only hope for making progress is to get multiple techniques to work together in a larger, coherent context that is only beginning to emerge. . . . The bottom line is that these approaches have to work well together and until they do the spammers will continue to laugh at us.”

Have something blunt or arrogant to add? The address is buzz@nww.com.