• United States
by Steve Taylor and Joanie Wexler

Combating spam

Sep 09, 20032 mins

* Anti-spam weaponry

The profound impact that storms of superfluous e-mail can have on network performance became woefully apparent with the latest iteration of the Sobig worm.

Since we have well-known e-mail addresses, we were obviously targets of lots of bogus Sobig messages, which ate up transmission resources.  But then the second flood of e-mails came: those generated by antivirus programs to notify senders (albeit innocent ones) that they have sent infected e-mails.

One of the problems with the majority of Internet e-mail is that it uses the Simple Mail Transport Protocol (SMTP). SMTP contains a fatal flaw, in that it assumes that people will play fairly.  In particular, SMTP presumes that the “from” e-mail address is correct. But Sobig, of course, spoofs the sender’s address, replacing it with some other address. 

So many of us have been bombarded not only by spam messages, but also by the avalanche of follow-up notifications generated automatically by antivirus programs. If you’re still running antivirus software that makes the well-meaning assumption that “from” e-mail addresses are accurate, consider disabling the notification function.  It only clogs the Internet with useless notification messages.

The good news, especially for small and midsize businesses that might not have sophisticated anti-spam and antivirus systems, is that third-party spam filtering services are pretty effective.  We’ve been particularly impressed with Spamcop (  With Spamcop, you pay a fixed monthly fee per account, and all of your e-mail runs through its filters.  The service doesn’t catch 100% of bogus mail, but over the past year, Spamcop has blocked more than 70,000 messages that Steve would have otherwise had to download.

These types of services can especially aid remote teleworkers.  So long as the primary mail server is not local, the piles of spam don’t impact the limited resources and bandwidth associated with the local server.  Instead, only the filtered messages pass through. 

Maybe we’ll eventually see a more tightly regulated Internet with better sender authentication on e-mail.  But for the time being, these kinds of services provide a good stopgap.