• United States

Anti-spam and the feds

Sep 29, 20032 mins
Enterprise ApplicationsMalwareMessaging Apps

The government wants to play a role in curbing the spam problem.

Surely, the various legislative proposals to control spam now circulating Congress won’t end unwanted e-mail. But, once passed, they could be of help.

National guidelines on what constitutes a genuine e-mail marketing campaign vs. an illegal spam attack will help U.S. companies partake in the former without contributing to the spam menace. On the other hand, for marketers intent on spamming, legislation won’t even be a speed bump. Spammers simply will move their operations to offshore servers in countries not bound by U.S. or European Union laws.

Knowing that, some IT managers express lukewarm support for pending national and local spam legislation. “I think it’s a good thing . . . but I’m not waiting for the government or the state of New Mexico to do something,” says Joshua Elicio, information security officer for Memorial Health Center in Las Cruces, N.M.

Anti-spam on the Hill
Criminal Spam Act of 2003, introduced in June by Sen. Orrin Hatch (R-Utah).
Stop Pornography and Abusive Marketing Act (the SPAM Act), introduced in June by Sen. Charles Schumer (D-N.Y.).
The Reduction in Distribution of Spam Act of 2003, introduced in May by Rep. Richard Burr (R–N.C.).
Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM), introduced in April by Sen. Conrad Burns (R-Mont.).
Computer Owners’ Bill of Rights, introduced in March by Sen. Mark Dayton (D-Minn.).
An unnamed effort for a joint anti-spam agreement between the U.S. and European Union, proposed in July.

Still, others root for any spam-fighting tool they can get, including legislation. For Dave Jordan, chief information security officer for Arlington County in Virginia, the strong anti-spam legislation Virginia enacted in April is such a weapon. While other states have enacted civil anti-spam laws, this one makes spam a felony in Virginia, carrying a penalty of jail.

“We have firewall logs and analysis tools. We have identified what we believe to be spam engines and blocked the addresses. I then send them a letter telling them they are at risk for prosecution,” Jordan says.

Tough legislation coupled with technology advances could give IT managers the one-two punch they need to defeat spam.