|
|
|
Cover Story
|
| |
|
|
Drowning
in
spam
|
E-mail is here to stay and it's going
to get even bigger. How will we cope?
By Campbell McCracken
|
|
| |
E-mail, along with its
infrastructure, the internet, has been hailed as one of the Wonders of
the Modern World. And although it has now been around for several years,
it shows no signs that it has reached the end of its usefulness. On
September 11th last year, when land and mobile phone networks reached
saturation point and normal means of communications came to a halt, the
messages still got through and e-mail continued to work, just as it was
designed to.
|
|
Box 1 Spam, Spam, Spam, Spam |
|
In her recent report "Keeping Spam Out
of Your E-Mail", Joyce Graff of the Gartner Group identifies four
different types of spam, or e-mail that you didn't want to, or
didn't need to, see. These are:
- Pure Trash - fraudulent schemes, pornography, invalid senders, etc. Some
fraudulent spammers have been surveyed as sending more than half a million
e-mails a day selling bogus or worthless products.
- Chain Letters, Hoaxes, etc - Generally they are forwarded to you by people
you know, who should know better but don't.
- Junk Mail - These are distinguished from Type 1 in that they
are from honest people trying to make a living.
- Occupational Spam from Colleagues - e-mails where you are included unnecessarily
in the distribution list.
Categories 1 and 2 generally come from external sources and
throughout 2002 they will account for as many as 25 percent of
the e-mail messages on the internet. Users will require third party
help to control these forms of spam. You need to control Categories
3 and 4 yourself by unsubscribing from mailing lists, setting up
e-mail rules in your e-mail software to delete or quarantine files,
and by educating your colleagues.
|
One of the reasons
it still survives is that the manner in which it is used changes every
few years. In the beginning, e-mail was used for one-to-one or one-to-few
communications. Then, with the arrival of the first electronic mailing
lists, it changed to one-to-many communications. The dominant software
for running mailing and discussion lists is ListServ, written by Eric
Thomas to automate the tedious task of administrating the lists.
E-mail is evolving yet again, this time as a
medium for direct marketing. Eric's company, L-Soft, hopes to capitalise
on this latest trend with his latest tool, ListServ Maestro. "This is
a product that we developed specifically for marketing people who work
with a campaign concept," says Thomas. "They need to send people offers
and see what kind of response they get, and then possibly improve the
offers."
A typical campaign process to sell, say, some old TVs to a
contact list of 50000 people would be to write three completely
different advertising blurbs, and send them to 50 people each and
see the response. Then, once you know which of the blurbs is better
than the others, that's the one you send to the remaining people.
"What ListServ Maestro will do is it will guide you with a workflow
diagram, through the process of creating these messages," says Thomas.
"You can test the messages to make sure that they are in the right
format, send them and then track the responses."
Too many e-mails
But many people think that this last metamorphosis is threatening
the very effectiveness of e-mail as an efficient communications medium.
"When I first started in e-mail, it was treated like instant messaging
is today, " says Brian Dorricott, managing director of Gordano, UK based
developer of mail server software. "You didn't get many, but they were
all high quality, they were the ones you had to respond to. There wasn't
all the 'cc'ing that seems to go on now."
|
|
Box 2 Anti-Spam |
|
E-mail software company Gordano believes
it has a solution to part of the problem. They are introducing a
'Confirmation' option into their GLWebMail product that initially
stops mail from unknown senders from getting through to the
recipient. "What happens is our system sends an e-mail straight
back to the sender saying 'If you want this message to reach
Brian, you've got to reply to this'," says Brian Dorricott.
"If it's a piece of spam (unwanted e-mail), usually there's
nobody at the other end and so it never gets a reply and the
original message is eventually deleted. That means that I don't
get to see the spam."
"If it's a real person, they reply
and the message gets through to me. It's been very effective in
cutting down the amount of spam that's around. Since I've switched
it on I haven't had any unsolicited marketing e-mails. The other
thing that's nice is that it's not getting a large number of
false positives, ie it's not throwing away messages that are
not spam." |
Joyce Graff, e-mail analyst with the technology researchers and
consultants Gartner Group, agrees. "There's 16 times as much spam today
as there was a year ago," she says (See Box: Spam, Spam, Spam, Spam).
"If half of what's in your e-mail Inbox is trash, it becomes demoralising."
The Gartner Group research has shown that 42 percent of executives tap
into their e-mail while they are on holiday. "One of the reasons is that
they are afraid to come home from holiday to
find 500 unread e-mails."
The storage of e-mails
is also becoming a problem. "I think what we'll see is the number of
messages and size of messages increasing," says Gordano's Dorricott.
"That is going to lead to issues with storage of messages for users
and administrators. I regularly see mailboxes 100MB in
size. If every organisation has that, and you've got 5,000 people,
you're starting to look at a fairly significant chunk of data to
maintain and backup."
Security
The forecast increase in the number of e-mail messages also leads
to concerns about an increase in the frequency of e-mail-borne viruses.
But whether or not they will reach epidemic proportions is anyone's
guess. "It's very difficult to tell how big a problem e-mail viruses
is," says Gordano's Dorricott, "because a few ISPs now do virus scanning
on your behalf. So you may not know about it because
they stop it."
But that is no
reason for complacency. "From a security point of view, scanning for
viruses is absolutely vital. The real issue is that because we've got
a large number of people using Outlook, any virus that exploits
Outlook immediately propagates very very quickly."
"We're also seeing
lots of Trojan horse type viruses turning up. They can come in through
an e-mail, install themselves and as far as the user is concerned he
doesn't know anything about it," says Dorricott. "And those programs
can identify things like which keys you're pressing, which means they
could be capturing and broadcasting all your passwords, banking
information, etc."
Interception / Impersonation
Another security issue with e-mail is
that it uses clear text all the way through, so whatever you write, somebody can read. And
it can be read at lots of different stages. Typically when you send a message, it will go
to your ISP mail server, and then to the next server, and so on all the way down the line
until it reaches the recipient. The message can be intercepted at any one of those hopping
points or when it's being transferred. Someone could use information in you e-mail, or
could substitute your e-mail message for one of their own.
But you don't have to intercept an e-mail
to carry out an act of impersonation. The "To", "From", "Subject" and "Date" fields in a
standard message are created by the client software, and there's no checking by the server
to make sure that it's right. "You can put anything there," says Gordano's Dorricott. "You
could forge an e-mail from god@universe.com just by putting whatever you want in
there."
One of Gordano's products, eSarah,
can provide administrators with the information to allow them to check for e-mail
impersonations. "What we can do is record every message that passes through the firewall,"
says Dorricott. "We can log every message along with who it's really going to and who it
really came from."
"One of the main reasons we hear about
companies wanting to log e-mail is to check up on what employees are doing," says Dorricott.
"We had one example of a school where some of the kids were sending out obscene
e-mails purporting to be from the headmaster. Of course, that's immediately
caught because you knew the real address it came from rather than the one the kids are
putting in the e-mail message."
e-mail in Business
Despite these difficulties, from a
business point of view, e-mail is regarded as being the most important part of the internet.
"When I started up Internet Shopping (the former name for Gordano) I got a webserver
running no problem, but I couldn't get e-mail," says Dorricott. "So I couldn't do any
business. I could advertise stuff but no-one could buy it from me."
E-mail's usefulness as means of
managing your knowledge is overstated. Simon Kent, senior vice-president of marketing at Knowledge
Management Software says "Because you need to know who to be able to
send that e-mail to. You need other things like expertise identification to send it to
the right person."
And once you've found the gem of
knowledge you need to capture it in some sort of knowledge base so that you're not using
e-mail yet again to go and pester the same expert time and time again. Kent continues: "So
this is where
e-mail becomes quite limited in that it needs other things around it to
get into the sphere of managing corporate information and corporate knowledge."
However, despite these limitations,
most users agree that e-mail is here to stay. "I don't think e-mail has reached its peak,"
says Eric Thomas. "There have been doomsday prophecies for the last ten years. But e-mail
is here. It works. 94 per cent of people connect to the Internet to get e-mail and this is how we
do our business today. We send e-mail to each other."
|