February 28, 2003, 2:09 PM — Underscoring growing concern over spam, the Internet Engineering Task Force (IETF) has created a new Anti-Spam Research Group (ASRG) that aims to put unsolicited commercial e-mail in its crosshairs by setting standards for spam detection and potential legislation.
"We decided to go ahead now because it's clear that spam has become a serious problem for organizations," ASRG Chair Paul Judge said Friday.
Judge, who is also the director of research and development at e-mail security firm CipherTrust Inc., added that while there are a patchwork of spam-fighting tools already available, the industry has yet to take a systematic approach to the problem.
The anti-spam group will work within the organization' s Internet Research Task Force and will investigate whether a single architecture can be implemented that will allow e-mail receivers to express their consent and, more importantly, lack of consent for certain communications. This approach is due to the fact that everyone's definition of spam is different, the group said, making e-mail a consent-based communication.
"The definition of spam is highly subjective," Judge said, "so by labelling it a consent-based communication we can come up with an architecture that supports that idea."
The anti-spam group wants to develop an architecture with three components: consent expression, consent enforcement and source tracking.
According to Judge, it's important to push consent expression back closer to the source -- such as at the Internet backbone and ISP (Internet service provider) level -- to most effectively block spam. Judge envisions a system whereby ISPs set rules for the type of e-mail that they stream, with e-mail being further filtered at the Internet gateway and end-user level.
Tracking down spammers will also be a major component, Judge said, adding that this is a weakness in current solutions. The group will not only be looking to endorse spam-fighting legislation but will also look into recommending technical changes that would make it easier to identify spammers, Judge said.
"E-mail protocol was introduced many years ago and it is very trusting and open," he said.
However, the solutions the group eventually proposes will be based on whether they have a chance for wide-scale deployment and on how costly they are, in terms of both money and how much end-users would be required to change how they use e-mail, Judge said.
The ASRG will hold its first meeting March 20th in San Francisco. Judge said he expects several hundred industry players to attend from different sectors of the Internet community.
