MIT Spam Conference looks beyond filters
Leading researchers into spam e-mail, along with some of its victims, gathered on the campus of the Massachusetts Institute of Technology (MIT) last week for the second annual MIT Spam Conference.
While last year's event provided a forum for those championing the use of spam filters to stop unwanted e-mail solicitations, the 2004 Spam Conference was notable for discussions of a whole spectrum of spam-fighting tools, from the use of authentication to verify e-mail senders, to lawsuits that target individual spammers.
Bayesian filters, which identify spam by assigning statistical probabilities to message content, were again a focus of discussion at the conference. The filters have made it much harder for spammers to get messages through to users, but they have not stemmed the tide of spam, according to interviews with conference attendees.
Despite the wide use of spam filters, 70 percent of the e-mail messages received by Microsoft Corp.'s Hotmail Web-based e-mail service are spam messages, according to Geoff Hulten, a spam researcher for Microsoft.
"The Bayesian solution is useful, but it just sweeps the spam problem under the rug. The spam is still there clogging up your system," said Keith Ivey of Smokescreen Consulting in Washington, D.C.
Researchers discussed ways to improve the performance and accuracy of Bayesian filters, such as deploying them on servers rather than on e-mail clients.
However, just as much discussion was given to other techniques that could be used in conjunction with filters, or in place of them.
Speaking on the topic of suing spammers, John Praed of the Internet Law Group said that spam filter writers needed to work in conjunction with law enforcement to help build cases and bring legal action against spammers.
E-mail providers and law enforcement must also be more savvy about using existing laws to stop activities that support spammers, such as e-mail harvesting from Web pages, said Matthew Prince, cofounder of UnSpam LLC.
E-mail providers can include language on Web pages that makes address harvesting and other activities illegal. Such technologically simple steps would help cast spammer activities like address harvesting in terms that courts understand, such as "breach of contract," he said.
Providers could even use provisions of the Digital Millennium Copyright Act (DMCA) to go after spammers by declaring e-mail addresses trade secrets, Prince suggested, drawing groans from many in the audience.
More than one speaker touched on the need to better secure e-mail exchanges, making it harder for spammers to use faked (or "spoofed") e-mail addresses to circumvent antispam technology.
Representatives from Yahoo Inc. were also in attendance to talk about that company's support for user authentication to fight spam.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
