Feeds

Microsoft declares war on spam

Bill Gates' anti-spam manifesto dissected

  • alert
  • submit to reddit

Protecting against web application threats using SSL

Bill Gates yesterday pledged to step up Microsoft's efforts to fight rising spam nuisance which he described as a "pollution of the email ecosystem".

In a note sent out to subscribers of Microsofts's executive email newsletter, Chairman Gates sketches the problems posed by the spam tsunami and outlines the software giant's proposed solutions.

What do you give a man who's got everything? Spam!

In describing "spreading plague" of unsolicited commercial email, Gates even reveal a hitherto undetected flair for deadpan comedy. No really.

"Generally unwanted - and often pornographic or with fraudulent intent - spam is a nuisance and a distraction," Gates writes, warming us up for the punchline.

"Like almost everyone, I receive a lot of spam every day, much of it offering to help me get out of debt or get rich quick. It's ridiculous."

Quite.

Warming to his theme, Gates continues: "Spam is a drain on productivity, an increasingly costly waste of time and resources for Internet service providers and for businesses large and small. It clogs corporate networks, and is sometimes a vehicle for viruses that can cause serious damage."

We'd make a distinction between spam and mass mailing viruses but let's not quibble about semantics. Better too not to dwell on the irony that Outlook (or Lookout) remains the leading vector for the spread of mass mailing worms.

Think of the children

There are bigger problems. Think of the children, for instance.

Gates comments: "Spammers often prey on less sophisticated email users, including children, which can threaten their privacy and personal security. And as everyone struggles to sift spam out of their inboxes, valid messages are sometimes overlooked or deleted, which makes email less reliable as a channel for communication and legitimate e-commerce."

Kill or cure

So what is to be done?

Gates admits there is no easy fix but outlines the many ways Microsoft is working to reduce the problem.

The software giant has created an Anti-Spam Technology and Strategy Group which will apply research in fields such as machine learning to develop smarter spam filters.

"A smart filter can learn from a user's personal preferences to create a unique, anti-spam immune system that is much harder for spammers to work around," Gates explains.

This is just a continuation of the software giant's existing efforts, he says.

"Already, filters on the servers at MSN and Hotmail block more than 2.4 billion messages a day, before they ever reach our customers' inboxes."

Hotmail

Although the folks at Hotmail has reformed their attitude to spam, for instance by signing agreements to use Brightmail's spam blocking service, the service is still blighted by unsolicited commercial email. These days this is mainly due to dictionary attacks and the like but it would be remiss of us not to recall the days when anyone signing up for the service had their message listed on a Microsoft partner site by default. This made Hotmail addresses easy picking for bulk mail scumbags.

Gates outlines how MS spam-busting 'smart filters' (the latest Redmond buzz word) will be integrated into more products, particularly Outlook 2003 and Exchange 2003.

There's not much detail on this but one improvement we'd like to see is giving users the option of disabling the pre-viewing of HTML email in Outlook and Outlook Express. Such a move would greatly diminish spammers ability to probe for active email accounts.

Takedown

Moving on, Gates outlines Microsoft's procedures in identifying and shutting down spammers' attempts to set up and use fraudulent email accounts to send out their garbage. MSN is working with other ISPs, like Earthlink and AOL, to make this process more efficient.

Meanwhile Microsoft urges that using "automated searches to harvest addresses published on the Web and in Internet newsgroups should be banned", perhaps by legislation. Gates is a little vague on this point. This is forgivable, given that lawmakers are far from unanimous is realising an opt-in policy (which properly policed and enforced, is probably the right way to go).

Meanwhile, Microsoft deserves some credit for suing the most prolific spammers using existing laws. On June 16, Microsoft filed 15 lawsuits in the United States and the United Kingdom against companies and individuals alleged to be responsible for billions of spam messages sent in violation of state and federal laws.

Gates comments: "These efforts would be helped - and consumers would benefit - from legislation that would include clearer prohibitions against using misleading sender addresses and other false header information."

One man's spam is another man's processed meat

Here we get to the nub of Microsoft's concerns. Microsoft is in large part motivated in curbing spam because it feels the nuisance reduced the effectiveness of "legitimate commercial email".

"We favour the idea of setting up independent email trust authorities to establish and maintain commercial email guidelines, certify senders who follow the guidelines, and resolve customer disputes," Gates writes.

"Our proposal is to create a regulatory "safe harbor" status for senders who comply with guidelines. The guidelines would be subject to approval by the Federal Trade Commission. Compliance would be confirmed by a self-regulatory body. Senders who do not comply would have to insert an "ADV:" label, for advertisement, in the subject line of all unsolicited commercial e-mail," he adds.

If you think you've heard of this idea for "certified spam" before you'd be right; we think this is unlikely to improve matters.

In summing up we'd say that Microsoft has correctly identified the nature of the spam problem but there's plenty of scope to disagree with its proposed cures.

Bill concludes: "These and other efforts across many fronts should lead to a world where we are less troubled by spam. As less of it reaches recipients - and violators face stiffer sanctions for illegal activities - the financial incentives for spammers will decrease, and spamming will lose much of its appeal.

"At Microsoft, we're strongly committed to the goal of ending today's spam epidemic." ®

Related Stories

Microsoft takes 15 spammers to court
MPs hold public inquiry into spam
Open relay spam is 'dying out'
Spam makes kids feel 'uncomfortable and offended'
Return to sender, false address unknown
Why spammers lurve the 'Microsoft support' worm
Buffalo Spammer arrested
Anti-spam packages 'too unreliable' to certify
Web giants to declare war on spam
MS addresses Hotmail spam blizzard. At last
We hate Spam (email your friends)

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.