Feeds

The conspiracy against our in-boxes

Why trusted bulk email is an oxymoron

  • alert
  • submit to reddit

The Power of One eBook: Top reasons to choose HP BladeSystem

Opinion Powerful forces in the IT industry and government are coming together to redefine unsolicited bulk email from mainstream organisations as legitimate, irrespective of whether the sender wants to receive it. Ultimately this move could even result in lawsuits against anti-spam developers by the Direct Marketing Association and its cronies.

Sounds paranoid? Read on, gentle reader.

Through parallel developments, the US government and IT heavyweights are working to redefine spam as fraudulent - and not just unwanted - bulk email.

This month the US Senate voted unanimously to support measures that would attempt to stop spammers remaining anonymous and providing false return email addresses. All well and good, but the measures also legalise opt-out spamming, so e-marketers don't need to ask permission before sending out commercial email.

UK politicians attempted to persuade the Senate that the US should adopt a more restrictive opt-in approach. They failed. Call us cynical, but comments from members of the All Party Parliamentary Internet Group that identical legislation on both sides of the Atlantic is not needed simply do not ring true.

Meanwhile we learn, via the Washington Post, that Microsoft, America Online, Yahoo and EarthLink are close to the completion of their trusted sender programme.

The project, set up in April this year, will allow "legitimate senders of emails to distinguish themselves from spammers," according to Harry Katz, a Microsoft program manager.

Last month, the Network Advertising Initiative announced a plan (called Project Lumos) to "certify email and to electronically measure the reputations of bulk mailers".

The aim of both schemes is to adapt email systems so that they recognise "good unsolicited bulk email" from fraudulent spam and discard only the latter.

ISPs would adjust their systems to block bulk email which omits certification that it comes from a bulk mailer. The bulk emailer would voluntarily agree to abide by a code of conduct.

Trusted spam – no thanks

We don't buy the idea that e-marketing groups are concerned about the nuisance value and time wasted dealing with unsolicited messages - if they did they would support the opt-in approach.

With opt-in, e-marketers need to seek permission of consumers before they send out commercial emails. By contrast, under an opt-out approach a person would have to ask to be removed from a particular mailing list. The latter more lax approach is favoured by the Direct Marketing Association and many of the most prolific bulk mailers currently in operation.

Instead their primary concern is that fear of fraud has a big effect on response levels to commercial mail.

Assuming that the trusted sender programme does what it says on the tin (a big question in itself) particularly given the resourcefulness of Dark Side spammers - then what next?

We fear they'll start to focus on why spam filters block these legitimate "marketing messages" from "trusted senders" from getting through to their intended recipients.

From there it's only a short step to restraint of trade lawsuits against filtering technology suppliers. Maybe it won’t come to this, but we’re heading for in-box meltdown so long as the interests of the Direct Marketing Association hold more sway than those of the consumer. ®

Related Stories

Web giants to declare war on spam
Microsoft declares war on spam
Trust me, I'm a spam message!
We hate Spam (email your friends)
US anti-spam laws 'will legalise spam'
US should follow EU lead on spam - MPs
MPs head to US on anti spam mission
UK Govt fouls up anti-spam plans, say experts
MP unleashes brilliant anti-spam plan

Designing a Defense for Mobile Applications

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.