SILENCING SPAM:
How to Deal With Unsolicited Bulk E-Mail

Here in the humble offices of Oncology Net Guide, we have always been pleased at the amount of concern that Internet denizens show for our welfare. Why, in the last 24 hours alone, we have received valuable offers promising to relieve our collective hair loss, show us career options with “well-off potential,” help us to appear 21 again, and enable us to “find information on anyone.” We’ve also been granted the once-in-a-lifetime opportunities to receive “no repay cash grants,” obtain a diploma without those pesky classes, and catch a glimpse of the activities of “out of control cheerleaders.”

All of this selfless solicitousness has warmed our hearts on many an occasion in the past, so you can imagine our outright shock—yea, even our despair—when we learned that these offers had been sent to others. Many of these others, we were surprised to learn, did not wish to receive these pearls of wisdom, information, and possibility. As a public service, we therefore offer the following guide to limiting or eliminating such unwelcome intrusions into the e-mail inbox.

Defining the Issue

Unsolicited bulk e-mail (UBE), defined for our purposes as any e-mail sent to a large group of recipients who have not requested the mailing, has been one of the most significant problems with the Internet since the practice took off around 1997. UBE is more frequently called “spam,” after the tasty Hormel meat-in-a-can concoction that is similarly devoid of valuable content, and is almost universally loathed by Internet users the world over.

Why, then, has spam continued to flourish? The answer is rooted in the same basic human emotion at the source of most societal problems: greed. Consider the close, somewhat more venerable, relatives of the e-mail spammer: telephone and direct mail marketers. Like the spammer, both of these entities peddle a service, product, or message to consumers. However, using direct mail for such marketing requires significant incremental investments in postage, envelopes, and printing; telephone marketing also incurs substantial expense.

E-mail spam, by contrast, involves little or no incremental cost. There is an overhead investment, of course, but once an e-mail is created it costs the same—and takes roughly the same amount of time—to send the message to millions as it would to send it to dozens. This allows e-mail spammers to reach a markedly larger target audience. If a spammer sends a marketing e-mail to twenty million individuals, and gets a response rate of just one tenth of one percent, he or she still recoups the initial investment many times over.

Common uses of spam include religious proselytizing, political advocacy, chain letters, and a wide variety of marketing efforts, including but not limited to pyramid schemes, ads for pornographic websites, and ads for questionable or fraudulent health products. Although many of the spam-silencing strategies outlined below are applicable to all forms of spam, legal recourses are limited mostly to the last category, those e-mails aimed at selling a product or service (called unsolicited commercial e-mails or UCE). The First Amendment prohibits legislative curbs to the freedom of speech. The US Supreme Court has held that marketing communications—those aimed at selling something—are subject on limitations on this freedom. However, the legal issues surrounding communications related to, for example, the wonders of a political candidate, are much murkier.

You Call This a Problem?

There are those who argue that spam is not a problem at all, but rather a useful, albeit irritating, marketing tool. Groups and individuals seeking to eliminate or restrict spam are greeted with derisive comments, often along the lines of “What’s the big deal? Just delete it!” The motivations of those making such comments may vary widely, from craven self-interest to a simple lack of information, but the bottom line is this: it is a big deal, and you can’t just delete it (well, you can, but it’s no solution). Why? Well, let’s take this one step at a time.

According to the Coalition Against Unsolicited Commercial E-mail (CAUCE; www.cause.org), a watchdog organization with a purpose you can probably divine from its name, the first major problem with UCE is what the group calls “cost shifting.” To wit, CAUCE maintains, the cost burden of sending an advertisement ought to be placed on the sender, not on the recipient. However, with spam e-mail, the cost burden incurred by the sender is almost literally nothing. The recipient, however, must pay, in a variety of ways. First, users of dialup services such as AOL often pay for Internet service on a per-hour basis; reading UCE is therefore a direct expense for such users.

But wait, you’re saying, I have a cable modem and my online time is unlimited. Unfortunately, your Internet Service Provider (ISP) still has to process all of the e-mails that you receive. This can be a lot of processing; AOL estimates that roughly 30% of all e-mails received by its users are UCE. Without spam, when the volume of incoming mail increases, typically it is because more users are signed up to the ISP, meaning more revenue that can be used to expand bandwidth. However, when floods of spam increase the mail processing server’s workload without a corresponding jump in cash influx, the ISP is left with only three options: (1) eat the costs of increasing bandwidth, a wholly unsatisfying option to any decent businessperson; (2) let customers cope with the inevitable slowdown as the server struggles to process incoming mail; or (3) pass the expense on to the user in the form of increasing rates.

A second problem with UCE is that it can cause problems with normal e-mail. Most mail services have a limit to the number of e-mail messages that can be stored at any one time; incoming mails that would place the inbox over this limit are usually bounced back to the sender. If huge quantities of spam are flowing into your mailbox daily, important messages —perhaps from a patient or colleague—might never reach your eyes.

The Single Most Important Problem

In the long-term, however, the biggest problem with spam email is this: it reduces the overall efficiency of e-mail as a tool. When a physician opens his or her e-mailbox to find a cavalcade of pornographic invitations, he or she is less likely to think of e-mail as a “serious” communications option. If important e-mails are lost because spam clogs the way, that same physician will not think of e-mail as a reliable communications option. In his testimony on the subject of spam e-mail before the US Senate, Dr. Jason Catlett of Junkbusters (www.junkbusters.com) stated, “The failure to control spam is the greatest economic tragedy of the Internet age. As e-mail marketing becomes synonymous with spam—a tragedy because this is unnecessary and avoidable—many consumers are deciding simply not to participate.”

WHAT NOT TO DO

We’ve covered the best strategies for reducing or eliminating the spam in your inbox; below you’ll find three things you should never do, under any circumstances, in response to an unsolicited commercial e-mail.

Never Click Anything: Some UCE will feature a link coded directly into the e-mail, asking you to click the link in order to be removed from the mailing list. Do not click this link, or for that matter anything clickable. Just keep your clicking to yourself; accessing any link in a spam e-mail will simply confirm the viability of your e-mail address, leading to an increase in the overall amount of UCE that you receive.

Never Reply: Similarly, resist the urge to hit “reply” and compose a strongly worded letter, or angry rant, or polite request to knock it off already, to the author of the spam. As above, this will confirm that your address is indeed active, and net you an increase of spam. Also, remember that spammers often route their offal through unsuspecting and innocent third party sites. If you—and hundreds of justifiably irritated recipients like you—reply directly, your replies will flood that innocent site, possibly crashing it or doing irreparable harm.

Never Strike Back: The more computer savvy among our readers might be sorely tempted to resort to Internet-based attacks—mail bombing, viruses, and the like—to get some measure of revenge on the spammer. Don’t do it. For one thing, it’s illegal, and while you probably won’t receive any spam during your stay at Sing Sing, it’s probably not worth it. Meanwhile, as noted above, the victim of your attack might well be one of those innocent third party sites.

What Can You Do?

Your first goal is certainly going to be to reduce the amount of UCE that you, personally, receive. There are many ways to go about this.

Almost every e-mail provider incorporates some form of junk mail filtration that you can customize or turn on. Hotmail (www.hotmail.com), for instance, has three levels of filtration; at lower levels, the system culls out messages with suspect origins or subject lines, while at higher levels, only messages from senders listed in your Hotmail address book will be delivered to you. Filtration has its limits, of course. The highest level of security permitted by Hotmail can be somewhat inconvenient; it will prevent any junk mail from landing in your inbox, but it will also filter out e-mails from friends with new addresses, old friends not in your address book, and other legitimate contacts.

Unfortunately, purveyors of spam e-mail are rather like cockroaches; they are impossible to eliminate and they evolve at extraordinary speeds in response to a threat. Many use subject lines designed to trick the filter system—and you— into allowing the UCE in and opening it (a favorite tactic is employing the “Re:” tag understood to indicate a reply; an email with the subject line “RE: Your Request” will make it through all but the most stringent filters and will even be opened with surprising frequency even if the recipient hasn’t made any sort of request recently).

In short, filters are a nice start, but are unlikely to eliminate spam from your inbox completely or permanently. Fortunately, you have other options.

Hide Your Address!

The easiest way to stop spam from reaching your iInbox is to keep your address out of the hands of the people who would send it to you. There is no foolproof way to do this, but if you take the advice below, you are likely to notice a marked reduction in the amount of spam you receive.

Foiling the Robots: Many spammers use automated programs called “harvesters” that explore the Web and pick up e-mail addresses wherever they can be found. For this reason, it’s best not to display your e-mail address prominently on any Web page. Harvesters often look for hyperlinked text, so you should be careful about including a link that users can click to e-mail you. If you must give out your e-mail address, make sure it’s not hyperlinked; this will force users to cut and paste your address into their mail program, but can help foil the harvesters.

Dare to Be Different: Some spammers engage in what is called “dictionary” spamming, testing common combinations of letters (including common last names and first names/initials in various orders). To defeat this, keep your e-mail address somewhat unusual, and include numeric characters where possible.

Don’t Be In the Book: Many ISPs, notably AOL, and some Web pages or message boards, have a “member directory” in which users and participants can list their e-mail address. Don’t do this. Harvesters positively feast on member directories.

I’m Telling!

Traditionally, Internet Service Providers take a dim view of their customers engaging in spam e-mail campaigns; many ISPs even have specific proscriptions against them. Consequently, one effective way to eliminate spam from a particular source is to report that source to his or her ISP.

Reporting a spammer is generally a three-step process. The first step is to identify the source of the UCE coming your way, which is not always as easy as it appears. Whatever other unsavory qualities they may possess, spammers are not fools; they know that most people don’t want to receive UCE, so they take pains to disguise it. One method of accomplishing this involves routing outgoing e-mail through one or more innocent, third-party mail servers en route to its eventual destination. This means that the nominal “sender” of a UCE may not be the true sender.

Visit www.internetprivacyfordummies.com for a nontechnical explanation of how you can go about tracking your spammer. You’ll also want to be sure that the mailing qualifies as spam; www.claws-and-paws.com/spam-1/tracking.htmlfeatures a thorough discussion on this question.

One of the most popular and widely used spam reporting services available online is Spam Cop (www.spamcop.net), which features a text box into which you enter the full headers and text of a spam e-mail. Spam Cop will do the rest, reporting the violation to the spammer’s ISP. Alternately, you could identify the ISP and contact it directly; both websites listed above offer tips on making such a report.

I’m Telling – Part 2

While spam e-mail is not illegal nationwide, certain kinds of communications are not permitted by law, and should be reported when received. For example, UCE advertising fraudulent products may be reported to the Federal Trade Commission at uce@ftc.gov; the FDA will also be interested in UCE advertising unapproved medical products. The good folks at the US Securities and Exchange Commission would like to hear from you about any spam you receive related to the purchase or sale of stock, and can be reached at enforcement@sec.gov. Child pornography is always illegal and should be reported to the FBI.

Legal Methods

In the children’s classic The Phantom Tollbooth, protagonist Milo is distracted from another goal when he is asked to perform a minor task—transferring a pile of sand from one spot to another, using tweezers. In many ways, the measures already discussed are similar; you may be able to eliminate individual spammers, and reduce the overall amount of UCE that you receive, but should consumers really be required to expend this kind of effort every time something shows up in an inbox?

An increasing number of consumers believe the answer to be “no.” Aggressive lobbying by groups such as CAUCE and Junkbusters has created a demand for federal-level legislation that would outlaw—or at least drastically restrict—unsolicited commercial e-mail. These organizations have as their Holy Grail legislation based on US Title 47, Chapter 5 (Subchapter 2), Part I, Section 227, which makes unsolicited commercial faxes illegal under any circumstances, and grants the recipient of such faxes the right to sue for damages (including punitive damages). The full text of this law may be found at http://www4.law.cor nell.edu/uscode/47/227.html.

Purveyors of unsolicited advertisements of all types have invoked the First Amendment as a protection against such legislation, but this argument has been struck down by courts across the land, including the Supreme Court. As the Court maintained in Turner Broadcasting vs. FCC, “[They] have come to court not because their freedom of speech is seriously threatened but because their profits are; to dress up their complaints in First Amendment garb demeans the principles for which the First Amendment stands and the protections it was designed to afford.” More succinctly, read the majority decision in the aforementioned Rowan vs. Post Office, “the right of a mailer stops at the outer boundary of every person’s domain.”

Surely, argue groups like CAUCE and Junkbusters, the definition of “domain” ought to encompass that corner of cyberspace— the e-mail inbox—that a person purchases and claims as his or her own. Their efforts at legislative advocacy have met with partial success. In July 2000, the House of Representatives passed by a margin of 427-1 a bill that would have outlawed forged headers, forced senders of UCE to provide an address at which they can be reached and honor requests to cease sending, and allowed ISPs to outlaw spamming altogether. Violators would have been subject both to FTC fines and to private legal action from aggrieved recipients or ISPs.

This bill languished in the Senate. That body is currently mulling S.877, known as the Burns-Wyden CAN SPAM Act, which would set up a nationwide “opt-out” list, similar to the telemarketing “do not call” lists. However, CAUCE, and several other similar groups, have come out strongly against this legislation. They argue that forcing consumers to send an e-mail to opt-out of each list places an unfair burden on those consumers, and that requiring opt-in (ie, outlawing UCE altogether) is the best solution. Furthermore, S.877 offers no provision for private right of action against spammers who violate the law. For the text of Junkbusters CEO Dr. Jason Catlett’s remarks before the Senate, visit www.junkbusters.com/testimony.html.

The Best Solution

If you are concerned about the problem of spam e-mail—and, after reading this article, we hope that you are—you can get politically involved by contacting your local representatives and urging them to amend Title 47 to apply to e-mail communications (or to pass new legislation to the same effect). You can also visit the CAUCE and Junkbusters sites to find out more about their advocacy efforts.

Most important of all, however, is this seemingly obvious bit of advice. Spam e-mail exists for one reason. Someone, somewhere, is buying the products it’s being used to sell. If no one, anywhere, ever, made a purchase based on an unsolicited e-mail, the practice would dry up quickly. The best way to stop spam is never to support it, not even “just this once,” and no matter how attractive the product or offer. ¦