After some recent problems for myself and friends of mine, I need to add my voice to a growing feeling in the world that the ‘cure’ for spam may be doing as much, if not more damage than the spam itself.
Of course, we all hate spam. I am a horror writer, and therefore usually a gentle and mild soul – but I also will cheerfully admit to the things I would do to spammers, if I found myself confronting one down a dark alley. Many other people feel the same. But would you want to beat up their families? Would you want to sanction the entire town a person lives in, just because of a dubious rumour that this person has sent a few spam emails? Those tactics are reminiscent of wars a thousand years ago and mercifully humans have progressed a bit since then – well, sort of. Sometimes. And yet, in a way these are equivalent to the tactics of the supposed fighters against spam, that are slung at us every day in cyberspace. Why we put up with it, I don’t know.
The problem is the so-called blacklists. They work by attempting to create a blacklist of spam sources, which can then be used to filter out the spam email. I use them myself in my mail software, which flags the messages that it thinks are spam so I can delete them quickly and easily – if I want to. It does NOT delete them automatically, and thank goodness for that because I have been noticing a worrying phenomenon. Simply that most of the legitimate addresses that I receive mail from – friends, newsletters from websites or small businesses that I am interested in etc – have ended up flagged as blacklisted at one point or another. Fortunately, it makes no difference to me since I am doing it by hand and can just ignore it. But even so – that makes me uneasy. There is no doubt that these so-called blacklists are doing a very good job of catching innocent messages. And the reasons for this can be quite disturbing. It appears that it is not just a simple matter of seeing an email address doing something naughty and blacklisting that email address. Innocent messages that have some element that trip the system are treated exactly like spam. Maybe you sent it to a few people at once. Or maybe it just ‘looks’ like an unwanted ad and trips the content and word filters. Either way, it is quickly removed. Worse still, it appears that they will quite happily blacklist entire servers because of suspected ‘spam’ activity, which can affect hundreds of ordinary web users. [1] There have also been cases of actual abuse of the system in the form of vindictive reporting of innocent victims to the blacklists. [2] More suspicious still, there have even been some so-called blacklists that allow you to pay to have your email address removed after they have got their grimy paws on it. Blackmail by any other name . . .
According to Margie Arbon of the Mail Abuse Prevention System, “Blacklists are a decision by the owner of the equipment. They are trying to defend their property.” [1] Unfortunately that appears to be largely nonsense. Of course, I am quite happy letting the blacklists interact with my software, provided I can see what they are doing. But in the confusing world of email and the vast flood of spam these days, it is easy to imagine people implementing these systems set to ‘delete’ without knowing the consequences to genuine email – and who can blame them? And another, far more serious problem is that these days, email is a whole nest of filters all the way down the line – “for our own good” of course. ISPs, email hosts and others all seem to have filters that the message has to go through to get to its destination, all trying to recognise spam in various ways and reduce this spam plague. One would hope that these filters are more sensible than the flawed blacklists – but it appears not always. But is that so surprising? This whole thing is an automated system that is basically trying to detect something as subtle as whether a person ‘wants’ to receive a thing or not – which sounds far too close to impossible for that system ever to be relied upon unsupervised. In my own and my friend’s experience, there are a suspicious number of messages that never seem to get through to the recipients, or even get overtly bounced back owing to ‘blacklisting’. It seems to be turning what could be a remarkably effective communication tool into a singularly unreliable one just as much as the spam itself is, which continues to arrive no matter what measures are taken.
A point to remember is that the spammers are clever. THEY know how to circumvent blacklist technology and aim their emails and all the blacklists in the world don’t seem to prevent the steady stream of spam flowing into our inboxes. Big companies are also clever – they can afford to employ advanced technology and to strike ‘bargains’ to get their messages (legitimate newsletters etc) through. Ordinary people are also not much affected by these no-brain strong-arm tactics – personal messages are largely below the anti-spam radar. It is the small business that really suffers from this.
Case study: A friend of mine has a small business selling thundereggs – polishing them and then selling them to collectors. Like anyone in such a position, he has a circle of people (me among them) who eagerly await his emails announcing that there are some more thundereggs available, so we pop over to the website and first come first served! And yet somehow, this system fell foul of the spamhaus blacklist, which caused chaos for a while. It was possibly due to a blacklisting of the entire host, which absolves my friend from any ‘blame’ (which of course he never had anyway) but only puts the matter into a worse and more stupid light. This is indeed analogous to stopping mail from an entire small town because you have a vague suspicion that someone there sent something naughty!
I myself have fallen foul of Spamhause with Eibonvale press in the same way – and had reason to curse their name in the same way. I thought at first that it was due to the incredibly shocking activity of actually telling people I released a book, but it appears to also be because my entire server got blacklisted. The result of that was that I had no idea who received my messages and who didn’t and had to run the risk of sending out duplicates. And I am not talking newsletters or anything – I don’t HAVE a newsletter. I am talking ordinary business communication to shops who stock Eibonvale books etc.
I went to the spamhause website, only to be confronted by some of the most incomprehensible computer lingo I have ever had to deal with and no obvious way to fix the problem. Along with a general attitude of “well you should know better than to ********” – well, no I bloody shouldn’t! I am a publisher, not a computer technician. I consider myself relatively computer literate – I have built my own PC and run my own clutch of websites. But I am a busy man – I haven’t TIME to take a degree in email server technology and filtering systems so I can make sure I have designed my email in the precise and only way that will get them through the email filters ok.
In case people have forgotten, email is about talking to people. In case people have forgotten, a small business is about selling things to people in a small way. In case people have forgotten, selling things to people means TELLING people about those things sometimes – without spending over £100 a year on sophisticated 3rd party newsletter companies who know the ropes.
The fact that so many ordinary people are being inconvenienced by these email filtering technologies says that there is something wrong with them. But people still blindly rely on the blacklists – or are forced to rely on them. To let automated systems they cannot even control decide what they see and what they don’t. Of course, genuine spammers should be publicly birched on prime-time TV – but even so, where do you draw the line in this fight? Is it ok to mess around ordinary businesses – like thunderegg hobbyists – in order to give the true spammers just one more thing to find a way around? Fortunately people just seem to be waking up to the fact that spam filtering is far from a failsafe solution. Indeed, there are even thoughts that it might represent “irresponsible censorship” and an illegal interference in business practices. [1]
Why does spam exist? Presumably because if, out of a million spam messages sent, just one person, somewhere, is dumb enough to click on it and buy ‘Viagra’ or a suspicious college degree, then it has succeeded. And is that going to be a constant, I wonder? Since spam seems to be thriving and flooding into my inbox as strongly as ever in spite of all the anti-spam rage and publicity that floods the world (and in spite of all the blacklists and filters), then I can only conclude that it is. So no one is saying ‘give up the fight on spam’. Simply that it needs to be done responsibly and without causing harm – neither of which is the case at the moment. That blacklists cannot be allowed to operate in secretive, unaccountable and confusing ways. Blacklists can be useful – but only when used and run responsibly. Not blindly deleting all your hobby emails. And not imposed on us by the powers that be.
Sources:
[1] – http://management.silicon.com/government/0,39024677,10003993,00.htm?r=2
[2] – http://www.auctionbytes.com/cab/abu/y202/m12/abu0085/s04
