Internaut: Spam nearly at the tipping point of 50% of Net traffic

Shawn P. McCarthy

In the next few months, the Internet will reach a most regrettable milestone: Spam will amount to more than half of all e-mail traffic on any given day. It's now at nearly 40 percent and climbing fast.

Those statistics come from companies that sell antispam filters: Brightmail Inc. of San Francisco, the multinational MessageLabs and Postini Corp. of Redwood City, Calif. Each has issued warnings about increases in spam this summer. Reportedly, some corporate mail servers now waste more than 50 percent of their power fielding spam.

The jump has been driven in part by offshore contract spammers that send spiders to comb directories, message boards and Web sites to build databases of e-mail addresses. Then they use e-mail publishing tools on behalf of advertisers to reach millions of people for fractions of a cent each. The contract spammers spoof their return addresses to prevent counterattacks.

Federal e-mail servers aren't immune. Spammers don't care if an address ends in .com or .gov. They have sent me messages advertising e-mail addresses for '60,000 Military IMPAC Credit Card Holders,' for example.

Even citizens who support the First Amendment right to hawk stuff online must do a little soul-searching when the privilege is abused. Most of us believe in free speech, but if bullhorn-toting salesmen blocked traffic on every street corner, we would start setting limits.

Advertisers don't even care that most spam messages are never opened. If just one-hundredth of 1 percent of 10 million recipients respond to an e-mail blast, that's 1,000 sales leads for an advertiser.

Long-term solutions are sketchy, but combining several approaches might help. The House of Representatives last year began hearings on HR 1017, known as the Anti-Spamming Act, while the Senate considered S 630, known as 'Can Spam.'

Both bills languished but could be resurrected with some grassroots support.
More than 20 states have antispam laws, some imposing substantial fines. AOL Inc. and EarthLink Inc. have successfully sued spammers. But it takes time and money to enforce such laws internationally.

Internet providers working together can share legal costs, and the federal government'itself a huge provider'could join in by working with state attorneys general until a federal law is in place. And they shouldn't just pursue the spammers'they should also prosecute the businesses that hire them to blast messages.

Antispam software analyzes mail coming into a server to screen out most junk. The rules can be adjusted locally to deal with specific problems. Some spam filter vendors sell associated products to shield mail directories from bots that attempt to connect and read the stored addresses.

Agencies that have posted employee address lists on Web pages and message boards should take them down. Consider making your agency e-mail address an image instead of text. And stop using those mailto:links. They can be read automatically.

On message boards, fudge your address with extra characters or spaces so that a person can figure out the real address, but a bot can't. Some people just add the word blockspam to the middle of their addresses.

The Internet Protocol has always been tolerant of data packets that appear anywhere. If a packet has a destination address, it will get delivered even if it came from an unknown address. That should change.

Take away a spammer's ability to spoof, and you are a step closer to catching him. Internet providers should read an excellent best-practices paper, at, that was written in 1999 but still has relevant advice.

Shawn P. McCarthy designs products for a Web search engine provider. E-mail him at [email protected].

About the Author

Shawn McCarthy, a former writer for GCN, is senior analyst and program manager for government IT opportunities at IDC.


  • automated processes (Nikolay Klimenko/

    How the Army’s DORA bot cuts manual work for contracting professionals

    Thanks to robotic process automation, the time it takes Army contracting professionals to determine whether prospective vendors should receive a contract has been cut from an hour to just five minutes.

  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

Stay Connected