Spam & Spam Filters - The Death of Email

If something radical and fair is not done to fight it, the enormous Spam Storm that now rages throughout the Internet could spell death to email as a useable means of personal communication. [PDF]

The Way It Was

In the early days of the Internet, email was a Godsend. You could communicate without encumbrance with friends and colleagues anywhere in the world instantly and effortlessly. You could attach files to your emails containing documents, photographs, diagrams, data and even programs. There was no fear of viruses then.

If you wanted to find any information on any given subject - or even on a product or service - you just emailed a search engine and a little later it returned a list of web addresses in order of relevance without any commercial bias or weighting.

Traditionally, one simply did not send unsolicited commercial emails. It was seriously frowned upon and likely to get you shunned by the Internet community. An introductory email was fine. But one never pestered.

This way of working was called pull. You, the enquirer, were the one who took the initiative to go out into Cyberworld and look for whatever you wanted to find. You pulled information towards you. It was simple and effective.

Invasion of Commerce

But then the eyes of greed were turned upon the Internet. Commerce saw a new land of milk and honey it could exploit, corrupt and pollute. The whole architecture of the Internet had been designed to be a completely open means of communication. The technology did not lend itself easily to the protective and cagey methodologies of commerce.

I remember that for ages in the computer industry press the 'experts' were racking their brains to think how to turn the Internet's pull methodology into the push methodology of so-called free-market commerce.

Push is the term they used for the way commerce works. Push means that whether you want a product or not at the moment, you get continual advertising rammed down your throat every day about every last possible product or service you may not want, may never want and which may never be appropriate to you anyway. That way, the world of commerce thinks, the moment you may have a use for any product or service, the ones utmost in your mind will be those who pestered you the most. But you are the one who has your time and mental energy continually sapped and wasted sifting out their everlasting torrent of rubbish from your relevant thoughts.

Birth of Commercial Spam

So vast corporate web spiders combed the web for email addresses and accumulated them into enormous databases. Then they set up automatic mailers to spam and spam and spam the hell out of those addresses, causing their hapless recipients to have to waste hours of their time desperately trying to sift out genuine personal emails from all the excrement that was deposited in their mailboxes every day. Think of the personal lost time these commercial spammers cost the economy.

Later, they greatly increased the sizes of their mailing lists by capturing people's email addresses on web sites and categorising them according to which products they could best try to pester them to buy. You must have innocently given your email address at a web site after being enticed to gain access to 'the next level'.

People of course complained. The technical among us put thinking caps on to find a solution. That solution was to set email servers to automatically block emails from offending sources. That worked, but not for long.

The Spammers Hit Back

The way the commercial spammers overcame this was to recruit thousands - probably millions - of gullible individuals to send out spam on their behalf with a promise of vast easy profits working from home. This heralded the Spam Storm that hit the Internet in the summer of 2003.

It proved impossible to block these spam emails because it would mean blocking hundreds - if not thousands - of individual email addresses every day. So here I am, sifting through about 50 emails a day trying to sell me pills to make my private parts bigger and better, help me lose weight and get lower mortgage interest rates. It matters not that I have no use for any of these products and could not buy them anyway because they all emanate from the United States where I have no means of paying for them. They are just a thorough and detestable nuisance.

Roll of Dishonour

One possible way of fighting back that I thought of and was intending to implement was to set up a web page listing all the individuals who sent me spam emails as a universal Roll of Dishonour. But then something happened that changed my mind.

One day I received a spam email offering me an easy way to enlarge a certain external organ of my male body. I receive hundreds of these a week. Everybody must receive them. Even female friends of mine (whose email handles do not belie their gender) receive them. But the stark discovery was that it purported to be from me. It was addressed to somebody else at the same ISP, copy (CC) to a lot of other people including me.

Needless to say, I was incensed. I dived into the source code to see what was behind all this. I quickly translated lots of HEX code to reveal the email's convoluted route around the Internet and the person from whom it seemed to originate. His 'name' was Johnny. He was on a Unix machine. I have his full details. But I as an individual have no power to do anything about him since his server was in the United States.

This meant that a lot of the people whose email addresses appear in the FROM field of a spam email probably know nothing about it. The spammers are simply harvesting email addresses from the Web and using them as the unwilling and innocent supposed originators of the spam.

A Roll of Dishonour web page would therefore be unfair and defamatory.

Of course, I could put the names of the companies and their products on a Roll of Dishonour web page. But I am sure that their names are well and truly hated by almost all recipients of their spam.

An Unfortunate Consequence

The unfortunate upshot of this latter practice is that emails from innocent individuals are now getting blocked by ISPs. For example, a very dear friend of mine can no longer email me at my AOL email address. She has been blocked. Now, I think she would be one of the last people on Earth to engage in spamming. She has a successful career in which she is making lots of honest money and has no time or inclination to send spam. Yet AOL has blocked her.

Perhaps her email address has been hi-jacked and used by a spammer. Or perhaps she is an innocent victim of AOL's own spam reporting facility. Suppose somebody who received an ordinary personal email from her hit the AOL report spam link while viewing her email? They may do it maliciously. Or they may even click it accidentally or impulsively as they are working as rapidly as possible to purge the morning spam from their inbox. Result: all AOL users are now off-limits. She cannot communicate with them. She and I now have to communicate through a mail box I have with another ISP - a mailbox I keep 'unprotected' for that very reason.

Now, being inundated with spam is one thing: but having legitimate emails from friends and colleagues barred from your mailbox is in my opinion far more of an encumbrance. Friends, colleagues and other legitimate contacts may think you are just ignoring them. It means that you cannot be reached by a means of communication upon which society now expects one to be reachable.

Blacklisting The Innocent

I have had my email address since April 1998. I have never sent any spam or junk emails in my life. Neither has anybody else ever used my mail address to originate emails of any kind. I never send or forward emails via a mailing list. I avoid keeping a mailing list for reason that it could possibly be hijacked. I get email addresses for my correspondents from people directly or from their web sites. Usually, however, I simply use the reply function of my email client to reply to what I receive. Otherwise I write to people who invite response. I only write to people who invite responses on the subjects for which they invite responses. I have never sent any email for commercial purposes.

Notwithstanding, I am now having to account to people for why they have not received replies from me, which is very embarrassing and possibly more disruptive than spam email itself. The reason apparently is that my email address has now been blacklisted by a so-called spam protector known as blacklist.netcore.co.in. I think it is a product of a company called Netcore, which I think is based in India.

More recently, I have also been blacklisted by another irresponsible know-it-all enterprise called Spamhaus, which prevents me communicating by email with those of my friends in the UK who unfortunately have British Telecom email addresses. It also means that, as an ex-pat, I am unable to reply to emails sent to me by the British Foreign Office. Rather, I can reply to them but the Foreign Office's email system refuses to accept them. Thus I am reduced to having to reply to them by surface mail, which can take over a month to get there. Doubly problematic when the Foreign Office stipulates a reply deadline which, while being very reasonable for email, is unattainable by surface mail.

It should be noted that the cheeky response, which the rejecting email service kicks back at me, actually mentions my name, saying falsely that I am a source of email spam. The relevant record on the Spamhaus website also mentions my name. That I think constitutes a tort of defamation against me personally, although, as a lone individual living on a basic pension, I am financially powerless to do anything about that.

I complained to Spamhaus. Strangely, the Spamhaus mail server accepted my email and I received a human reply. Spamhaus's excuse for wrongly blacklisting me is that my email account [which I pay for] is within the same IP address domain as a number of serious spammers, and that the Spamhaus domain reputation system is not built to distinguish between individual email addresses within the same IP address domain.

Sounds like a Vietnam carpet bombing approach. Who cares if we collaterally genecide millions of innocents so long as we get the bad guys. I declare this to be unacceptable. I also declare the use of such anti-spam mechanisms by ISPs and governments to be unacceptable. An individual member of the public, who is using a public ISP service, is a legally separate person and has no interdependence of responsibility with other users of the ISP. My contract with my ISP is simply to provide me with an email service, independently of anybody else who may also be using that same ISP's service. I have no contract or any other relationship with any of them. Spamhaus's approach to hitting spammers is like a Judge hanging everybody who was within the vicinity of a murder to make sure the actual murderer got hanged. My message to Spamhaus and their ilk is simply: if you can't do the job properly, don't do it. If your analytical programs cannot discern legally separate individuals, either find some way of doing so or cease and desist.

My mailbox address has been current for a very long time and has been published widely within my global on-line community. Consequently, many people all over the world know that is where they can reach me. It is not therefore feasible to change it.

I have experienced personally, and heard of, cases where organisations who send out spam emails substitute the email addresses of innocent people in the FROM fields of their spam emails. And as I have said, I have even received spam emails purporting to come from myself. I have traced IP addresses of originators of "my" spam emails to university campuses in both the United States and Japan.

Examining the MIME of some of my returned bone fide emails it appears that my emails are rejected because blacklist.netcore.co.in and Spamhaus reject all emails originating from my ISP. This, in my opinion is both rash and irresponsible. My ISP is a very large provider and consequently hosts thousands of completely indep­endent individuals and organizations. One of the communities [at the time of writing] using the Netcore blacklist facility is the Open Source community for the Ubuntu Linux operating system. Consequently, despite my great interest in Ubuntu, I am now unable to communicate by email with this community and hence I am unable to participate therein.

Something Must Be Done

Fine. We all know that those who send spam emails and the companies whose products they push are undesirable elements we all wish would just disappear. They are nothing but a thoroughly disgraceful nuisance. Email was never designed to be or intended to be a means of commercial promotion. I am sure that with the majority of us, these undesirables will gain the voluminous negative publicity they well deserve.

Nevertheless, unless something is done to eradicate spam from the Internet by a means that does not cull innocent emails from innocent people, then email as a means of communication will die. We will once again be writing letters on paper. Maybe that's a good thing!


© Aug 2003 Robert John Morton [re-edited Oct 2006, June 2018]
Blog about IP Reputation