Messaging & Collaboration - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Messaging & Collaboration


CAN-SPAM Misses Mark



 By: Cameron Sturdevant
2004-01-26
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Messaging & Collaboration story.


Rate This Article:
Poor Best
IT managers need to act as if CAN-SPAM didn't exist.

Early word from the field is that the can-SPAM Act hasnt made a dent in the amount or character of spam. Surprise!

Commtouch Software announced Jan. 8 that its spam-detection center saw no significant difference in the number of spam campaigns. Commtouch also analyzed bulk e-mail for compliance with the law and found that fewer than 1 percent of e-mail messages met the simple requirements laid out in CAN-SPAM.

Jesse Dougherty, director of development at anti-virus and anti-spam software maker Sophos, confirmed the sorry state of post-CAN-SPAM junk e-mail traffic when I talked with him recently. While companies such as Sophos have a vested interest in showing a high rate of spam, the amount of junk e-mail even after CAN-SPAM is not in dispute.

The ultimate impact of CAN-SPAM might be different from the early results. The Federal Trade Commission and the Federal Communications Commission have oversight of the act, with the FTC empowered to make rules. As rules are made over time—and as enforcement action shapes new boundaries for sending commercial e-mail—the effects of the anti-spam act will become clearer.

Resource Library:

However, whats happened so far confirms what Ive said here before: CAN-SPAM wont significantly reduce the amount of junk e-mail, and it will have little impact on the content of e-mail. Thus, companies need to continue putting anti-spam systems in place. Further, employer responsibility to keep out e-mail that potentially creates a hostile work environment—namely, pornographic e-mail—will continue to be a burden of IT.

The law prevents recipients of spam from initiating enforcement action, but will resource-strapped federal agencies be able to take up the slack? In a sense, CAN-SPAM may fail in its stated aim of reducing junk e-mail for the same reason peddling drugs and bogus financial schemes are so popular on the Internet already: There is little chance of getting caught and almost no cost to using e-mail to promote scams.

For the most part, this means IT managers need to act as if CAN-SPAM didnt exist. You still need to invest in anti-spam products or services to prevent junk e-mail. You should continue to advise users about the same best practices—such as not using the unsubscribe link to supposedly get off e-mail lists. As far as I can tell, the CAN-SPAM Act, and the publicity around it, are likely to make spam problems worse for business users.

The reason is summed up in the term "phishing." I talked with Avner Amram, executive vice president at Commtouch, and he described phishing as harmful e-mail that imitates legitimate companies to coax users to provide information including passwords and account numbers.

"This e-mail tells you that your account [at any number of well-known companies] is about to expire. You go to a Web site that looks exactly like the one of Citibank or eBay ... and you happily put your user name and password and maybe your account number and then push submit," said Amram.

Ive seen several examples of phishing e-mails, and they are good. Very good. Because this e-mail appears to meet nearly all the visible requirements of CAN-SPAM, including a postal address to unsubscribe in the body of the e-mail, end users are very likely to be suckered into going to these sites and giving up their money. The publicity around CAN-SPAM lends credibility to junk e-mail because recipients reasonably expect that the legislation will protect them from this type of fraudulent e-mail. Hence, things will get worse, not better.

To repeat, IT managers must pretend CAN-SPAM doesnt exist, to protect their organizations from the bad effects of spam. It may well be worthwhile to take this time to remind your e-mail users of the importance of prudent e-mail use, such as carefully evaluating messages that appear to be from trusted sources and asking for financial or personal information. I know Im not letting my guard down now that the feds have stepped in to save me from spam. Once the dust has settled, CAN-SPAM legislation will likely be seen for what it is, a second-rate attempt to tackle first-rate spammers.

Senior Analyst Cameron Sturdevant can be contacted at cameron_sturdevant@ziffdavis.com.





  Reader Comments: CAN-SPAM Misses Mark
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Messaging & Collaboration Articles          >>> More By Cameron Sturdevant
 


x}r8s;W1ŋK-)XTFh)ئHI٥ꝟ8/''7oP/]%L$D"w?Iptô1f%St{>D{{?.P`S/92p?"M-GVekVCl"r9ȹ30T LI UHI z:p,#Cr<r@J53ҧ螩[mɧ9u]kԏ` ZT`<A%$7 :\تZJpO,ӇwR0w ۱ȭ#zk׳߂}x7mgD T'>6O( |@Ac"j9Hu#o83ц94ݱJZUQ bP)+62W2auRV5MQ/W ]`vdu]+h0ӛNs#Wϭw~q is,/wUJ`Z. $/ Z@WP> O.kQҋZ[^  k٥z z%E1\sh>U?ZoV͉*]XYujZlE?iQw9~j>ݴ{ݹvem|hǫuw#вnZDIQM}{Qc1x,Vr*ǿ@8ʍ??1m!S[ö@ .S3+,}0;}JSOaΦnۉ9~t$ࠣM/6}@˥~npb>#a 8+GݺzLnXŞ+ R߭C0C m|@Tێ(??6 { G`p&{xk y0ҁ4}aqjQ?]*3<d| o  9#z[MKx Gِե6tN\IQ?z2(%E29 EEKy3@ $hO`źmb?I~ޑvZ*&RP*m=!ԑtጝZ*}-΍gR1eb -d[b~Il eV&vpbB|#'bXr`Y \h+i)!4ÃiА4Xy Yu-yA\'ޑN86̜07ÚL ~D'虉m>(N5i;:O̗SږiESRoBoڅRT眺_dA_fMjlȌu>IVBO7&7O wz@nehIJ*#w4?{`ELE2a5?%ӇnS/0}ęR3BZsOsR| ~2-$֒e/ 7R@]օVPK M2L%kZԕ1%/D4$B]`8V "Cɣ($me6L?InQy1쳧k]0\Pepd2wê%M*ګY3wld tAqFAfHf[ ҆lpku:.PCϱKu=: =`sqӱ3 m0TNϣ(a!w1 JkX"L M=t%\40e\8XbO`.#Všcͧۋ°{Z^vԻ~1Gl2ݴZ!lLsCm0 G"}Ӛ#Ow')]B~,%1Iҏ5 &^PGe d^s`M[`R9#Dzl lF9 CQ>-D.M{ \ipfZEZiI~~~0*y.Kg>Fm `'zpgI}єa˘30|q֓-*IbAQ xHkMf٧7c_g>Ѐah"N.\PZr>r+b"[8:T:$ݦC 0gw`q0$0OҶ@%ХÙ.pӞrFVyYBf?K~T+BZmVVR帨V*߬g7#)' Sf|}g4ޗ'8>yw⾿þiF/aRz냩ܦ;pC9sO.S˰ c# ,c?` $̮$fG`Ó R*%)Pc0]*W*h3sazt?yxdEM]CNyPlW16M8qW;PVC89G& B1&GJƆg%:<!pwC*2CXݙ `1}j$a#C`BEWFڬ,pԿCu;WԴ)+&V$tu| `_snM<=צK$*XC 4i 0X[ ⚪T}ffW{)|h#Q ` K{ZCAk2۩\w\܁c:P>H(TXg7cMEH]ac6U{z@n)ZMMe;4 O#Τp3[}zK>'g8MGFi$]k|;P rfVȭ>tNd_&z}G ϣ{jZ)o XDObk>u8]`MɧzXFpaNpgD\OU۶AS5ѻMclޥ0͜)6@yz`@ò VZ;{؇vH| f^-Zi0lz*%\.Yid 1ct89e}ԭ4N׷/UUAS;:&_P@ZhO \XKs98$D22I*"E6[ pe l&SbR/փ `AaO`"U!7TQ>cO7(~ (zC9m^>RXS(.n$UHU(V $}U;,h7xџ2XD+(++i-^2yi mD[ 4wʨK3["X>DД7Ϩ3dRb kQhCe[,r/鉚ĺRafHNV*\U%P-HjItn:0ȘُYD[8tpL\'eM=Js5{um?L7 xG ?ws~̾n02Frl VVJr=oȥiG\0R,W2( ,~79ـo9 |\V* rF2R@BZB$d1~l'b{H '? aV*7~.Rȓ$>Diz\12fV(Yŵ?~hhqL _^?jUeqbE1 wcyKV~ZgZqRY+ to{?ܶ#R>Y'5._?ٿt۽v00Vy/ЏWK׽/5._U#R:&j)/Zlb8 } L@IP 4p=&.ƸO^D^7醿z>hF["$;r:eCJ|I}ڹx}ՒXzk΃ w"EKrBVë<Mxq)qo2XG3pXc?>wgLtܗMuÙb9kI.Dz=jW'27xm7GkފGq֭ Bf/3obB!|J<؇APc1`=`Vf{}N .FOdBA48XS(+RJ)"4FYO |ϚM3_fIghDin/Eb}CRB'T5˓$/IYO)Eqjhd꒐~~(i&'ءXҡ۳^7'8 $O krwisq/=l-39"i Q@/,vd6t߇L?G OFxf79g; 9>lPfp~nnwkJdjl 8QbhM9oj9٢hr[v0\k9f>c \qlĨ`box?ԴafPvOW V3mJU+*X(_8zP(;5yaY {rKevڨ7S<&Nן@ĘD#ȒnҩcrSJ]ip^'[qJkA2;dw6b$-=^TC`M}r91aP&HJ )P0mc7:?(pî;ٯ?7$L+:S&`|jinr,xE7 #r-6⨟yٯ?7D$Ux/K/*-&޵ >㽄K;F-Xue"/Cb'zw6#dCsN H*G֝o[s9 TJZm@^Yb&m:5lQD7!Ĵ >ox+q^kǰ{Y]g4I)IJe1/<~icOf"r[ώ/uݓẁJPIСbNŶcv@4ЈB[חb!EH[ߺNV@} _x]Vɚ>YӅ; gUR5IU60*.g%Ea nL qA|aRp3lgP86pЫ3Aw&B=oщuŽ3;VCCk#": k//aP/3~ӋSRgH#=YM=m aؑ{"$Gx*o=c΃E1վzF%H*ͩ"7-r;ISTh5(~f t0i.0Rb#¡ 8"gG|1߉L;+[JᅕPsر5. & #ży҉' > Jf,(-z]ߺꖜP|)%I tz,9ҼcA-. T<<,V7L$"ltS۴WZfK)d?-9f90ɴ@xzRO}]h*n{>[E RۖT1Stsl9Yvǁ;&E7e%vJ6X}'}3<)ͽo]uKΨ|'h '& ,<5gs6+FxBlI ĐEFۖINO=d瀲%{V{t@{jϨ49֚"1<1fs$-.}{0 B#ih&ܙJ |3a|qO釤S.Һ7g&u'2$Kj Y ]vCa`.i b6᱃#L[Ϩ~ǒ)#R{۱j(nu.[%tXJ_&$>"DWW:[!Bڮ-+~oQVXbCՄ%LN0,@»4e=?Iu_'z@W^ ;<%z^߮v ]mxHtFuB:=AK\)D!!@Bx2հ(v~w4>wLzԢx\ to'T= qN˕/M;?Id >n`d,!}5 ԟ$nMqь vEcI\q=;3t~(,__z=7+8-A-U y %~2fލ{ww}'ԶGו q{*]:`:"SߺlE}74@e %D@Kaq3#^<3B*=4'֏ O=e{c-My?5m3 w.(J4,?[ދ#l „) 븺e.$&.^!{P9G0km{ Ta9b yGSkk.TRso Z1ߦ<?w}<'{4(PT5?}2^ڳmF&xT_[,_UjXbw2О$$Kw qM[\bd=-T?^<@&s*5މ`~lW {*PG?l@( x}-Ҫ=Y/ Zi45 I7Oc-plVxm_ug/ :äIYzdfSxT vf0 o?PǸn3[w1VsR=2QQ Qo?EOf:q/&~ j~`)`Yq{RWg*?q/JOYD%i.nW`7&$0-g\+A#샒=%h?!,q. Ds sfq1ꊚbMd@0 _>bl\M'p.dˋ}L K ǑӲ*YK]m.95͂E/t 1^ťUCu"^]Z˽X:bK2&ϯ #zPWwƌESj9椷 G]#M)jDC0Z`mh1]9񤦘!Vi <7L8Vi %6vn& #m'hzBRKo^3C'ܬDMd^vvG3NIG>r&cɸKqX< R?d_j~lR.gI*_I&B [Vs(1 .ozؑժTjQܣ@VT8\`D9{tEkѽn=/=7TҊj9Ys~ gZC.,|9G7/aGN$(bX az/;1O>^kQ ' }m5t_-Pr X8S☇&A7/0޻K{IV^YCO92Y>0h&nUtTJufTcPg}1~dϋ:TEoOaLqeHӺ@lfmےVo5J |#:I[f:'纭ۦ~M?ҡ4 ?R)!߶~mzxu+sY0x+nO♃`@vʹ*F6#ZIikiL(Z_XeLW<00t+P̲jNTxg@ٿ[!W=NlI dM,|Uqb|%wřGܶh.:&+ 'qMC7)(ʁ&ӨasykiF$R}o J#b2zCZ=)׀bݐUBBa,c+pD['鍀CB]hb#3F0Gx(z~h/U{Z7] d!ϝk`qX癉<0[>'죋BI3da{AR`(L1c- [z{CXuh c6zS:嘭#!+^bΑ,?nXk~*Jb#W'0 枩P-,Șh MQ VHxD~2&gV3!"Ls6@@P0HoOYH,/@ߛ8 (Jg "PV: O jGAnbJ MF·:*3 rNi0qsXg S}Vx} խxG0Ԅؚ%~6t0VQ1e&|gs!aZ;J5m^+LideAή-f(TjQ{̵,% E*wDY Ccqq VGQ]l.!jbTũ0 ?&y Mղrڽ/j8ٙ%/KN#CEM/GcI۠_k 'M& OL8SDnu#Vn"#(( FFy;MAQ~ π>g'(חzQ3CL*ogf//E|s %̠̂%2>ˌ_^f%e^e3(?C3/2*c|@~2 *c:'N~dk 3޿.._/z/)>Cr}}Π-ff--m%:Iʘ!gk\8=Rdr ~)A_d_y*%YF!g賲+z'_˰Πs#e_7C@/1~dnleҾ>4 aqʍz^SyR}5v+iAF[/R^a/ ^؈M,AQ8gG6+F.Э-'ވm]=g%Iy=0?%Mu1WWvl+Jy._[nNJ>j).~QJxdB$h{dc3-FDu~9|,y|f2 'ͣ6}e&o g~<'Ԋ2nOArt_\pۭঠѮ'x?5OWb7iMnڧnZv<2kݫ++c+p'k͠?~%s='<+?q>{PxZ@&j\ef(+@J~@o>t>`Y)Wqà67.{x50AZ7WuC=gZ}yPS4M$LBpD`&Zb gKqLCn%3@Et5^i{m`'~;?-cGj$RiErT)ܓFnXB0 = C[TMVYI0ZY9,+PPफ़h[vRjo膖' yV8an%[zQ?"0^?&G&=k5j2cofⅺhQKCt8cS+x;b(q Y$P*`!K֞9^$ rf'gMߟuiǤi&#lɒ]k"b0)N>@_H2E2 >Mqgq%B4{PoЏ]=ƾw<ASx u1,D*9"Qo P)ȏ"vy9m$Kd7-YݨoˊLsӃm{f*i/\}>o H,݈ AQ6 yJ>? Tlw͓)W?6vo>LSc? `nwfZh'#r1ebV!.0=)O?7nG[nI 5E`1l4`ehDS,T6y *>ݠK6A1^WIKu A]=_v{[>/'_4.v>Ͻ>_;9sϢq9u9K1E:ae=$;]2*玅A-Z12%o,gkV"F꺘 #gyQӯ3v=ǘk m0q,r?s\,Cclʲcv9Ť3a=`>^}.<'ȳ(`,$v"VKjMΡmjpR!fƲ 7cP."Xd-%oB@:S .xBG,?ɋ|P byx ^ŧ$NS?|T+O%ƕ)z_Sq|}h-݉7{o,sՓ/G<|Xyx8~'c(FRqO\|j8(>\tnbo`;^z8)-9EKB4[i B";wh6W񞞽P0E h_G`bhP7]ӨZY$I#;ob[E1um*ar{g;a+b(1lS24K_hjtcͦG(ϗ5}>4E&l)vsml-6C-{b