E-mail Risks are Taking a Toll on the Rewards

eLABorations: As spam, viruses and other problems proliferate, firms would be wise to look at other ways of doing business

Recently, my colleague Peter Coffee wrote a column discussing how e-mail is often misused in areas such as discussions and collaboration, where dedicated systems would work much better.

However, Im starting to see even bigger problems with e-mail. Namely, given the constant progression of spam, viruses and other problems, e-mail is quickly approaching the point where the rewards of using it no longer out weight the risks.

And Im not just talking about the hassles involved with these problems, which are considerable. Even worse, these problems can potentially damage your systems, your business relationships and your reputation.

Lets start with spam. For users such as myself who have our e-mail address posted on the Web, the amount of spam can be staggering (easily in the hundreds every day). And among the endless offers to improve my credit situation or help Nigerian dignitaries are some truly disturbing spam messages, covering everything from bestiality to child pornography and often having misleading subject lines.

If your mail client has HTML enabled and you accidentally open one of these messages, youll end up with these images cached on your system. Under certain readings of federal and state laws, this could be enough to bring legal problems.

E-mail systems also make it much too easy for messages to appear to be from anyone, and both viruses and spam leverage this heavily. One of the most common viruses today is klez and its many variants, which spread themselves through e-mail spoofing.

This means that even if your systems are uninfected by klez, the virus will still attempt to spread itself through e-mails that appear to be from you. At first I thought it was amusing getting klez e-mails that appeared to be from myself, especially since I knew my system was clean. But then I spoke to a colleague who mentioned that a teacher at her childs school received a klez-infected message that appeared to be from her, a message that used a random subject line of "japanese lass sexy pictures."

Imaging trying to explain a virus like klez to someone who isnt that tech-savvy. Someone who probably wont understand address spoofing, or viruses that spread as worms. Someone who will be especially confused when you try to tell them how to look at their mail headers to see that the message didnt really come from you.

And the worst part is that you might never even get the chance to defend yourself. Right now someone you know, or work with, or sell to, might be getting a klez virus that appears to be from you and, instead of calling you, is simply marking you down as a weird pervert. You may never know why they decide to stop doing business with you.

This is the point where I started thinking, "maybe I should use something else." Do the benefits of e-mail really outweigh these problems?

Of course, e-mail is one of the most useful things ever invented. But e-mail client and server vendors are going to have to start thinking about ways to help users.

One simple step would be if all clients made it very easy to tell when the "sent from" information in an e-mail message doesnt match the actual sender information. Then, even novice users would at least understand that the message didnt really come from the person it says it comes from.

Of course, this seems like a long shot, given the fact that many mail clients dont even make it easy to view header information, though some, including Web-based options such as Yahoo mail, are starting to add this.

Whatever they do, e-mail vendors need to do something soon before more users start to wonder if the convenience of e-mail is really worth the price of their reputation.

Are the risks of e-mail starting to outweigh the rewards? Let me know at jim_rapoza@ziffdavis.com.