Perhaps the real irritation is that handling mail has become cumbersome.

Upper management is about to ‘go postal’ over mail management issues. Screening email has become as necessary as screening calls.
Just as persistent salespeople keep calling; email solicitors keep spamming. Analyst research firm reports indicate that 50 percent of all corporate email traffic is spam. This ‘unsolicited’ bulk email is the newest form of junk mail. And with an average of 18 such messages a day for each e-mailbox in the world, it is clearly a problem that businesses cannot ignore.

“A year ago spam was a joke,” observes Troy Webb, managing partner of Incentric Solutions, an IT management company headquartered in Raleigh, NC. “Today clients are inquiring about best practices for controlling the impact of spam.”

“Basically, you have two options,” says Webb, “You delete spam messages once they are delivered to your desktop or you invest in spam filtering software. But, to make sure you don’t miss a legitimate message, you have to filter the filter. And that is craziness.”

According to Webb, if you answer even one spam message, you are doomed. Your email address will be added to every bulk email list known to man. Spammers easily get your email address by purchasing a list, sometimes directly from your Internet Service Provider (ISPs).

A popular, deceitful way of collecting email addresses is by
harvesting. This tactic uses a ‘spider’ to crawl the Web and extract email addresses from every Web page it can. Emails are also collected whenever an individual voluntarily provides personal information through participation in an online contest or survey.

Believe it or not, fewer than 200 so-called spam gangs are responsible for 90 percent of all the world’s unwanted email.

Although anti-spam software includes a way to blacklist these known email offenders, loopholes are everywhere. Just as hackers can find a way through firewalls and anti-virus protection, notorious spammers are always on the lookout for a way to accomplish their dirty work.

Given the number of anti-spam measures currently in Congress, it appears that legislation is inevitable. But, can a national do-not-spam list solve the underlying problem? Spam can just as easily originate offshore and complicate its legality. How will that deter the breaking and entering of email servers in order to send spam from unsuspecting domains to cover up its true identity?

What is spam?

The confusion surrounds the definition of spam itself.

“What is spam to me, may not be spam to you,” says Mike Daniels, director of security compliance for Secure Enterprise, an IT security firm based in Raleigh, NC. “Typically, it is defined as unsolicited commercial email sent in bulk.”

Pro-spam lobbyists such as the Direct Marketing Association are attempting to influence the legal definition of spam stating, ‘spam was only porn and scams sent fraudulently.’ A simple opt-out clause with a link to unsubscribe does not exempt the message from being classified as spam. AOL recently amended its terms of service to expand its definition of spam beyond email to include instant messaging and chat postings.

Commercial ads, promotional offers, get-rich-quick schemes, jokes, chain letters, and adult entertainment lures are consuming time and space. Unscrupulous scams that appear to be official email from a trusted company are fast becoming a way to steal identities, complete with financial details.

An estimated 4.9 trillion spam messages will be sent in 2003. ISPs are currently blocking between 2 and 4 billion spam emails each day.

“Service providers can not block everything,” points out Daniels. “Marketers are creatively getting around spam blocking engines creating bandwidth, productivity and liability issues for employers.”

“Spam has become a top issue after making its way to the C-level desks,” Daniels claims. “From a business perspective, spam costs real dollars every day.”

Cost: $8 billion a year

Already, the surmounting problem of spam is estimated to cost companies over $8 billion annually. Additional bandwidth is being consumed for non-productive tasks and additional dollars are being spent on IT measures to fend off email invaders. Consumer protection and law enforcement agencies are spending tax dollars on educating organizations around the world about the importance of closing their open relays to help reduce spam.

“The fact is spam is an intrusion that is of no value to the company, but it is a liability,” Webb explains. “If companies don’t take responsibility for and try to control spam, they face potential liability for unchecked socially offensive content.”

“At the minimum a company needs to put a gateway in place to filter all incoming mail to the enterprise,” suggests Daniels. “Buy an anti-spam product and run it for a month to track what is coming in and investigate it. From there, you can begin to build a knowledge base for filtering.”

Whatever the solution, subject lines containing known spam words such as Viagra will still get through sometimes. “Spam tactics are ever evolving and any solution will require constant monitoring and fine tuning to make sure that legitimate messages still get through,” Daniels adds.

He recommends developing a policy for employees so they know how they are expected to handle spam mail by explaining how and who to notify. “Employees just delete spam messages and don’t think much about it,” says Daniels. “But, what happens when 10 or 100 or 1,000 employees take the same action of looking, deleting, opening, forwarding, or replying to the same spam message? The key is to block it at gateway.”

For information on fighting spam contact:

Coalition Against Unsolicited Commercial Email: www.cauce.org

Federal Trade Commission: www.ftc.gov/bcp/coline/edcams/spam/coninfo.htm

State and federal spam laws: www.spamlaws.com

Note: This Local Tech Wire feature also was published in Business Leader magazine.