The benefits to business of Internet email are so obvious it is difficult to believe that only two years ago it was considered an exotic beast. However, the direct contact it offers with current and potential customers is bought at a price of making email addresses public.
This has led to the scourge of the Internet ? junk email. Because thousands or millions of email messages can be sent cheaply and easily, even a small response rate can make this anti-social exercise viable.
Sending email is often referred to as spamming (see http://www. vix.com-/spam/). Strictly speaking this is not correct, because spamming refers to the flooding of Usenet newsgroups with unwanted and irrelevant postings. The name comes from the Monty Python comedy sketch where spam turns up on every menu, regardless of what is ordered.
Two lawyers carried out the first spam in March 1994, a husband-and-wife team called Canter and Siegel. They sent a message to every newsgroup about an official US Government lottery to obtain Green Cards. It is sometimes known as the Green Card spam (see http://www-math.unipaderborn.de/%7Eaxel/BL/CS941211.txt).
This first mass junk posting took place in the newsgroups because they are so easy to email. Junk emailing, by contrast, requires individual addresses to be gathered, and is therefore more laborious. Despite claims from some companies offering ?sophisticated? junk email kits (often themselves sent as junk email), the basic methods are straightforward.
The traditional way to collect email addresses is to extract them from Usenet messages: if you post to a newsgroup, your email address is usually sent in what is called the header ? the first section of the message containing various technical information. It is easy to download Usenet messages and search them for Internet email addresses (which always take the form of [email protected]).
More recently, another source has become available to junk emailers. One of the problems with the Internet is that you can only send someone a message if you know their email address. But there is no central directory of addresses, which means you usually have to rely on indirect methods, such as phoning the recipient beforehand.
Clearly, there is a need for a resource where searches can be carried out. Several independent companies have created such services, including Four11 (at http://www.four11.com/), Internet Add-ress Finder (at http://www. iaf.net/), Switchboard (at http://www. switchboard.com/) and Bigfoot (at http:// www.bigfoot.com/). These are by no means complete listings of all email users, but a directory such as Four11 has some seven million email addresses on file.
Although users of these directories (which are free) are supposed to follow certain codes of conduct, there is little to stop unscrupulous individuals downloading vast amounts of their holdings and using them for junk email purposes.
Generally, you need to enter your email address in these directories yourself. However, it is in the interests of the companies concerned to be as comprehensive as possible, so many also add email addresses and names from other sources. An obvious source for these directories ? and for junk emailers ? is Web pages, which frequently contain contact email addresses.
As with so much of the Internet, junk email is such a new phenomenon that effective legislative control has yet to be established. Although there is the usual heated discussion in the US about the rights and obligations of such junk emailings, it is unlikely that changes in the law can do much about the problem.
For example, it would be relatively easy for a junk emailer to set up the cyberspace equivalent of an offshore base for its activities, which would then be outside US or European jurisdiction.
Given that junk emailing is likely to be a part of the Internet landscape for some time, it is worth looking at what can be done to minimise its effect on public business email accounts.
Junk email must come from somewhere on the Internet, which implies there is an ISP, or Internet Service Provider, involved. In the early days of spams and junk email, these ISPs ? often unwitting accomplices in these dubious online activities ? were deluged with email from outraged victims (see http://just4u.com/web consultants /spamfaq.htm), even to the extent of temporarily shutting down some of them. As a result, ISPs banned the obvious junk emailers from their systems, although this was only a temporary solution.
For example, it is relatively easy to hide or alter the source of the messages, which means that it is difficult to complain about junk mailings to the relevant ISP, or to block all email from that address.
Another tactic is the hit-and-run approach, which involves using an Internet account just once for a single mailshot. This has been made easier by marketing activities of the world?s largest online service, America Online (AOL). As part of its campaign to boost the number of subscribers, huge amounts of trial memberships have been given out, as cover -mounted disks on magazines, for example.
Junk emailers can use these accounts once to send out messages, and employ another disk and account for the next one. AOL is trying to stamp out this kind of abuse at the transmission end through the courts, and to limit the impact on its members by offering filtering software.
The latter approach is probably the most effective. There are a number of sophisticated email programs that allow you to apply filters to incoming post. For example, any message that contains the phrase ?get rich quick? could be deleted automatically. However, some junk email will inevitably slip through.
Rather than concentrating on content, which is too variable, you can focus on the sender. This might take the form of a blacklist which blocks known offenders. Conversely, it could be a more stringent ?whitelist?, where only messages from pre-determined people are accepted, while others are automatically rejected.
The problem with this approach is that, in the case of new customers contacting a company for information about products, for example, the senders will not be on the whitelist and will be denied access.
Some kind of certification of email users is needed, so that even unknown names can be trusted to be who they are, and not, for example, junk emailers hiding behind trial AOL accounts.
This presupposes an entire authentication structure to ensure that such certificates are trustworthy. If such certificates were available, only email from an authenticated sender would be accepted. Equally, anyone who was authenticated by a trustworthy authority would have their email accepted. The crux is that the criteria for obtaining authentication would be more stringent than those for getting an AOL trial account.
Remarkably, this system of certification exists, and is being rolled out in companies and across the Internet. It should help dramatically reduce the problem of junk email. The system, and how it works, will be the subject of next month?s In Context.
Imminent attack will target a single bank with cloned cards used to fraudulently withdraw millions over one weekend
Using photocatalysts to convert carbon dioxide into usable energy such as methane or ethane
Trained on curated data from Moorfields Eye Hospital, the neural network also shows clinicians how it reached its judgement
Yokohama National University demonstrate technology that could lead to a fault-tolerant universal quantum computer