IDG News Service - An industry organization representing heavyweight e-mail providers Yahoo Inc., Microsoft Corp., America Online Inc. and EarthLink Inc. released recommendations yesterday for ending spam e-mail.
The Anti-Spam Technical Alliance's (ASTA) statement of intent, posted on the individual sites of members, includes a list of suggestions and best practices for Internet service providers, e-mail providers, governments, corporations and bulk e-mail senders.
Among other things, ASTA recommended that ISPs shut down so-called open relays, or e-mail servers that allow parties that don't own the mail server to relay mail through them without needing to log in first. The group also suggested that ISPs crack down on virus- and worm-infected computers on their networks and closely monitor features that let people automatically register for ISP accounts.
If implemented, the recommendations could greatly reduce the amount of spam, the group said. The guidelines are the product of more than a year of collaboration between member companies and focus mainly on ISPs, whose networks are often used to distribute spam.
ISPs that host Web pages should also remove simple programs that can generate e-mail messages, like formmail.pl, a popular and free program for providing feedback from a Web page. ISP customers should also be required to authenticate before sending e-mail from the ISP's network, ASTA said.
For bulk e-mail senders, the group discouraged the practice of harvesting e-mail addresses without the consent of the e-mail sender, as well as other common spamming practices such as source-address spoofing and sending e-mail containing information that is false or misleading.
Consumers were generally let off the hook. While e-mail users have a duty to educate themselves about spam, ISPs and others with a stake in e-mail need to do a better job of providing consumers with tools and information to stop it, the group said.
Many of the technical suggestions have long been accepted wisdom within the technical community, said John Levine, a member of the Internet Research Task Force's Anti-Spam Research Group. "This is all kind of motherhood and apple pie," said Levine, who noted that AOL and most other ISPs have been following many of the stated best practices for years.
Even so, the recommendations are still useful if they can reform the small number of organizations with sloppy mailing practices whose systems are frequently exploited by spammers. "It's too bad that the first thing you have to do is tell people not to do something stupid, but there are still a lot of small companies with mailing lists and loosely administered mail servers," Levine said.
ASTA
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
