I've got some good news and some bad news on the junk e-mail front. One of the best defences available to those seriously plagued by junk e-mail is to enlist the cooperation of the Internet service providers (ISPs) responsible for the message's origination and routing to get the offending account blocked or closed. But ISPs' policies and practices in this regard have widely varied: some demonstrate considerable responsiveness to abuse complaints, while others seem generally indifferent.
In the past I've encouraged people, particularly those who get a lot of junk e-mail, to forward to me what they receive. This gives me a way of tracking which ISPs appear to let messages from the bulk e-mail campaigns come through their system. So I decided to look at my database of junk e-mail messages from the first quarter of this year to see what a little analysis might reveal about ISPs who are soft on spam.
I tried several different search techniques to see which ISPs would come up the most often, including checking for messages that had been forwarded to the ISP's postmaster or abuse address and scanning the entire header for occurrences of the ISP's name (I didn't count references to the recipient's own ISP). Pretty soon, it became clear that whatever technique I used, the results were going to be pretty much the same, at least in terms of the top two. AT&T's Worldnet service was the clear winner, so to speak, in that the most junk e-mail appeared to be coming from Worldnet addresses. Earthlink was a strong second, followed at some distance by a pack of different types of ISP services, including AOL, CompuServe, Juno, Netcom, Prodigy, Sprint, and uunet.
Interesting as those results were, it was obviously going to be hard to say for certain exactly how well they reflected each service's approach to junk e-mail. Worldnet and Earthlink have probably signed up more new members than any other pure ISP since monthly flat-rate Internet fees became common. So was their showing just a function of their growth? I decided to ask Worldnet and Earthlink officials. Growth was an issue, they both said, but there was a bigger culprit.
"One of our biggest problems right now is that probably 85 per cent of the spam that comes through our system is actually where someone is using our mail servers as relays," says Harris Schwartz, Earthlink's information security administrator. "When it's an Earthlink user doing it, we can usually take action within hours, warning them or even suspending their service, but we can't do that with all these others."
The junk e-mailers are both using the popular ISPs for camouflage and stealing some free service from them. Ball says that, as of March 31, Worldnet implemented a technique to trap large volumes of the same message being relayed through its server and will not process those that don't prove to be legitimate. Schwartz said Earthlink is changing its SMTP configuration to block relays from noncustomers.