Spam is killing off email and threatening the very future of the internet. Surveys are showing that current net users are switching off to get away from unsolicited commercial email. Millions more are reluctant to get online for fear of being deluged with offers of pornography, viagra, money scams and so on. As trade unionists and social change activists, this is a worrying development. Email is an enormously powerful and cheap tool for us, particularly for online campaigning, but spammers are making it increasingly difficult for us to get our message through.<\/b> We need to educate our members and ourselves in order to win the battle against spam. If we don’t win that battle, we lose all the gains of the last decade and return to a world where those with the money can get their messages heard — and where we are effectively silenced.<\/i>
\nThe only problem is that there is no solution to spam<\/b>. Let me re-phrase that: there is no solution, but there are solutions<\/i>, to the problem of spam. For some time now, I have adopted a strategy of defense-in-depth<\/b>.<\/p>\n
\nWhen I try to visualize this, I think about a huge table in the Imperial War Museum here in London which is used to illustrate what trench warfare was like on the Western Front during the First World War. It’s a diorama with model trucks, and miniature barbed wire, and little shriveled trees, and it’s huge. What I noticed the first time I saw it was how you didn’t have one trench on the Allied side, and one on the German side, which is how we sometimes imagine it. You had trenches behind trenches, so that if the enemy crossed through your minefield and climbed over your barbed wire, they only got into your first trench. You’d stop them before the second. And if that didn’t work, you had a several lines of defenses after that.
\nDefense in depth. It kept the enemy at bay along the Western Front and it largely works for me today in the battle against the spammers. It could work for you as well.
\nBasically, there are two and only two approaches to fighting spam. One is at server level and one at client level.
\nAs with trench warfare, where it was always desirable to stop the enemy before they even reached the first trench, so in this form of warfare it’s best to stop the spam at server level. The fight at client level is comparable to the last ditch efforts, where the cooks and lorry drivers are battling for their very lives against an enemy that has broken through every other line of defense. Server level is the forward trench; client level is where the field hospitals are.
\nThe best way to stop spam at server level is to have an ISP that uses sophisticated filtering software and blocks the overwhelming bulk of spam from ever getting to your inbox. This is fairly standard practice now and one should not use an ISP which doesn’t offer this feature. One of the most popular and effective anti-spam blockers is SpamAssassin, an open source and free produce. But there are others. Where possible, get your ISP to delete the spam before it reaches your inbox, and not merely to tag messages with the label of spam.
\nIn addition to relying on your ISP to block spam, you might choose to pay for the services of another filter at server level. For some time I was using emailfiltering.co.uk. I would pay them a very small monthly fee, and they would retrieve all my messages from my ISP and filter these according to criteria updated daily.
\nSo long as the two filters were not identical — i.e., so long as the ISP and emailfiltering.co.uk used different software and different criteria for battling spam — it created a kind of double-filter at server level. Very effective indeed.
\nNevertheless, some spam continued to come through — through the minefield and the barbed wire, right up to the first trench.
\nThere are many different approaches to dealing with spam at client level — that is, in your email software — but these basically boil down to two: blacklists and whitelists. The traditional approach, one which I used on my Linux desktop when my email client was Evolution, is blacklists. You tell your email client that you don’t want to see any email that has the phrase ‘viagra’ in the subject line, and it can then delete those emails automatically. Or you tell it that you don’t want to see emails from particular addresses. Because I was getting a massive amount of spam from Korea, in Korean, I was able to tell my email client’s filter to delete all mail which was encoded in Korean.
\nThe problem is, spammers are constantly coming up with new phrases in subject lines, new ruses to make you want to open their emails, and it takes a constant struggle to keep your filters up to date. The blacklist battle is essentially an unwinnable one.
\nI was delighted to discover that Eudora, a popular free email client, now allows the use of an alternative approach: whitelists. Here you can tell your email program to only let mail through which comes from someone who is already in your address book. There are a couple of problems with this approach.
\nFirst, it means that people who are not yet in your address book will have their emails put into a special Junk mail folder and you may not look at that folder very frequently.
\nSecond, it means you have to keep your address book up to date — which is probably not a bad thing.
\nI now use Mozilla Thunderbird as my email client and it combines the main features I want to see in order to combat spam: I have configured it to automatically add email addresses from all my outgoing messages to the address book, which is now the most up-to-date and most comprehensive I’ve ever had (with some 600 records). I have also set up a whitelist filter to put all incoming messages from people I don’t know (who are not in my address book) into the Junk folder, to be looked at later.
\nMy Inbox is now essentially spam-free, all the time.
\nIf I look at all the emails that come my way and reach my ISP’s server (my first line of defense), I’d guess that over 95% of them are now spam. We’re talking hundreds of email messages a day, every day. But I only get a handful of spam messages on my machine thanks to the strategy of defense in depth that I’ve adopted, and those are dealt with by the whitelist filter in my email client.
\nThat’s how you stop spam and make email a useful tool again. That’s the defense in depth strategy we need to promote to everyone who wants to the Internet to survive and remain an effective means of communication.
\nTo sum up, the key elements of that strategy are:
\n1. Spam prevention at server level using tools like Spam Assassin
\n2. Duplication of filtering at server level using a second and different anti-spam program – emailfiltering.co.uk is a good choice
\n3. Use of whitelists in the email client to block emails from unrecognized addresses – Mozilla Thunderbird and Eudora can both do this
\n4. Maintaining an up-to-date email address book to ensure that the whitelist works – Mozilla Thunderbird will do this automatically
\n5. As a last line of defense, use a blacklist to filter any remaining messages by subject, sender, etc.
\nMaybe at some point in the future a combination of new laws and new technologies at server level will solve the problem of spam — sort of like what America’s entry into the First World War did to the stalemate on the Western Front — but until that time, the only hope we have of using email without spam is by adopting a strategy like the one I outlined above.<\/p>\n","protected":false},"excerpt":{"rendered":"
Spam is killing off email and threatening the very future of the internet. Surveys are showing that current net users are switching off to get away from unsolicited commercial email. Millions more are reluctant to…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-63","post","type-post","status-publish","format-standard","hentry","category-web-exclusive"],"_links":{"self":[{"href":"https:\/\/www.ericlee.info\/blog\/wp-json\/wp\/v2\/posts\/63","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ericlee.info\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ericlee.info\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ericlee.info\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ericlee.info\/blog\/wp-json\/wp\/v2\/comments?post=63"}],"version-history":[{"count":0,"href":"https:\/\/www.ericlee.info\/blog\/wp-json\/wp\/v2\/posts\/63\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.ericlee.info\/blog\/wp-json\/wp\/v2\/media?parent=63"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ericlee.info\/blog\/wp-json\/wp\/v2\/categories?post=63"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ericlee.info\/blog\/wp-json\/wp\/v2\/tags?post=63"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}