ad info
   personal technology

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

CNN Websites
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines

 message boards




War on spam claims legit e-mail

May 18, 1999
Web posted at: 1:53 p.m. EDT (1753 GMT)

by Paul McNamara

Network World Fusion

(IDG) -- In the interest of fighting spam, Tivoli has trained its in-house e-mail system to reject up to 5% of all incoming messages, even though the company knows that some of those messages are legitimate business correspondence. Senders of the bounced e-mail get a link to a Web page ( that explains the policy.
  Network World Fusion home page
  Free Network World Fusion newsletters
 Reviews & in-depth info at
 *'s bridges & routers page's hubs & switches page
 *'s network operating systems page's network management software page
  Year 2000 World
  Questions about computers? Let's editors help you
  Subscribe to's free daily newsletter for network experts
  Search in 12 languages
 News Radio
 * Fusion audio primers
 * Computerworld Minute

Any resulting inconvenience for customers or employees is a reasonable price to pay for spam protection, contends Steve Jones, manager of enterprise network services at Tivoli in Austin, Texas. While Jones is not alone in that assessment, the unusually aggressive tactic has sparked debate within the company and among antispam experts.

"It doesn't make sense for you to throw away mail that you want unless the cost of getting and processing the spam is so high that it is worth the lost business," says Paul Hoffman, director of the Internet Mail Consortium (IMC). "I don't believe that is the case here."

At the heart of the matter is "open relay" spamming, the practice by which spammers exploit an element of Simple Mail Transfer Protocol (SMTP) to send junk e-mail through the servers of unwitting companies and service providers. Such spam can sap server processing capacity and, perhaps more important, leave the false impression that the victimized server owner actually sent the offensive e-mail, thus creating the potential for a public relations disaster.

In general, experts agree on the wisdom of closing those open relays and providing alternate means of e-mail access for off-site employees. The disagreement surrounds the question of how to treat e-mail from ISP and corporate servers that remain open to relaying because their owners cannot or will not close them. About one-third of all SMTP hosts remain open to relaying, according to a 1998 IMC survey.

A relatively small number of antispam hardliners, including Tivoli, are choosing to treat e-mail from these open relays as inherently suspect. They are using a "blacklist" database called ORBS - Open Relay Behavior-modification System - to either bounce or filter out for further inspection any e-mail that arrives from open relays. Another antispam service called MAPS (Mail Abuse Prevention System) Realtime Blackhole List is more widely used but much less controversial. MAPS targets known spammers and their ISP "accomplices," as opposed to any open relay server and, therefore, blacklists far fewer sites than does ORBS.

Alan Brown, who administers ORBS from his small ISP in New Zealand, says three dozen ISPs and companies worldwide receive periodic updates of the ORBS database. In addition, "10,000 to 20,000 hosts are doing regular Domain Name System lookups against the ORBS list, but there is no way of translating that back to a number of actual mail servers," he says.

The ORBS database relies on public submissions to identify open relays and currently lists about 100,000 SMTP hosts, a number that has more than doubled in the past six weeks, "thanks to a couple huge, overlapping spam-trap submissions," Brown adds. He has no qualms about trading bounced e-mail for better spam control.

"I'm happy to put up with some legitimate mail being tossed out with spam, simply because it's the legitimate mail being lost and the users beating up on their network administrators that cause those servers to get fixed," says Brown, who defines "fixed" as closed. "The more legitimate mail that does get blocked [by such policies], the faster those open relays get fixed."

Bringing such pressure to bear on companies, whether they are spammers or not, strikes some as unfair, if not bad business.

"It's overkill," says one Tivoli employee who reports having had significant problems with legitimate business e-mail getting bounced. "We look like we don't know what we're doing."

Another Tivoli employee, who also requested anonymity, says the company's policy has supporters and detractors among the rank and file.

"It was evenly split," he says of a recent internal e-mail thread on the subject. "There were a lot of people who felt that we should not be telling other companies how to run their businesses [by demanding they close their relays]." He, too, has doubts, but adds, "The fact is, I really like not getting spam."

The most recent IMC survey of relay status last July showed that about one-third of SMTP e-mail servers remained open, down from about one-half in February 1998. While director Hoffman agrees with most experts that companies should close their own relays to ward off opportunistic spammers, he does not believe the practice will be effective in stemming the overall volume of spam.

"Because there are so many open relays, if we closed 99% of them, that would cause [only] an imperceptible drop in the amount of spam . . . and we're never going to get to 99%," Hoffman says. "This is a cheap way of doing spam filtering that is known to be not effective."

Intel lawsuit calls barring e-mail fair game
May 3, 1999
Yahoo sues spammer
April 29, 1999
The Ten Commandments of e-mail
March 31, 1999
Smut, bigotry now a corporate e-mail fact of life
March 25, 1999

Everything you didn't want to know about spam
(NetworkWorld Fusion)
Paul Hoffman of the IMC on spam
(NetworkWorld Fusion)
E-mail overload
(NetworkWorld Fusion)
Spam attack: Get ready for the bulk e-mail deluge
(PCWorld) August 1997
Waging war on electronic junk mail with Java
(JavaWorld) October 1997
On the spam front: Big ISPs crack down as little spammers crank up
(InfoWorld) November 3, 1997
FTC releases 'Dirty Dozen' list of spam scams
(The Industry Standard)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

What is mail relay?
A look at how relay spamming works
Allowing relaying in SMTP
Internet Mail Consortium study
Open Relay Behavior-modification System
Tivoli's spam link
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.