Spam attack!

For free real time breaking news alerts sent straight to your inbox sign up to our breaking news emails

Sign up to our free breaking news emails

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

So your stocks are in the tank? Too bad that there isn't some way to tie your investments to the growth in "spam" – unwanted commercial (or pornographic) e-mail, which is reckoned to be doubling annually. The latest figures from MessageLabs indicate that one in seven e-mails received by businesses in the UK is spam; it also suggests that 10 per cent of every working day is spent dealing with it.

"The problem is made worse because unlike e-mail viruses, companies have trouble determining what is and isn't spam," according to Jos White, founder and marketing director of MessageLabs. "It is now beginning to emerge as a serious problem."

And it's likely to get worse, if trends in the US are any guide (and generally they are). There, 30 per cent of e-mails arriving at businesses are spam. It's out of hand.

Ian Gates, director of Group IT at Capita Group, says: "For us, spam is moving quickly from being an irritant to a threat – not only wasting time and resources, but also exposing our employees to increasingly offensive, unsolicited material."

Those would be the porn e-mails, which are sent by the million from servers as far afield as China, Korea, Poland, Russia and Mexico. These exploit the trusting nature of Microsoft's Outlook Express to include links to pornographic pictures, often with disguised URLs to evade filtering.

Most average users of the net have been aware of the problem for years, of course; no user of Hotmail can be unaware of it. "If I don't check my Hotmail account every few days it's packed full of spam, so it can be a real problem if I want to go away on holiday," says Enrique Salem, the chief executive of Brightmail, a San Francisco-based firm that monitors and filters junk e-mail.

Spam has now become a problem for businesses, because spammers' computers are powerful enough to generate random addresses aimed at companies with domains on the net, and are better at "scraping" web pages for e-mails.

Definition is important: 29 per cent of those surveyed by MessageLabs defined a promotional message from a company they know as spam, and a slightly higher percentage would also apply the label to global e-mails within their companies. Most people at home would reckon that the definition is narrower – an e-mail coming from organisations they've never contacted or signed up with.

But anything that gets spam on to the business radar has to be good – in that it should prompt action. However, what's happening is that companies are offering "server-side" filtering, which wipes out what it judges to be spam before it reaches your company or the remote mailbox you connect to. This can have drawbacks.

The principal problem is that you don't know what's getting killed, unless you have access to, or influence on, the filtering process. Geoff Duncan, who administers the TidBITS e-mail newsletter, described (in http://www.tidbits.com/tb-issues/TidBITS-637.html) how "in some weeks, we get hundreds or even thousands of subscribers whose [mail] servers refuse delivery of TidBITS". The reason: passing references to Viagra, the phrase "my iTools pictures" (which caused many servers to reject the e-mail as being the work of the Klez worm), the phrase "Two Bites of the Cherry" (in reference to Unicode, a successor to ASCII), and the phrase "surreptitious footage of gorgeous blondes in various states of undress" (in a commentary about pop-up and pop-under ads).

My inclusion of those phrases, by the way, means that if you're reading this online and try to e-mail it to a friend, it may get bounced as porn or a virus.

What's the solution? Probably not the one that is being applied and causing all those bounces, Duncan wrote. "We're starting to see signs that e-mail, often hailed as the internet's 'killer app', is in danger of becoming an unreliable, arbitrarily censored medium – and there's very little we can do about it."

Indeed, MessageLabs is not tackling the source of the problem. It is going to offer just such a server-side filtering system, which will be priced from 60p per user, per month (falling to a minimum of 20p for 5,000 or more users).

MessageLabs checks each message against a set of rules, and gives it a cumulative score: for example, having "viagra" in the text might give it five points, and having "men" or "cheap" in the same message could add another 10 points. Messages scoring more than a set threshold will be marked as spam. The customer can then look over the marked messages, and allow through any which come from trusted sources; for example, a press release from Pfizer (makers of the little blue pill) would be allowed, where a spam pitch would not.

"For the first time, businesses can become masters of their own destiny in dealing with spam," said White. "They can define what does and does not get through."

The problem, though, is that doing this for a large business will inevitably mean rejecting huge numbers of messages that are legitimate. It will also tie up IT people, who will be reviewing what's being sent – which will mean ploughing through dozens, perhaps hundreds of "Nigerian letters" to find the occasional nugget that should be allowed in. That will quickly become unrewarding, and there isn't the spare capacity for already strained IT chiefs.

For your personal use, you can download programs such as Mail Armor (from http://www.postarmor.com/), a Java program that runs on all platforms; it's free for personal use and runs a similar rule-based system, though you can tweak the rules yourself. It also deletes mail from your server, so you don't have to download it to apply the rules, and will work as a "proxy" to your normal e-mail program, which can pick up its mail from what Mail Armor lets through.

But what can be done at source level to stop spam? The expansion of the net means millions of e-mails are available, harvested by programs that read the headers of newsgroup messages and search web pages for the "mailto:" links that precede addresses.

The real trouble, though, is open mail servers. The growing net means that more mail servers are set up wrongly, so that anyone on the net can send one or a million messages through them. (Spammers have programs that search for such "relay" servers.) One possibility that has been mooted is a "trusted" SMTP system, where mail servers will only pass on e-mail that comes from another server that is known to be closed to relaying. But that goes against the open nature of the net.

It's a deep problem. Do you keep the net open, and let spammers make its most useful function unusable? Or do you close it off, and reduce its utility? "[Governmental] legislation can only go so far," says White. "The nature of the internet makes it very easy for spammers to conceal their source." And, of course, some spam might not be illegal in some countries; Nigeria, for example, judging by the number of spams emanating from it, promising untold riches to those unwary enough to give over their bank details.

"Really to stop it, the technology to do so has to be woven into the fabric of the net," White insists. "We're very confident that our service can do that. We're in the high 90 per cent for identifying spam at the moment."

It's a brave claim. But in a world where billions of e-mails are sent every day, even that sort of ratio still leaves a lot of legitimate messages in limbo. Could spam kill "the killer app"? It certainly looks that way.