The forgotten net traffic problem: Spam

So much of the discussion has been focused on file sharing that one of the biggest and still growing problems confronted by every netizen and enterprise is Spam. The unsolicited commercial message continues to run rampant clogging the systems and dogging the productivity of those who have to moderate it. While the RIAA and MPAA aren’t losing fortunes here, the real cost of Spam to all enterprise dwarfs the real or imagined cost of piracy. Don’t think it’s a serious challenge? This blog routinely receives as many as 1000 spam posts daily pitching the usual collection male enhancement drugs, biz opps, investment advice and porn. Fortunately, we have tools that filter most Spam, but real time that could be used productively is lost to dealing messages that get past the filters every day.

Bloggers like us are not alone in losing to Spammers. Craigs List, the popular free online classifieds site, is fighting an uphill battle against the spammers. In some categories, they are losing the fight.

Spam on Craigslist has been a minor nuisance for years. Not any more. This year, the spammers started winning and are taking over Craigslist. Here’s how they did it. Craigslist tries to stop spamming by checking for duplicate submissions. They check for excessive posts from a single IP address. They require users to register with a valid E-mail address. They added a CAPTCHA to stop automated posting tools. And users can flag postings they recognize as spam.

Several commercial products are now available to overcome those little obstacles to bulk posting. A tool called CL Auto Posting Tool is one such product. It not only posts to Craigslist automatically, it has built-in strategies to overcome each Craigslist anti-spam mechanism.

Random text is added to each spam message to fool Craigslist’s duplicate message detector. IP proxy sites are used to post from a wide range of IP addresses. E-mail addresses for reply are Gmail accounts conveniently created by Jiffy Gmail Creator (”Who Else Wants to Create Unlimited Gmail Accounts in Seconds Flat Without Breaking a Sweat?”) An OCR system reads the obscured text in the CAPTCHA. Automatic monitoring detects when a posting has been flagged as spam and reposts it.

CL Auto Poster isn’t the only such tool. Other desktop software products are AdBomber and Ad Master. For spammers preferring a service-oriented approach, there’s ItsYourPost.

With these power tools, the defenses of Craigslist have been overrun. Some categories on Craigslist have become over 90% spam. The personals sections were the first to go, then the services categories, and more recently, the job postings. (Techdirt)

Am I proposing we enact new laws to deal with Spammers? Please no! We have enough poorly written statutes on the books that are randomly enforced at best. This is a community problem and needs a concerted effort by the community for a solution. We need more neighborhood watch groups who will proactively go after spammers closer to home. Going after a spammer locally is always more effective than attempting to get help from Washington, especially with spammers taking safe harbor abroad. If service providers would become as obsessed with policing spam as they are with Bittorrent, it offending IP addresses would be managed out of effectiveness. Service providers also need to get their own houses in order. If Spam originates from one of your IP addresses, you need to be accountable for it, and take appropriate action. Bulk messages should only come as an opt in, and the opt in process needs to be standardized - by all of us, not the politicians. Current opt ins’ are barely understandable, and usually intentionally buried in minutia not eaaily found by the optee.