A second wave of attacks began midday Friday after much of the eastern United States was affected in the morning. Sites affected included Etsy, ...
America Online, Yahoo and Microsoft are working together as well as with other companies and government agencies toward reducing the amount of unwanted e-mail, while an industry group starts an initiative to certify e-mailers.
As surging spam levels force cooperation among cyberspace rivals to protect the viability of e-mail as an effective marketing and communication tool, America Online Inc., Yahoo Inc. and Microsoft Corp. are working together as well as with other companies and government agencies toward reducing the amount of unwanted e-mail, the companies said today. "We are making a timely, bold and critical statement: spam is an industrywide challenge, requiring industrywide teamwork, in order to yield industrywide solutions," said Ted Leonsis, vice chairman of AOL. "By cooperating and collaborating together, we can make real progress against this toxin that pollutes the Internet environment."
Their efforts, which will be discussed along with other anti-spam efforts later this week at the Federal Trade Commission`s Spam Forum, address a range of technological and administrative moves intended to prevent spammers from effectively distributing e-mail and to assist government enforcement agencies in holding spammers accountable for their e-mail distribution. "This is the first time for industry to come together with the government to fight spam," says Ryan Hamlin, general manager of Microsoft`s anti-spam technologies and strategies. "We`re not working on just a technical solution to stop the spam problem, because it has to be a coordinated effort working with the government."
Hamlin says the Microsoft/AOL/Yahoo effort will concentrate on two basic goals: reducing the ability of spammers to spoof e-mail recipients with misleading "from" and "subject" headings, and establishing a set of anti-spam policies implemented throughout the e-mail world by both senders and recipients. A central part of this effort will be to leverage existing directories of Internet Protocol addresses, such as the Domain Name System, to verify the actual IP addresses of outbound e-mail. "You can`t spoof an IP address," he says.
He adds that Microsoft and other participants will publish guidelines on how to configure inbound e-mail systems to work more closely with IP address registries. "It `s a minor effort for individual companies," he says. "A single IT-person shop can do it."
Among the other techniques the three companies will work on:
-- Inhibit the delivery of e-mail from network systems determined to be operating with open routers or other technology that leaves a system open to use by unauthorized senders of e-mail;
-- Eliminate the ability to create fraudulent e-mail accounts in bulk;
-- Define a mechanism that would allow consumers to communicate with e-mail service providers regarding spam complaints;
-- Develop better mechanisms for preserving electronic evidence of spamming activity to support enforcement actions;
-- Help coordinate industry-wide use of best practices in blocking spam.
In a related effort, the Network Advertising Initiative`s Email Service Provider Coalition recently launched an anti-spam effort, code-named Project Lumos, designed to certify legitimate senders of e-mail. Using online registries of legitimate e-mailers, the project would require e-mailers to verify their identities and adhere to a system of best practices for sending e-mail. The project is intended to block unwanted e-mail without disrupting the inbound flow of legitimate e-mail, the NAI says.
The NAI adds that the project is intended to supplement other anti-spam efforts, such as those in the works by AOL, Yahoo and Microsoft. "Project Lumos is not a single, fallible, silver-bullet technology that can be beaten by spammers," says Hans Peter Brondmo, chair of the ESPC technology working group and senior vice president of e-mail services provider Digital Impact. "Instead, it introduces trust, transparency and accountability into the fabric of e-mail."