Reader's advisory: Wired News has been unable to confirm some sources for a number of stories written by this author. If you have any information about sources cited in this article, please send an e-mail to sourceinfo[AT]wired.com.
They're mad as hell and they're not going to take it anymore.
It's not news that Internet service providers are sick of spam, but now it seems their patience has truly worn thin.
Their servers are gagging on an overload of junk mail, they have to pay people to block and purge spammers' bogus transmissions from their systems and they are just plain fed up with subsidizing the spam industry.
"If service providers don't seriously address the level of spam we all have to pay to transport to our customers, it will put many of us out of business," said Doug Smith, CTO and founder of Netway Internet.
Smith was addressing a gathering of ISP owners and workers at ISPCON, an annual gathering for Internet service providers. IPSCON devoted the first day of their 10th annual conference to the war against spam.
Everyone in attendance agrees that spam is pure evil. But few agree on how to stop this pillage of their networks. Stopping spam isn't difficult, but stopping it without angering clients and legitimate e-mail marketers is a challenge.
"We face two incompatible demands. Our customers want no spam, but they also want no censorship," said Ken Slaughter, CEO of Active Internet Communications, an ISP based in Springfield, Missouri.
Judging by the products demonstrated at IPSCON, the next generation of spam-fighting tools will be permission-based e-mail, a sort of caller ID for e-mail systems that allows users or ISPs to screen messages and decide what to respond to and what to ignore.
The ePrivacy Group demoed SpamSquelcher, which analyzes e-mail traffic moving through an ISP's network and prioritizes legitimate e-mail, handling spam in much the same way that the post office handles bulk snail mail.
First-class (legitimate) e-mail gets processed first. Bulk advertising gets transmitted if -- and when -- the ISP has the resources and time to do so.
The idea is not to stop spam, but to make it less profitable. Spammers count on being able deliver millions of messages very quickly, and SpamSquelcher dramatically slows down spam transmission speed. The spam still gets through, soothing any worries about heavy-handed blocking techniques, but the tool conserves ISP resources for legitimate users.
"Spam is the No. 1 problem on the Internet and it affects all of us," said Vincent Schiavone, president of ePrivacy Group. "E-mailers, ISPs, privacy and consumer advocates and filtering companies are coming to look at spam from a broad perspective and they are beginning to understand that real solutions require real cooperation."
"The required solution is not just technological, not just legal, but an integration of policy and technology," Schiavone said.
Vanquish showed off an anti-spam suite of applications with a twist: a penalty button.
Company representatives said the product will end the free ride spammers have enjoyed by abusing ISP resources.
Bulk senders pay a cash bond intended to guarantee they are ethical e-mail marketers in Vanquish's system.
If a recipient of an e-mail from one of the bulk senders decides that the message received is spam, she can push the penalty button (embedded in all the e-mails sent from legit marketers) and five cents is automatically debited from the sender's bond balance.
The penalty money would be distributed to the recipient's ISP to help defray the costs of carrying the spam on their network.
"Since spam is in the eye of the beholder, our technology doesn't rely on filters or other categorization means to determine what spam is," said Phil Raymond, CEO of Vanquish.
Raymond acknowledges that spammers will not bond their messages. However, he said, legitimate online marketers are tired of having their offers weeded out by spam filters and are looking for new ways to enhance their credibility. By posting a small financial bond, these senders are guaranteeing that their messages are not spam, even though they are commercial solicitations.
One of the more interesting permission implementations was demonstrated by a Hawaiian company, Titan Key.
Titan Key president Peter Kay acknowledged that a spam-fighting service from Hawaii was ironic, given the Islanders' love for Spam, the canned meat product. Say "spam" to a Hawaiian and most people will immediately think "musubi," a very popular Spam sushi dish.
But Kay's product shows no love for spam, the Internet scourge.
Titan Key stops spam before it is sent and also tricks spammers into deleting e-mail addresses from their marketing lists.
"The problem with all the other anti-spam software is that it still lets spammers know you are there, and so you continue receiving spam." Kay said. "But Titan Key can make you disappear."
Most Internet mail servers unconditionally accept e-mail if it is properly addressed. Titan Key, which runs as a separate appliance upstream of the company's email server, accepts e-mail only if the sender is a known "friend."
It rejects all other e-mail with a "no such user" error message. This "hard bounce" error message typically triggers mass mailing software used by spammers to automatically delete the address from its database.
After sending the bounce error message, Titan Key immediately sends an e-mail asking the sender to establish whether he or she is human by visiting a website and entering a code. Automated software used by spammers are unable to comply.
"We've been testing this for some time, and so far, no one has objected to this extra step," Kay, a software engineer, said. "Almost everyone has a spam problem and people accept this minor inconvenience because they crave privacy too."
When the code is entered, e-mail from that sender is permanently cleared for delivery.
"When email addresses stop working for spammers, spam will no longer be sent because it simply can't be sent -- at least economically," Kay said. "The Titan Key is the only software that can make a particular e-mail address stop working for a spammer, yet keep it working just fine for friends and other humans.”
ISPCON is happening in Baltimore, Maryland, from April 23-25.
