The growing problem of spam email - highlighted last week when California ISP Pacific Bell Internet was sporadically disabled over a period of three days by an apparent overload of spam - faces an expanding resistance movement, employing both legal and technological means to stem the tide of junk email.
In the latter camp, a new version of one of the most popular applications for routing email on Unix servers is out to make anti-spam technology part of the Internet mainstream. The popular server software Sendmail, used by approximately 75 percent of Internet mail servers, has been upgraded to add major new spam-blocking features.
The software will now check the return addresses on incoming messages against an email registry to verify them, and only deliver messages with a legitimate return address. Using a most-wanted list of spammers, it will also automatically reject messages originating from known spamming sites, by enabling use of the "Realtime Blackhole List."
But on that point in particular, critics worry that filtering by invalid addresses and hosts will only encourage spammers to use the legitimate host and address information of compleletly uninvolved Netizens and Web sites, laying them open to a retaliatory flood of email.
Sendmail also now allows system administrators to keep a list of approved and unapproved "relay" servers. Thus, if a spammer is using particular sites as major pit stops in spam routes - called "promiscuous relaying" - the administrator can reject mail relayed using well-known spam relay sites.
Another part of Sendmail's anti-spam strategy is to essentially fire back at spammers. The software will send a verifying message back to the host domain for each message delivered. If the message is spam, the spammer's server could be swamped with return messages, requiring the spammer to invest in more servers to handle the return message flood.
An administrator can also put a limit on the number of users allowed to receive a single mail message at one time, as well as reject messages based on what's in their "header." If, for example, the destination address is friend@public.com, common in spam headers, the message can be rejected.
And to prevent spammers from hiding their connection information, if the place where this is done - the HELO/EHLO parameter - exceeds a certain size, the message can again be turned away.
Some of these features are already available in Sendmail, but the new version activates them by default in an effort to make them more commonplace around the Net.
The impact of the software is potentially significant. A survey on the Web shows Sendmail software running on 76 percent of Web servers; the company calls it the de facto standard for email transfer on the Internet. If many Sendmail sites deploy the new techniques, spammers could start to feel the impact.
Sendmail said that spam management has been foremost in the minds of its customers, and its development team spent extra time on building in more effective anti-spam features.
Sendmail is bundled into software shipped with Sun Microsystems and Hewlett-Packard server hardware, and its source code is distributed freely via the Internet.
A Microsoft spokeswoman noted that the upcoming version of the company's Outlook Express email client will have built-in spam filters - looking for example, for keywords in the subject lines of incoming messages - but acknowledged that this is only an end-point solution.
