News Stay informed about the latest enterprise technology news and product updates.

Could a 'do not spam' list really stop spammers?

U.S. Sen. Charles Schumer has proposed a "do not spam" list to combat the waves of spam flooding inboxes every day. One privacy experts explains how the list would work, while a spammer attempts to toss a bucket of cold water on the whole idea.

The other week, Bill Blundon, co-founder and chief marketing officer of Extraprise, a Boston-based customer relationship management (CRM) service provider, found that his spam filter had intercepted an important e-mail from

Blundon was in the middle of moving his personal Web site to a new Web hosting company, and he needed a confirmation e-mail from to move forward. His spam filter blocked the message because it was machine generated.

"I waited a whole day for it, but it never came," he said.

The war on spam is becoming so severe that legitimate e-mail is getting caught in the crossfire. Thanks to today's spam-filtering technology, legitimate bulk e-mailers find it hard to get their messages through. Even if their e-mails do pass, some recipients may brand them as spam because inboxes are inundated with so much mail.

"I recommend to my clients not to use e-mail as a channel of communication for that reason," Blundon said. "Companies spend billions and billions [of dollars] advertising their brands, but a small thing like an e-mail [being interpreted as spam] can kill their brands very quickly."

A "do not spam" list, modeled after a similar list for telemarketers, is a tactic that Blundon and others see as a tool for helping to preserve e-mail as an effective means of communication. Sen. Charles Schumer (D-N.Y.) has proposed just such a list. It would levy fines and possibly impose jail sentences on offenders.

A "do not spam" list will pose some different challenges than the telemarketing list, which is administered by the Federal Trade Commission. "It wouldn't work as well as the telemarketing list," said Vincent Schiavone, CEO of the ePrivacy Group, Paoli, Pa.

Telephone communications are actually more secure than e-mail because it's easy to identify who is doing the calling, Schiavone said. A "do not spam" list won't directly impact the flow of shady spam that comes via open relays and from outside the United States. "But the indirect effect is you would be able to clamp down real hard with your filters because there would be much fewer false positives," he said.

E-mails from companies that abide by the "do not spam" list would sail right through, so recipients can use filters to stop all the other messages.

For such a scenario to work, e-mails would have to be marked so that recipients would know they are from companies that abide by the list. One way of doing this is using ePrivacy Group's Trusted Email Open Standard. The standard works by inserting small -- less than 1 KB -- digital certificates into the headers of e-mails. The certificates verify that messages come from the addresses they purport to come from.

This approach dovetails nicely with the idea of a "do not spam list" because it can also verify that the sender of an e-mail abides by the list, Schiavone said. The certificate can also provide other useful information, such as the purpose or description of the e-mail. And it provides a means to discipline companies who break the rules associated with the list, since digital certificates can be revoked, he said.

At least one self-described "spammer" doubts that such a list will fly. "If you put up a global-remove, and the government's backing it, one, you know darn good and well our government's going to take those addresses and put them [to] use for something," said Ron Scelson, who runs Slidell, La.-based Scelson Online Marketing. Second, it's unfair for everyone to pay via taxes for a "do not spam" list, he said.

"But if it is done that way, I have no problem using those removes and cleaning them out of my list," he said. "Why send mail to people who are not going to purchase or get your products? Why advertise to those people? So for me, it's more profitable to remove the people that don't want it."

Dig Deeper on Email and Messaging Threats-Information Security Threats

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.