Unwanted e-mail: Help is on the way from ITSS

BY BARBARA PALMER

Toner cartridges at rock-bottom prices. Fabulous deals on mortgage refinancing. Pleas for help from Nigerian lawyers, cryptic offers for "hypoxic training" and invitations that might make you blush, if you ever bothered to open them.

Every day Stanford electronic mailboxes are flooded with thousands of unsolicited bulk e-mail messages, more commonly known as spam. Of 500,000 e-mail messages received on campus each day, an estimated 35 percent are spam, said Xueshan Feng, technical manager for Information Technology Systems and Services (ITSS).

Help could be on the way, via a filtering software program currently being tested by 5,500 campus users, said Feng, who has led a months-long search for a solution to the problem of proliferating spam on campus. ITSS hopes to expand the program to include all users by the end of the year, she said.

The program won't stop spam messages from being sent to campus mailboxes, but it gives users a way to manage them. The program, called PerlMx, scans incoming e-mail for keywords and patterns common to spam and also checks messages against a database of messages known to be spam. (The software is fully automated; no human monitors the contents of an individual's e-mail inbox, Feng said.)

The software then tags each suspect message with the word "spam" and a rating that uses the keyboard pound sign character -- the more spam-like components a message has, the more pound signs. Recipients then can use filtering functions built into e-mail programs like Eudora and Outlook to redirect and sort tagged messages into a separate mailbox, where they can be quickly scanned and deleted.

Spam messages, which have doubled at Stanford in the last 12 months, are mushrooming everywhere, said Cedric Bennett, ITSS director of information security services since early this year. No one has been able to say exactly why spam is exploding, he said, but "there's almost no reason for [bulk mail senders] not to do it." There is very little cost associated with electronic bulk mail solicitations and the few laws against spam that exist are rarely enforced, he said.

While it's awkward for an institution with a reputation for technological innovation such as Stanford to receive so much unwanted e-mail, there are inherent problems with using a centralized method to weed it out. "What's spam to me might not be spam to everybody else," he said. And blocking e-mail messages addressed to a campus account user potentially could infringe on an individual's academic freedom or privacy, he said.

Until February 2002, employees could forward spam to a special campus "junkmail" address, where ITSS employees would try to stop spam by contacting Internet service providers that routed the offending messages to Stanford servers. "It just was not working," Bennett said of the efforts.

Requests to Internet service providers were routinely ignored, and cutting off Internet service providers known to have sent spammed messages wasn't a viable option either, he said. That might cut off an individual spammer, but it could block other, legitimate messages as well, he said. By the time the efforts to contact Internet service provides were suspended last February, ITSS was receiving 800 spam complaints a day, he said.

Doing nothing about spam really isn't an option, Bennett said. As spam piles up, so does the cost to the university in lost productivity, as employees spend time deleting unwanted messages. A widely used estimate for the cost of spam to employers is $1 per message, Feng said. "It's not just an annoyance anymore; it's a real problem," Bennett said.

The PerlMx filtering software isn't a perfect solution, Feng said. Some messages, particularly those containing financial information, can be labeled spam yet be legitimate messages, she said. There is no easy way for individuals to opt in or out of the filtering software, she said.

Virus protection software has been installed at "gateway" processors, where there is not enough capacity to scan for viruses and filter for spam at the same time, Feng said. E-mail is tagged as possibly spam once messages are sent to mail servers and as a result, e-mail forwarded to other accounts won't be filtered.

Even so, the filtering software has been judged a success, Feng said. Of 5,500 campus users who have been testing the software since October, she's had only a few complaints.

One user complained that the filtering tags made other anti-spam software ineffective, since the addition of tags alters the content of messages. The other complaint came from a user whose Costco bill and other commercial messages were being tagged as spam, Feng said.

She's also gotten a lot of positive feedback from users pleased to no longer have to wade through a sea of spam to retrieve their e-mail, Feng said. Not a deluge, "but people don't say anything when something works," she said.

More information about spam at Stanford and the filtering software can be found at http://email.stanford.edu/antispam.html.