Like most businesses, the Technology Strategists email gets deluged with solicitations for loans, medications, invitations to public displays of private acts and so forth.  At least 100 a day per username with bonus quantities on weekends is the current sludge flow.  This sometimes makes it difficult to use email as a tool of legitimate business communications. It certainly has been an issue around the continued existence of the Technology Strategists newsletter. Since inception, issues have been regularly posted on the web, but only occasionally distributed to clients via email.

Initially, Technology Strategists relied on Outlook rules that checked for key phases -- this proved ineffective, especially with mail that disguised the message with base64 encoding.  Noticing that many messages came from similar IP addresses, a local black hole list was setup -- and all mail from those sites was automatically discarded by Exchange. This was better, but still fairly ineffective. As the tide of SPAM increased, a more sophisticated approach was sought to diminish the clutter.

The current email/website ISP offers SpamAssassin as an email filter service.  It had originally been planned to run this utility on our Linux machine as a pre-filter to Exchange, but this does not appear necessary at present.  Spamassassin preprocesses mail going into our inbound pop3 mailboxes. The Spamassassin filter uses a combination of sophisticated message analysis, address history analysis and list checks to determine if a message is probably SPAM.  The extent of checking is adjustable -- right now the mailbox is filtered at the 70% level, so some garbage comes through. The subject line is altered to add a warning and the analysis report is added to the message body.  The distinctive subject line tag makes it very easy to use an Outlook rule to move all the tagged messages into a separate folder.  Overall, this has been a much more effective means to launder in-bound email than Outlook/Exchange keyword scans or local black hole lists.

The downside of spam filtering is that all the analysis does sometimes catch legitimate email -- especially if the more decorative html styles are used. So it is necessary to scan the days' collection before deleting it -- every so often something important gets tagged. With most senders, adding their email addresses to the built-in white list is sufficient to get through un-tagged. But amusingly, the email newsletter that Technology Strategists sends out still gets tagged, even though it is on the ok list. The generated report for this distribution is:

SPAM: -------------------- Start SpamAssassin results ----------------------
SPAM: This mail is probably spam. The original message has been altered
SPAM: so you can recognise or block similar unwanted mail in future.
SPAM: See http://spamassassin.org/tag/ for more details.
SPAM:
SPAM: Content analysis details: (6.70 hits, 4 required)
SPAM: SUBJECT_IS_NEWS (-0.6 points) Subject contains newsletter header (news)
SPAM: DEAR_SOMEBODY (0.1 points) BODY: Contains 'Dear Somebody'
SPAM: SPAM_PHRASE_03_05 (1.1 points) BODY: Spam phrases score is 03 to 05 (medium)
SPAM: [score: 4]
SPAM: BIG_FONT (0.3 points) BODY: FONT Size +2 and up or 3 and up
SPAM: HTML_FONT_COLOR_RED (0.3 points) BODY: HTML font color is red
SPAM: WEB_BUGS (0.2 points) BODY: Image tag with an ID code to identify you
SPAM: MAILTO_LINK (0.2 points) BODY: Includes a URL link to send an email
SPAM: HTTP_WITH_EMAIL_IN_URL (0.3 points) URI: 'remove' URL contains an email address
SPAM: UNSUB_PAGE (0.1 points) URI: URL of page called "unsubscribe"
SPAM: FROM_AND_TO_SAME_5 (1.3 points) From and To are same (5)
SPAM: RCVD_IN_OSIRUSOFT_COM (0.4 points) RBL: Received via a relay in relays.osirusoft.com
SPAM: [RBL check: found 115.135.251.63.relays.osirusoft.com., type: 127.0.0.4]
SPAM: X_OSIRU_SPAM_SRC (2.7 points) RBL: DNSBL: sender is Confirmed Spam Source
SPAM: AWL (0.3 points) AWL: Auto-whitelist adjustment
SPAM:
SPAM: -------------------- End of SpamAssassin results ---------------------

Looking at the report, one can see that newsletters must be a real irritation to some people.  The phrase 'news', mailto address and unsubscribe/remove tags are all viewed as negatives. Hopefully, the ones that are on our mailing list will take themselves off when we become a nuisance. The embedded web bug also attracts attention -- this is how the new service tracks the user -- and simplifies profile management for them, no password is required. The 'from and to' is unique to Technology Strategists -- we get copied on all mailings, as a quality control measure. And the sender IP address is in one of the global black lists -- in fact, almost every mail distributor is in someone's black list. And interestingly, there is a small offset for sender being listed in the local white list.

This configuration has one other feature -- the ISP does not handle outbound mail. so cleverly written emails that try to trick the email processor into relaying fake outbound messages are stifled. The mail server recognizes the outbound request and traps it, providing a non-delivery report as proof of the attempt. Keeping Exchange from relaying this kind of junk mail was never very effective -- this multi-step approach is much more effective. Technology Strategists does not rely on an external provider for delivery of outbound mail.

Unfortunately, SPAM appears here to stay. There is undoubtedly too much money being made and it is unlikely that local legislation will ever really stem the tide. And it is obvious that SPAM authors are working hard at formatting their messages to get past the filters. And there are also vendors who, for a fee, will sell the right to use an identifier that has been coded into a number of spam filters, including Spamassassin -- allowing the message to slip through the filter unchallenged.  All of this does, however, make it more difficult for businesses to use email as a means to communicate with present and future clients.