Spam is Bad

“Completely rids your in-box of spam”? “Eliminate almost all junk e-mail messages”? Those sound like the kind of too-good-to-be-true claims you might expect to see in, say, a new piece of junk e-mail.

But several Internet providers are making this pitch in all seriousness. They might even succeed, but not without forcing major changes in how e-mail works.

This “challenge-response” spam protection departs from previous spam blocking. Instead of assuming that most e-mail is benign, then trying to screen the junk, challenge-response assumes mail from strangers is probably spam. Unknown senders then have to prove that they’re not automated spam relays by passing a simple test on a Web page.

Think of it as the difference between traveling within the United States, unless you’re on a wanted list, the odds are nobody will stop you, and traveling overseas, where you may not necessarily clear passport control. Challenge-response is the “your papers, please” approach to mail reception.

But it works. Spam sent from throwaway or bogus return addresses automatically disappears into the challenge-response trap, since there’s no return address to answer the “prove you’re human” challenge. Even if an actual person sent out the junk mail, only an exceptionally dedicated spammer would fill out a separate challenge-response form for every recipient.

Human senders who authenticate themselves, however, see their messages go through as before.

We tested the offerings of two of the best-known challenge-response systems, and found many kinks left in the system, especially with user-friendliness.

Mailblocks charges $9.95 a year for its mail service, and EarthLink this month began offering challenge-response filtering to its roughly 5 million subscribers.

There were difficulties in start-up, but when sent mail from each test account to the other, both systems worked well: Mailblocks and EarthLink obligingly fired off challenge replies to these test messages.

Several things can go awry in this process. People without Web access can’t reach a challenge Web page, and blind or visually impaired senders can’t get past one.

The stickiest situations involve mail sent by automated programs to willing recipients: mailing lists and legitimate, marketing e-mail.

There have never been any easy cures for spam, and challenge-response isn’t going to be one, either.

For a review on Mailwasher see Dot Com Norteast Wisconsin’s Internet Monthly

New anti-spam program worth a try.

Most anti-spam programs take the form of add-ons to your normal e-mail program or service. And most rely on filtering, the effort to guess, usually imperfectly, which e-mails you receive are spam and which are legitimate.

But I’ve been testing an anti-spam system that takes a better approach. It’s a complete e-mail service that has anti-spam intelligence built right in. Instead of filtering, it uses a far more effective method that stops 100 percent of mass-mailed spam.

The program is called Mailblocks, and despite a few downsides, I like it a lot. It’s aimed at consumers and small businesses, and doesn’t work with corporate e-mail. But it has lots of sophisticated features, and can consolidate all of your e-mail accounts – even AOL accounts – into a single in-box.

Mailblocks is a Web-based e-mail service, like Yahoo Mail or Hotmail, that works on both Windows and Macintosh computers. But it is slicker and cleaner than Yahoo or Hotmail, with a very good, uncluttered interface that responds to commands quickly.

The service is inexpensive. A free version, which has ads, gives you 5 megabytes of message storage and a Mailblocks e-mail address. For $9.95 a year – that’s a year, not a month – you get 15 megabytes of storage, an ad-free screen, a Mailblocks e-mail address and the power to consolidate other e-mail accounts. For $24.95 a year, you get all of that and 100 megabytes of storage. On Hotmail or Yahoo, 100 megabytes of storage costs more than twice as much, and you get less effective spam protection and have to look at ads.

Mailblocks also allows you to send e-mail attachments of up to 6 megabytes each, a generous limit that’s enough for multiple high-resolution photos. And if you don’t like having the clumsy word “mailblocks.com” in your e-mail address, you can choose from 19 alternatives.

You can divert e-mail from up to 10 of your current e-mail accounts to Mailblocks, and Mailblocks will apply its antispam system to all, including popular services like EarthLink, AOL, MSN, Yahoo Mail and Hotmail. You can also import address books from other programs.

Mailblocks uses a spam-control system called challenge/response. It’s designed to stop all e-mail from the automated mass-mailing programs spammers use, while letting in e-mail from humans. Here’s how it works.

All e-mail you receive from people in your address book is passed directly to your Mailblocks in-box. If any are sent to you from addresses not in your address book, they are met by an automatically generated “challenge” e-mail that asks the sender to copy a randomly generated number into a box. These e-mails go into a special Pending folder while awaiting a response.

If the sender copies the number correctly, the e-mail is moved to your in-box, and the address is added to your address book. Mailblocks will also add the sender to a master list, so he or she will never be challenged again.

If the sender doesn’t respond correctly to the challenge within 14 days, the e-mail will be deleted from the Pending folder.

All automated spam systems will fail this test, either because they can’t copy the number, or because they use false return addresses. Only human senders with genuine return addresses can pass the challenge.

Walter Mossberg writes about personal technology for The Wall Street Journal. Copies of his columns are available at http://ptech.wsj.com.

We have received several calls about faxes sent from Internet Corporation Listings Service. The faxes appear to be an invoice for search engine listing services.

These faxes are scams! The invoice format is designed to capture attention from the recipient, who in turn thinks they must submit payment for the service. The fine print on the “invoice” reads “This is not a bill, invoice or statement of account due. You are under no obligation to make a
payment, unless you accept this offer.”

If you receive a fax from ICLS.net, you SHOULD report it to the FTC. We have reported the scam to the Federal Trade Commission through this website, it is easy, and you should do the same!