Law unlikely spam remedy

Technology solutions rather than legal ones appear a more promising answer to New Zealand organisations' growing spam problem, users say.

Technology solutions rather than legal ones appear a more promising answer to New Zealand organisations’ growing spam problem, users say.

“Spam is definitely a problem,” says Transpower IT delivery manager Stephen Fox. “We have a third-party organisation maintain our firewall and we use MailSweeper and WebSweeper [from Clearswift] as well, for control of spam and other [undesirable] content.”

Transpower is currently working on improved heuristics — using trial and error — for detecting spam, Fox says.

“With some, we manage to trace the spam back to its source and stop it, and we have occasionally resorted to changing some of our email names.”

Certain common names plainly expressed seem particularly prone to being included in long spam lists. If the format or spelling is slightly altered, they are not such easy prey. But no system is impermeable.

“Whatever you do, there always seems to be a trickle of it that still gets through,” he says.

Maybe legal remedies would offer some hope if only as a deterrent, Fox says, but since spam comes from a wide range of countries, considerable international co-operation would be required.

“I doubt that it would work,” he says, “because of the sheer size of the problem. It’s like any other large-scale problem for law enforcement; you may catch one or two offenders but there will be a thousand to take their place.”

“Yes, we do get heaps [of spam],” says Matthew Dalton, CIO of law firm Phillips Fox. “We use TrendMicro’s VirusWall,” which incorporates a spam-detection facility. “Across our Australian and New Zealand operations, we stop about 3000 to 4000 messages a day, about 5% to 10% of our total mail traffic.” But despite that degree of screening, he estimates about half the spam still gets through.

Some three years ago, Phillips Fox changed its primary domain name from .co.nz and .com.au suffixes to .com, but about two-thirds of the spam still comes through to the old addresses, says Dalton, an indication of how old the information is that spammers use.

“I personally think putting laws in place would be awkward, and it probably wouldn’t catch many [spammers], because a lot of people have ways of shielding their identity. Spam identities pop up and disappear.”

A law could act as some deterrent and a signal that the practice is unacceptable, he says.

“But practically, we have to accept that if we want to work on an open network, there will be this kind of risk.”

Sarah Allison, IT manager at Hutt City Council, says “it’s not an issue” for that organisation. “We just don’t seem to get much spam,” she says.

It would be difficult to make laws that would work across international boundaries, she says, but, reminded that international enforcement has to some extent worked with the integrity of electronic transactions, pornography and defamation, she accepts the idea might bear some scrutiny.

Colin Wotherspoon, IS team leader at the Auckland Regional Council, says spam is not a big problem for his organisation. “We get a lot of unsolicited emails,” he says, but they are generally not “persistent” enough to be classed as spam.

ARC runs MailSweeper to filter out most of the spam and other undesirable content.

There would be “huge difficulty” in framing laws to deal with spam, he says. On being reminded of international action on pornography defamation and copyright, he concedes there are precedents. “But there’s not much law around [internationally] in the spam area.”

If a legislative solution is to be considered, there would be some merit in bundling all the issues of “nuisance” traffic with impact on the efficiency of organisations’ digital communications into one statute, he suggests.

We might be able to legislate “if there’s a will”, says Wotherspoon, but he senses spam is still “way down there” in the concern rankings, below pornography and below all the other questions that preoccupy IT managers and staff.

Spam's cost

Putting a price on spam is hard, but it is a substantial cost on the econony, says InternetNZ executive director Peter Macaulay. Macaulay spends 30 minutes a day dealing with it.

Computer Society Auckland spokesman Ian Mitchell reckons he has his spam round down to 20 minutes a day, but that 4% to 5% of wasted work is only the surface of the problem.

Mitchell’s 20 minutes is being repeated by the country’s professional working population, which numbers 40,000 in the IT industry alone.

A number of businesspeople maintain more than one address in an attempt to divert spam, and this has been known to confuse some e-commerce systems, leading to disruption of business.

Join the newsletter!

Error: Please check your email address.

Tags spam

More about ARCClearswift Asia PacificPhillips FoxPhillips FoxTechnology

Show Comments
[]