Is email really dying?
A week ago SAP Ventures launched our first public web presence, and on it were contact email addresses for our entire team. Shortly afterward we began to notice an uptick in spam and virus/worms coming to us, to which I give credit to email harvesting worms trolling the web. Personally, I'm kind of used to it as I get about 150 spam messages a day on as a normal course of my day. Fortunately, we use MailFrontier and it does a pretty damn good job of filtering out the ubiquitous penis/breast enlargement, viagra, get-out-of-debt, and the ever present emails from the guy in Nigeria who's willing to give me 50% of the take for getting the $15m deposited in a Bank in the Netherlands. Surpisingly, MailFontier does not do much for the stream of Paypal scam mails, and viruses/worms, but we have a server-based solution that does that.
Ross does a good job of highlighting some of the challenges facing enterprise users with email:
http://ross.typepad.com/blog/2003/08/email_is_dead.html
This morning there was a series of urgent emails from SAP support about a virus email going around that mimicks internal mail from SAP Support to trick you into opening an attachment, the now widely known BAGEL.J worm (who names these things?). Our email servers are now restricting not only the size of the attachments it will pass through, but the kind of attachments (anyone attempting to send me a ZIP file, forget about it).
Blacklists and challenge-reponse mechanisms have obvious shortcomings, see below
http://www.windley.com/2004/03/02.html#a1068
Some talk about using Waste to move messages instead of files... interesting, but it's a big leap to actually getting there on the scale that email is currently at (of course, if you took out Spam, global email volume would be half the size it currently is!)
http://grazzy.mjoelkbar.net/waste/
Some people will talk about RSS being a possible replacement for email. This, quite honestly, I do not understand, all it really seems to do is say that we should use XML for message formats. There is nothing about attachments that would change and they pose the problem. I suppose RSS would expedite the handling of spam, but the spammers have proven pretty adept at getting around any technical roadblocks.
http://www.plaidworks.com/chuqui/blog/000761.html
http://www.pcworld.com/news/article/0,aid,111784,00.asp
Instant messaging? Forget it, the shelf life of an IM is non-existant, attachments pose the same problem, and IM systems don't interoperate. Plus, people couldn't use IM as a virtual filing cabinet, like they do with email.
The analogy to airport security is appropriate, if you want to make airports fully accessible and efficient you would remove all security, but if you want to offer the highest level of security possible you would lock down airports and strip search everyone going through them. Email is not unlike this, but unlike airports where the choice really isn't one, email systems face an increasingly bewildering array of threats and solutions, all of which beg the question of whether email has lost it's value and become useless. I mean, when you think about it, not only is most of the email I get on a daily basis spam, but the stuff that does get through has to run a gauntlet of filters whose job it is to reduce the possible risk the messages pose, regardless of the value they may have. In short, we're locking down the system and strip searching everything that comes through. Of course, really locking down the system would mean running email in a hard sandbox, insofar as the virus/worm problem is concerned. Maybe that's not a bad idea.
I have found mailwasher amazingly affective at showing viral attachments and removing junk mail. It is very fast even with hundreds of emails. Another good reason for using it is that it shows you the current amount of mail saved on your server.
Posted by: Geoff | Mar 04, 2004 at 01:19 AM
Is it possible to get an ISP Address virus that duplicates your IP and/or ISP Address and sends e-mails using your IP and/or ISP Address(with it attached, so it can be traced as the source?)? Recently I've been getting e-mails from people whom I know would NOT send me these types of e-
mails. I've even gotten e-mails with my name and e-mail address in the "Sender" line. A friend's e-mail has just been discontinued because of alleged SPAM. She swears she didn't do it, but her IP and/or ISP Address was traced to the source. How could this have happened? I don't know if it makes any difference, but she sent an e-mail to her own e-mail account containing a report for school. Does this have any effect on the situation? Any help would be greatly
appreciated.
Thank you,
Mattie
Posted by: Mattie | Jan 22, 2005 at 07:18 AM
I'm not an expert on this, but I do know that SMTP mail can be spoofed pretty easily with anything in any of the fields.
Posted by: jeff | Jan 22, 2005 at 11:50 AM