CAUCE

There are several initiatives in progress to help with this growing problem, these include;

• Email authentication and reputation services
• ISP filtering of inbound and outbound email, port 25 (mail transport service) blocking
• The Messaging Anti-Abuse Working Group (MAAWG) has ISPs, anti-spam solutions and Large Commercial email marketers working together to build best practices and share information on spam issues.

If every piece of spam had a tag or a label (such as "ADV:") in the subject line, it might be easier to delete, but does that save you the time and money downloading the spam in the first place?

What if you make a long-distance call (as many millions of Americans do) or pay per-minute or per-kilobyte charges (as much of the world, and most users of wireless services do) to receive your email? Unfortunately, filtering on ADV doesn't save anything.

This is also verified by the United States Federal Trade Commission's conclusions, that tags like ADV would materially help consumers or ISPs to block unwanted commercial e-mail or to segregate commercial e-mail from other e-mail messages.

Just filter it at the ISP level, you say? Unfortunately, the way email works, email servers have to receive an email in its entirety before it's possible to scan the message looking for ADV in the subject line. More importantly, adding such filtering capability requires additional server capacity; if you double or triple the number of server actions needed to process an email message, you increase the amount of resources consumed by that message. So as the volume of spam continues to increase, even deleting every message tagged with ADV will eventually require more and more bandwidth, more and more server capacity, and more and more money.

Which is better: No spam at all or 50 spams properly labelled for deletion? The answers to this question is why CAUCE believes that tags and labels are not a viable solution to the spam problem.

Recently, there have been a lot of unsolicited bounces from ISPs which are created due to the following chain of events:

1. Spammer uses an infected computer on an ISP network (zombie) to send spam
2. Spam is sent with a forged sender address (aka. From), that is not hosted by the users ISP.
3. Spam is rejected during delivery to recipient mail server and the receiving ISP mail server generates a bounce to the original, forged sender.

Here are some possible solutions to this problem (your ISP may need to be involved to manage these recomendations):

1. Use some form of authentication on your domain; SPF, Sender ID or Domain Keys Identified Mail.
   While these solutions will not solve the bounces coming into your network, but will help ISPs checking messages supporting these solutions determine if the original messages that they are receiving (and subsequently sending a bounce to you) are from your network.
2. Implement a solution like BATV for your own messages, to help determine legitimate bounces from your network, this allows you to ignore all bounces received that do not comply with your configuration.