Under the Filter

While most of the current tech-related news regarding ISP content-filtering centers on a certain other protocol, ISP-based SMTP filtering is an issue lurking in the shadows that I feel should be given more critical thought, especially given the potential effect it could have on The War on Spam (TWoS). Before many of you start screaming about privacy issues and other possible personal rights infringements (in which you would be fully justified, of course), let’s put that aside for the moment and consider the more immediate pros and cons of such an arrangement.

Unsolicited email has been around nearly as long as the concept of ‘email’ itself, and people have gone to extraordinary lengths to design web and software-based solutions for intercepting said spam, utilizing mathematics based on Bayesian statistical classification. For the most part, they actually work remarkably well; I can barely recall the last time I’ve had to manually delete spam email from my work and/or Gmail account inbox. Heck, my current spam filter could probably beat me in a game of chess.

However, most current anti-spam solutions are invoked only upon the reception of an email (ingress based filtering), placing the responsibility of spam filtering squarely on the shoulders of the recipient, rather than the sender (egress based filtering). A virtual bottleneck thus ensues, whereby your email client (desktop or web-based) must protect you from the never-relenting onslaught of little blue pill adds and Nigerian princes who want to give you a piece of their fortune, both of which have become quite prolific in the past several years.

A recent discussion thread on The Usenix Special Interest Group for Sysadmins (SAGE) has revived some interest in the concept of ISP-based outbound SMTP filtering, whereby the service provider could perform their own spam-filtering duties on outgoing emails, thus preventing a large chunk of junk mail from being distributed in the first place. While there are several political, technological and economical issues that would need to be resolved in order for any of this to ever become effective (see the discussion thread for insightful commentary on all of these topics), it would be difficult to argue that the two-pronged approach would be less effective than ingress-based filtering alone.

Until more ISPs are convinced that by implementing outbound SMTP filtering they would be saving more money than spending, however, I’ll continue to think of my inbound spam filters like the Spartans at the Battle of Thermopylae - they’re quite good at doing their job, but inevitably they will be overwhelmed by the sheer number of their enemies.

You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.