Victor's Blog about the Web, Security and Life

The web for me is a hobby where standards and best practices are daily bread. Security is a concern that everybody must be aware of its details for IT in general, and the web in particular, to be a safer place. My life, on the other hand, is that of a regular Lebanese citizen where politics and social issues are discussed on a daily basis. I hope you enjoy reading my blog and make sure to drop me a comment about any topic you find interesting.

RSS: A Spam Killer!

Printable Version

victor | 18 May, 2005 08:26

RSS (Real Simple Syndicate) is becoming, day after day, a hot Internet topic for end-users websites. Despite the hard-luck that RSS faced during its early "childhood" when different formats from different providers messed up the daily developer life, RSS 2.0 promises to be a standard corner stone for future RSS improvements.

SPAM, on the other hand, a major topic of controversy among commercial companies, is still a topic that the majority dislikes while the minority still uses and pays for. SPAM is when you receive unwanted email from somone that you don't know and that you didn't even ask to receive email messages from.

In this article, we describe how RSS can be used to fight SPAM by providing examples for the major sources of SPAM and how these sources can be fighted by adopting RSS technology.
How Did Spam Start in the First Place?

Spam has its roots in the technical-ignorance of Internet users and in their incapability to forsee privacy mines on the Internet.

When a user visits a website and fills a contact form, he/she must provide an email address to be contacted back. In this scenario, the email address is a requirement. Other forms, such as registration to download software, require an email address although it won't be used at any point during the download process. Some websites use the email address provided to verify the identity of the users but many websites simply don't.

Another scenario is when a user subscribes to a newsletter. In this scenario, the user must fill a form and must provide an email address to receive the newsletter. Checkboxes are common in these pages and usually ask the user to specify whether he/she would like to receive messages from affiliate partners. When filling the form, the user is usually in need for the product and the normal reaction towards this type of checkboxes is "Why not?" so the box is checked (if not checked by default) and the user submits his email address which ends up in many cases delivered to third party affiliate programs who pay to get this database of email addresses.

Another source for spammers is public directories such as Microsoft's Hotmail Directory that provides the email addresses for the public. This type of directories can be scanned using robots or spiders and email addresses are collected in minutes. This type of directories can be protected from spammers by removing the email address from the public page and replacing it with a contact form.

Another interesting source for spammers is Domain Name Registries such as GoDaddy and Verisign. These directories can also be scanned for email addresses of domain name owners and these email addresses end up collected and used by spammers. This has already been protected from email spiders by some domain name registries using other technologies such as image authentication (where a user must type the text he sees in the image). Other registries allow domain name owners to hide their contact information.

Although the majority of websites use collected email addresses in an ethical manner, these emails end up being used by a minority of the Internet community for spam purposes regardless the method used to collect these emails.


How Does RSS Help Fight Spam?

RSS attacks SPAM at its core by allowing users to subscribe for news without providing an email address. All a user is requested to do is to subscribe to the RSS Feed using his/her own reader (such as FeedReader) or browser (such as Mozilla). Once subscribed, the reader will retrieve news feeds anonymously and deliver them to the user in a timely manner.

RSS provides many other advantages listed below that are not related to SPAM directly:
  • RSS Normalizes Network Bandwidth Usage. Spammers send out newsletters to thousands of subscribes at once. Thus, a mass mailing system usually clogs the network for hours while the spam mail is being sent. RSS, on the other hand, retrieves the news feed when the RSS Reader starts up. Thus, the network usage is distributed over the day instead of being clogged in 1-2 hours.
  • RSS increases the View/User Ratio. RSS users must explicitly (and manually) subscribe to the news feed. Normally, a user will subscribe to feeds that he/she is really interested in reading and, thus, there is a high probability that this user will read the news that are retrieved by the reader. SPAM, on the other hand, is sent to all users regardless of its content. Thousands of SPAM messages are sent while only a minority of receivers actually read the message.
  • RSS Eliminates Quota Problems for Users. RSS is retrieved when needed and is stored on the user's PC directly if required. SPAM on the other hand is sent to email accounts that are usually associated with a certain disk quota. This causes many users to go over their quota due to the huge number of spam emails that they receive daily.

Is This All?

Encouraging the usage of RSS is not by itself sufficient to prevent spam since an already spammed email addresses will continue to be so. Once RSS is extensively used and all newsletter services are provided in RSS format, email users can simply change their email address once-for-all without subscribing to any email newsletters or public email news provider. The result will be a new email address with a high probability of remaining spam-free.


Conclusion

Although RSS's main intent is to distribute data in a standard format, its benefits towards fighting spam are obvious and numerious. Thus, RSS must be encouraged by the Internet community to fight SPAM. Once achieved, users can simply change their email address once and can rest assured that SPAM will not be their daily talk during coffee breaks!

Web | Next | Previous | Comments (4) | Trackbacks (0)

Related Articles:

Comments

RSS... Good!?

Paul-Marc Bougharios | 04/11/2005, 06:37

I think that RSS is promising quite too much. We all know that SPAM is not good, even spammers do... That's y they keep doing it :P. Having only RSS, whole communication systems would have to change (which is good), but to an untested broadly standard... It will not obliterate SPAM, it will just deter it from its current path: from email accounts, to browser pages... Vix, help me on this one ;)!

Re: can I get a copy of Browser Client

Victor | 08/08/2005, 07:59

My website at UOttawa was recently redirected here and I am sitll in the process of moving all the files. Unfortunately, my private area files are not available here yet so I will have to dig out some of my old archives to get you a copy.

As soon as I do, I will create a new category under the Web category for this issue.

can I get a copy of Browser Client

Andy Nian | 03/08/2005, 09:43

Hi,

I am interested in your Browser Client, post in
http://www.site.uottawa.ca/~vsawma/http/
Can you give me a copy of complete ZIP file? This will help my school project. Thanks a lot.

Tom

Spam

Nicolas EL Mir | 02/06/2005, 15:52

01.06.2005 15:23:16

Spam may be a global problem but it's hurting Net users in developing countries more than their counterparts in industrialized nations, according to a new report by the Organization for Economic Cooperation and Development (OECD) in Paris.

Numerous underdeveloped countries, especially in Africa and Asia, lack the knowledge, technology and money to effectively combat the growing flow of junk e-mail over their domestic communication networks.

More info can be found at :

http://www.infoworld.com/article/05/05/30/HNspamhurts_1.html

Add comment
 
Accessible and Valid XHTML 1.0 Strict and CSS