CHICAGO – In this interview, international expert Michael Muth speaks with Lih Tah Wong of Computer Mail Services (CMS) about e-mail filtering, blacklisting and whitelisting.

Troy, Mich.-based CMS develops messaging products for corporate, educational and non-profit environments and programs around the world. Listen to the interview here.

Michael Muth: How do e-mail filtering solutions differ?
Lih Tah Wong: They come in three different shapes. Outsourced services are set up so what arrives on your e-mail servers has already been filtered. Others offer hardware appliances and your server gets the filtered results. There are also software-based solutions.

MM: What are the advantages and disadvantages of each?
LTW: Outsourced services are simpler because the company doesn’t see all the junk messages. You get the net result and less traffic. For appliances, you get a box and you install it on your premises.

Some companies are more sensitive about outsourced services when another company sees its e-mail messages. Privacy and security come in. You really don’t have control over your messages. If you have message-retention policies, you don’t know how long they hold onto them.

None of these filters will be 100 percent accurate. While that’s the goal, there will be false positives you’ll have to retrieve. Sensitive information might not be under your control on other servers. Pricing tends to be more expensive on a per-user basis for services rather than products.

MM: What’s the difference between filtering and blacklisting?
LTW: Filtering is broader coverage. Blacklisting is just one filter. One is based on the property of the mail server itself (its IP address).

You can use DNS server-based blacklisting of servers known to be sending spam. Your server will throw away those messages. Others are based on the sending addresses. They aren’t reliable because many of those sender addresses are forged.

MM: Why doesn’t filtering by language work?
LTW: We’re based in the US. Much spam comes from other countries. Spammers send messages in English from China, Russia, etc. They target us in our own language.

MM: When is scanning by country of origin appropriate?
LTW: Even global companies perform filtering in one sense or another.

Global companies have regionally specific Web sites in different languages. When visiting those sites, they know where you’re coming from and they redirect you to a server close by. The purpose is not for eliminating e-mail. It’s appropriately redirecting traffic for that region of the world.

To eliminate spam, larger companies don’t want to filter based on IP addresses because they don’t know where it’s originating from and if it’s valid. Requests for information typically start from a Web site form so this filtering doesn’t come into play because messages originate from your Web server.

MM: Should smaller firms pursuing country markets filter by country as well?
LTW: Small companies have schedules for when they’re going to enter specific markets. They’re not going to go after all 240 countries throughout the world all at once. It makes more sense to look to filter everywhere else than where they’re targeting.

That will cut down on a lot of illegitimate traffic. While the U.S. is still the single largest source of spam at 20 percent, it’s getting smaller. China, Portugal and Brazil are already in the double digits. Many spammers have moved outside the U.S. because of the laws we’ve passed. The U.S. still spews out so much because many home PCs have been compromised.

MM: If the U.S. is the single-largest spam originator, should we filter U.S. e-mail?
LTW: Foreign customers in the United Kingdom and Spain filter out U.S. addresses. You can put in exceptions and whitelist addresses.

MM: How can we separate opportunity from danger in fast-growing economies?
LTW: These countries have a lot of spam activities going on and are the fastest-growing spammers.

Their laws haven’t kept up with ours. There are two techniques that offer solutions. Contact is initiated via the Web site so e-mail originates from your own Web server. Whitelisting your specific trading partners is the second option.

MM: Will other countries implement a CAN-SPAM act?
LTW: Australia will have one with even more teeth soon. CAN-SPAM has worked only mildly.

It has codified what spam is, so if there are instances that conform, they can be taken to court. High-profile spammers have paid fines and have done time in jail. Now people know what’s against the law and what’s not so people know what they can do and what they cannot. There are lots of ways to skirt the law. There is still an economic benefit to spamming.

Spam is cheap, so even if only a small percentage of spammers are successful, spam will continue to flourish. It’s a constant battle. Legal enforcement is part of the solution. There’s an effort in Europe. A lot of the developing countries have other issues and they don’t have the resources to dedicate to these kinds of things.

More advanced countries will have something on the books in the next five to 10 years. While the third world might see something in the next 20 years, that won’t be that helpful in the future. What we have now is not a complete solution. Compromised machine owners don’t know their machines are infected. Most of the army bots are personal PCs at home.

If you visit an infected Web page, you can get infected today. The ISPs don’t do much.

It’s hard for them because they have tens of thousands of customers. They can detect when there’s a surge of e-mail coming from a specific machine and shut it down. Verizon will actually block you and put up a page on your screen that you’ve been compromised. Hopefully ISPs will get more involved and contribute to solving the problem.

MM: Anything else about e-mail filtering and blacklisting?
LTW: Small and big firms are suffering from denial-of-service attacks in a flood of non-deliverable messages. A customer comes to us when seeing a deluge of traffic to the point it takes hours for messages to be delivered properly. A small site had almost 2 million messages in a 24-hour period. Almost 1.9 million were non-deliverable. They were a victim.

Customer “A” is getting messages sent to fictitious addresses in its domain from fictitious addresses in the domain of customer “B”. Company “A” doesn’t have those e-mail addresses and they are sent back in a non-deliverable report. Company “B” is getting a flood of non-deliverable messages. How do you filter that? They’re not coming from one IP address. They’re coming from thousands of of IP addresses.

It gets to the point where the mail server has to figure out what to do. They still have to process these messages to decide what to do with them. It’s just like a denial-of-service attack on a Web site, but on e-mail. These companies don’t have solutions for these kinds of attacks. Their own mail servers send out these non-deliverable messages.

You have to make sure when you type in addresses by hand for the first time that it’s correct. I’m afraid this kind of issue is going to start happening much more frequently. Yes, I’d like to see some form of accounting for these things, but micropayments would be another headache.

What authorities would manage it? Money in accounts creates problems. There will be ID theft to raid those accounts. Be proactive. Be vigilant. Educate your users not to click on any link you see. I won’t even click on hallmark electronic greetings from relatives. They can call me instead.

Michael Muth is managing director of GATA, an international business development consultancy that helps technology companies build international partnerships. He can be reached at muth@midwestbusiness.com.
Click here for Muth’s full biography.

Previous Columns in 2007:
Q&A: World Trade Center Illinois Chairman Neil F. Hartigan, Director Bilal Ozer (3/3/2009)
Recession: International Causes, Effects of Today’s Global Financial Crisis (1/19/2009)
Q&A: Ex-Chicago Tribune, ‘Caught in the Middle’ Writer Richard Longworth (1/5/2009)
Q&A: Midwest Regional Director Michael E. Howard of Export-Import Bank (6/17/2008)
Q&A: Intetics Managing Partner Alex Golod on Belarusian Economy (4/15/2008)
Q&A: Intetics Managing Partner Alex Golod on Protecting Intellectual Property (4/9/2008)
Q&A: Intetics Partner Alex Golod on Being a Jack of All Trades (3/31/2008)
Q&A: Motorola WiMAX Director Tom Mitoraj on Unstoppable Freight Train (11/26/2007)
Q&A: Motorola WiMAX Director Tom Mitoraj on Global WiMAX Differences (11/20/2007)
Q&A: Motorola WiMAX Director Tom Mitoraj on Widespread WiMAX Growth (11/12/2007)
Q&A: InterPro Translation CEO Ralph Strozza on Translation Tools, Costs (9/18/2007)
Q&A: InterPro Translation CEO Ralph Strozza on Globalization, Translation (9/11/2007)
Q&A: InterPro Translation CEO Ralph Strozza on Intercultural Translation Issues (8/7/2007)
Q&A: Madison Capital Partners CEO Larry W. Gies on Specific Country Issues (7/10/2007)
Q&A: Madison Capital Partners CEO Larry W. Gies Jr. on Cultural Differences (6/26/2007)
Q&A: Madison Capital Partners CEO Larry Gies on International Private Equity (6/11/2007)
Q&A: Scott H. Lang of S.H. Lang & Co. in Chicago on Foreign Deal Making (5/15/2007)
Q&A: Scott H. Lang of S.H. Lang & Co. in Chicago on Middle-Market M&A (5/8/2007)
Q&A: Scott H. Lang of S.H. Lang & Co. in Chicago on Middle-Market Firms (4/24/2007)
Q&A: George Filley of NAVTEQ in Chicago on Data Localization, Reach (3/27/2007)
Q&A: George Filley of NAVTEQ in Chicago on Partners, Personal Privacy (3/20/2007)
Q&A: George Filley of NAVTEQ in Chicago on Digital Mapping (3/7/2007)
Click for 2006 column archive.
Click for 2005 column archive.
Click for 2004 column archive.

E-Mail This Article to a Friend or Colleague
View This Article in Printer-Friendly Format