If you want to see just how bad the problem of junk e-mail has become in the U.S., just open an account on America Online and register it in the services membership directory. My mother did that. A computer neophyte in her 70s, she registered with AOL primarily for its e-mail services, and for several years, AOL performed admirably well. But then, seemingly within a few months, her mailbox filled up with all kinds of unsolicited mail-and in such volume that she had a hard time locating the legitimate correspondence. The contents of this mail could charitably be described as trash. It fell generally into two categories-get rich quick schemes whose fraudulent nature was readily apparent ("You can earn $50,000 in just two months!!!!"), and pointers to pornographic websites ("GIRLS GIRLS GIRLS-Just Waiting to Perform for You!") The junk e-mailers even put ambiguous headers in the subject line: ("Haven't heard from you in a while") to make it sound as if the mail was coming from a friend.

None of this was AOL's fault. As the world's largest provider of e-mail services, AOL has made a juicy target for the junk e-mailers, who can "spam" out hundreds of thousands of e-mail addresses at virtually no cost. These days, the spam wars have gotten louder. Here in the U.S., the ranks of the spammers and anti-spammers are both growing. The fight is taking place on the Internet, in the U.S. courts, and in the press.

In a 1996 article I wrote on privacy for Software Design, a spokesman for the Direct Marketing Association in New York defended what he called "unsolicited e-mail" as a medium that deserved a trial period. "We need to see if marketers can use e-mail in a way that makes it an effective tool. If it doesn't win consumer confidence, if it angers consumers, then it defeats the purpose of the marketer. If we drive consumers away from the medium, the medium won't be valuable." Valuable, that is, to advertisers.

As it turned out, he was half right, half wrong, The practice of sending unsolicited e-mail in great bulk or sending advertisements indiscriminately to Usenet newsgroups-has become a hated phenomenon, so much so that legitimate advertisers are reluctant to participate. But many advertisers really don't care about that because they have no reputation to protect. The bottom line for them is the number of replies they get. As with any direct mail scheme, if even a small percentage of the mailings result in "hits," the effort is a success. The difference with junk e-mail is that the cost of mailing is so low that there's virtually no risk for the advertiser, except, of course, the wrath of millions of recipients.

FTC: No scamming while you're spamming

Much of the anti-spamming effort in the U.S. has taken place on the legal front. While spamming is currently legal here, there are still rules governing its use. And that has opened the door for the anti-spamming faction to fight back.

Last February, for example, the U. S. Federal Trade Commission (FTC) and Postal Inspection Service put out a notice to junk e-mailers: "No scamming while you're spamming," which put more than a thousand junk e-mailers on notice it was monitoring mailings for fraudulent schemes-and tracking the senders. The FTC even set up an e-mail box, uce@ftc.gov, where citizens could forward suspect e-mail for review by the commission. That site has received about 500 e-mails a day. "Fraud promoters should think twice before plying their trade on the Internet," said Jody Bernstein, director of the FTC's Bureau of Consumer Protection, in a press release. "First, the FTC is on the Internet beat and will follow up with spam artists who don't clean up their correspondence. Second, many consumers are already on to them and know better than to believe promises from strangers."

In March, the FTC made good on its threat by suing Internet Business Broadcasting Inc. The FTC said that the defendant sold advertising space in the form of "billboards" on Internet newspapers. In spam messages, as well as on the site, it sought investors in these billboards. According to the FTC: "Internet Business Broadcasting claimed that purchasers could reasonably expect to sublease 25 percent of their billboard, realizing earnings between $240 - $800 per month; a return of 100.8 percent of their investment within the first year; and a full refund if the promised levels were not reached." But the FTC alleged that few purchasers actually achieved these earnings levels and the defendants did not provide a full refund.

"Therefore, the claims are false and misleading and violate federal law, according to the complaint." Two days after the FTC complaint, the company's website appeared to have been taken down.

The FTC noted that the largest category of fraudulent spam is an electronic version of a chain letter-an age-old pyramid scheme. In a chain letter, you are asked to put your name at the bottom, send money to the people at the top. The perpetrators and the early entrants profit. Those at the bottom, lose. Chain letters used to be sent by snail mail, and the Internet has amounted to a shot of adrenaline, putting chain letters in the hands of more people more quickly.

ISP Lawsuit--AOL in the lead

Some Internet service providers are also fighting back-sometimes with good results. America Online, the biggest target for spammers, has become the most visible ISP on the legal front. Last November, for example, AOL was granted a preliminary injunction when the company sued to stop Over-the-Air Equipment, Inc. from sending unsolicited e-mail to its members. AOL filed a suit under the Computer Fraud and Abuse Act and alleged the company used deceptive practices, "including falsifying e-mail transmission data, to avoid AOL's mail controls and to repeatedly transmit vast quantities of unsolicited e-mail to AOL members." AOL said that Over-the-Air Equipment also illegally copied an AOL trademark, thereby suggesting that Over-the-Air Equipment's web site had AOL's approval, and that the company "blatantly ignored AOL member requests to be removed from Over-the-Air Equipment's spamming lists. Ultimately, according to AOL, Over-the-Air Equipment agreed to pay substantial damages.

In January, AOL filed suit against three other junk e-mail sites: IMS of Knoxville, Tennessee; Gulf Coast Marketing of Baton Rouge, Louisiana; and TSF Marketing and TSF Industries of Riverside, California. AOL said that the three companies, among other things, "forged 'aol.com' within their e-mail messages so that the messages falsely appeared to originate from an AOL member." AOL also charged that TSF Marketing and TSF Industries violated the Computer Fraud and Abuse Act in their harvesting of AOL screen names.

The fight got nastier in December in a dispute between AOL and the National Organization of Internet Commerce (NOIC), whose president is Joe Malle, also president of TSF Marketing. TSF Marketing threatened to post the addresses of 5 million AOL members unless AOL dropped its anti-spamming policies. The organization later backed down. AOL called the practice "cyber terrorism." For its part, NOIC is steadfast in its claim that e-mail commerce can be done responsibly. Its Web site complained that small businesses engaged in unsolicited e-mail "have been unfairly harassed by small but loud anti-business types, and had their Internet connection shut down by larger backbone providers that listened to these Net terrorists. NOIC said it represented a "responsible solution to a legal advertising medium, one that is not going away. We are not anything close to the picture painted by the lies of anti-commerce types; in fact, we are the heart of America."

Juno Online Services, L.P.-which claims to be the second largest provider of e-mail services in the United States after AOL-is also using legal challenges as a weapon against spammers. Juno is not objecting to its own members being spammed, but rather that spammers are forging their return addresses-making it look as if it came from a Juno e-mail account. Juno attracts its subscribers through free service in exchange for presenting its users with advertising. In an interview with Wired News, Shabbir Savdar, founder of the Voters Telecommunications Watch, said that the spammer made a bad choice in picking Juno "because Juno has plenty of lawyers." Juno is seeking financial compensation from the defendants to the tune of $1 million each.

This practice of faking a return address in order to disguise a sender's identity is widespread-not surprising, given the torrents of angry replies junk e-mail attracts. Moreover, when junk e-mail appears to emanate from a large carrier like Juno, the practice effectively defeats spam filters intended to block mail from certain offending sites. In fact, last February, several groups advertising pornography websites managed to appear as if they were coming from a computer at the U.S. Department of Health and Human Services.

Such identity "hijacking" is relatively simple. It is just a matter of finding an open server, that is, one available for posts to Usenet. Those servers then become the fake point of origin for spams. Norman Bourkas operates a small Quebec-based ISP whose server was also recently hijacked. He told The New York Times that securing a server is like securing a car in a big city by not leaving your keys in the ignition-even for a few seconds. I left the keys in and they saw it and took it."

Lawsuits have also been employed against one of the Internet's most annoying figures. Say what you will about him, Sanford Wallace (whom some have dubbed "Spamford"), the head of Cyber Promotions, has been both doggedly persistent and outrageously vocal about his "right" to send junk e-mail. His problem: ISPs keep dropping him. The latest is Apex Global Internet Services, which showed him the door last October. Wallace has indicated he might get out of the direct spamming business, focusing instead on selling software that allows others to spam on their own.

But that route has its own problems. Last March, Bigfoot Partners Ltd., a New York City Internet directory company, won a court judgement against Cyber Promotions. The order prohibits Cyber Promotions from sending or helping its customers send unsolicited e-mail to any customers of Bigfoot's e-mail services or those services provided by Bigfoot to its partners. The penalty for not complying is $10,000 a day. The settlement also calls for Cyber Promotions to remove Bigfoot addresses from any e-mail lists used or sold by Cyber Promotions, and prohibits the company from faking the bigfoot.com domain name on its own junk e-mail.

Making it illegal

Whether the Internet remains a legal medium for unsolicited advertising is another question. In the U.S. there are several pieces of legislation-some sponsored by the direct mailers themselves-that would curb or end the practice. While some worry about violating America's First Amendment guarantee of free speech, others point out that junk faxes have already been banned because they use the recipients' own resources in the form of paper and telephone time. The same could be said for junk e-mail, which essentially puts an unauthorized file on one's disk.

The legislation ranges from banning unsolicited e-mail that does not meet the sender's requirements to an overall ban on all unsolicited advertising e-mail unless the sender has explicitly given consent. Also banned would be the harvesting of e-mail from the Internet, concealing the source of the message, the thwart filters, and sending bulk messages in batches to get around the volume restrictions imposed by ISPs. All the bills would honor requests to stop sending messages, but right now such requests-if they are received-are widely believed to be ignored. In fact, sending a request to stop may simply confirm the existence of your e-mail and bring on even more.

It should be added that while anti-spam legislation sounds good, nobody is really certain how well it can be enforced. Because the Internet is a global, unregulated medium, laws in the United States or Japan may not stop spammers from sending e-mail off-shore. American legislators have found similar drawbacks in trying to regulate gambling on the Net.

Legitimate advertising

Almost ignored in this escalating war between the spamming and anti-spamming factions are a few solutions that legitimately bring advertising to the Internet. Juno, itself, represents one such approach. It's free e-mail service is modeled after that of broadcast television, in which free programming is supported by advertising. The service, which is surprisingly easy to use, bring up a full color advertisement every time you open the program-which can be closed with the click of a mouse. Advertisements are also logged online for later viewing. Occasionally, Juno also sends out advertising e-mail as well, but the frequency is low and Juno, itself, earns revenues from the practice that it presumably plows back into free e-mail service.

A variation of this idea has also been proposed by entrepreneurs who would send bulk e-mail to volunteers in exchange for some sort of reward, such as points good for free air travel, frequent flyer points. The key to both of these schemes is letting people opt in rather than forcing them to opt out.

But as Juno proves, the model for responsible e-mail advertising already exists:

• It's voluntary-you sign up for the service, rather than trying to get your name off the list,
• It's relatively unobtrusive,
• Volume is low enough that legitimate e-mail correspondence doesn't get buried, and
• It rewards the recipient, not just the sender.

When spammers get the chance to express their views, they often talk about the "inevitability" of unsolicited e-mail-as inevitable, they argue, as unsolicited snail mail. But that may be wishful thinking. In the U.S., not only have unsolicited faxes been abolished, but Americans also have a way to cut down on unsolicited sales calls-by demanding that their number be taken off the caller's list. (While the system isn't foolproof, it's very effective.) The truth is that without some sort of legal curbs, spam is so cheap and easy that it can easily inundate an e-mail account, and these days, most people I know are already inundated by legitimate correspondence.

Between the lawsuits and the nasty reputation already garnered by e-mail spam, it's only a matter of time before the practice is outlawed in this country-and perhaps elsewhere. In addition, ISPs have the ability to block the mail of offending sites. The spammers may think spam is inevitable, but most citizens on the Net think otherwise.

The origin of "spam"

The term "Spam" originally referred to salty canned meat product made by Hormel Foods Corporation. The name, it is generally believed, was later applied to the practice of sending Usenet advertising posts to every newsgroup, whether it applied or not. And later still, it was applied to junk e-mail, which itself is a play on the snail mail equivalent: "junk mail."

And what's the connection between canned meat and unwanted posts? The answer appears to be a now-famous skit from the British 1970s series Monty Python Flying Circus, in which a restaurant serves everything from an egg and sausage to the lobster thermidor with Spam. The skit involved a customer, a waitress, and-yes-some Vikings. According to The Net Abuse FAQ: the Vikings would sing "Spam...over and over, rising in volume until it was impossible for the other characters in the sketch to converse." (Some reports say that the term came from a food fight at the end of the skit-but the skit didn't end that way.)

From here, the story gets a bit fainter. The FAQ says that in 1985, a participant in a MUSH (Multi-User Shared Hallucination) got annoyed at his fellow participants and "assigned a keyboard macro to echo the line: SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM-until one of the wizards booted him off. Which would have probably been the last that anyone ever heard or thought of it, except that it apparently ingrained itself into the memory of the PernMUSHers and forever after there was the legend of 'that asshole who spammed us.'"

Hormel Foods Corporation, by the way, has registered www.spam.com-as a site dedicated to its meat product. The site was still under construction at this writing.