Sunday, August 27, 2006


As far as I can tell, dodgy email divides roughly into two categories - meaningful and meaningless. I can see the point of messages that are trying to persuade me to buy something, reveal my bank account number or open a dodgy attachment. But what is the purpose of messages that don't give me any way of responding even if I wanted to? Messages with cryptic headers and apparently random comment.

In his post on Spammers (Aug 2006, post no longer available), Dilbert complains about low quality spam. In other words, spam that is not fit for purpose. But this assumes we know what the purpose is.

In this post, I'm going to take a different tack - try to work out the purpose of dodgy email from its actual effects.

Firstly, I believe I can see the purpose of the "meaningful" ones. If hundreds of millions of these are sent, and only one person in a million responds, that may generate sufficient value for the sender, in terms of money or identity data received, or malware distributed. (For some purposes, a one-in-a-million effect is quite good enough.) Even if such messages irritate and inconvenience people, this does not seem to detract from the sender's purpose. This is, after all, not very different from other forms of direct marketing (although the economics are different).

But what about the "meaningless" ones? Are these the result of incompetence on the part of the sender (failure of execution), or are they driven by an entirely different purpose? Let us consider the possible effects of these messages.
  1. Effects on the sender. Perhaps these are trial-and-error messages whose primary purpose is to monitor and learn more about the current state of the Internet and the prevailing filtering mechanisms.
  2. Effects on the filters. Perhaps these are messages designed to overload and confuse the filtering mechanisms, both technical and human.
  3. Effects on the Internet as a whole, multiplying traffic and generating business for infrastructure companies. And perhaps ultimately driving people away from email onto other ways of communicating.
I find some of these purposes (1 and 2) easier to believe than others (3). A POSIWID extremist would probably see the whole thing as a massive secret conspiracy involving Microsoft, Cisco and Symantec, but using POSIWID in this way to generate conspiracy theories is just silly.

Thus POSIWID isn't a tool to be used indiscriminately, but often helps us make sense of situations that are otherwise puzzling. tags: POSIWID
Technorati tags:

1 comment:

Rob Mercer said...

The problem can be seen as an arms race between the Spammers and the Filter writers. I think that your first assumption is probably the closest to the truth. These meaningless messages are being used as scouting expeditions to test the effectiveness of the filters. But, for this to be correct there must be a feedback mechanism. If one looks at a typical meaningless SPAM email, you often see links or images which may provide this.