DNS Abuse Forum - May 25

Home / Blogs

Define "Spam"

In my consulting and working with clients, I rarely use the word spam. There are so many different definitions of spam, I have no way to know if my clients understand what I am saying, so I avoid the term as much as humanly possible. An example of some of the few definitions of spam I've seen used over the years.

  • unsolicited bulk email
  • unsolicited commercial email
  • mail I don't want
  • mail I don't think my customers want
  • mail that is identical/similar to mail that hit my spamtrap
  • mail that was sent to a non-existent address at my domain
  • mail that contains HTML
  • unsolicited email
  • mail that advertises Viagra or porn sites or similar
  • mail that other people send

With my clients we talk about how the client's mail is perceived by the various groups and why their mail might be blocked or filtered. For those cases, it's useful to look at the definitions used by organizations doing the blocking.

Spamhaus and some other blocking lists use "unsolicited bulk email" as their definition. Many of the listings rely on mail to spamtraps. IPs sending mail to addresses not given to anyone, are sending unsolicited and presumably bulk mail. Thus that IP gets listed. They also have other lists that monitor snowshoe behaviour as well as listing domains. Spamhaus, and other blocklists believe that if a mailer is sending one piece of email to a user who did not request it, then they are likely mailing many other users who did not request any mail. This definition centers around permission, and any mail without permission is considered spam.

Many of the large ISPs use "mail our users complain about" as their definition. With this definition, they do not have to argue permission status with a sender. The data shows that their customers complain about mail from that sender or with that URL. The ISPs are going to block, or deliver to the bulk folder, email that their users do not want.

Filters and some blocking lists use "mail that has characteristics of mail we know is unsolicited bulk mail" as their definition. These characteristics can be things like an invalid HELO string, or lack of reverse DNS on the connecting IP address, or badly formatted HTML. Mail that looks like spam, in the technical sense, is often treated like spam.

Spam is a term that means different things to almost everyone. However, to answer a reader's question, when I mention spam in my blogs without an accompanying explanation of the term, I'm talking about unsolicited bulk email.

By Laura Atkins, Founding partner of anti-spam consultancy & software firm Word to the Wise

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Comments

 Be the first to post a comment!

Add Your Comments

 To post your comments, please login or create an account.

Related

Topics

Domain Management

Sponsored byMarkMonitor

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byAppdetex

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPXO

DNS Abuse Forum - May 25