By Sarah Bills
With the computer science lab momentarily empty, Jessica Bowler, a teacher?s assistant, steals a few minutes to check her e-mail.
Bowler?s inbox shows six new messages, but she only wants four of them: two from friends, her professor sent a third and a fourth from work. She doesn?t know where the others came from.
To limit the amount of junk e-mail she receives, the junior from Irvine, Calif., created a second account she can throw out on the Internet anytime she needs to supply an e-mail address. It filters her junk mail and automatically deletes unwanted messages every couple of weeks.
Bowler is like most BYU students forced to wade through junk e-mail, commonly referred to as ?spam,? in order to access genuine correspondence. Like Bowler, thousands of Americans have found their inboxes bulging with more e-mail than they want despite a year old federal law enacted to restrict the amount of unsolicited mass-junk e-mail on the Internet.
For example, BYU?s office of information technology blocked more than 5 million unsolicited mass e-mail messages during January alone.
These tainted e-mails comprise 46 percent of the total messages sent to BYU?s server for the month, meaning filters blocked roughly one junk message for every legitimate e-mail students and faculty received, according to documents from the Office of Information Technology.
Russell Allred, product manager in BYU?s Office of IT, said spam is a serious problem he?s seen increase dramatically during the past two years.
BYU?s surge of junk e-mail parallels a national trend. Spam has escalated to roughly 80 percent of all e-mail sent according to Postini, a California-based anti-spam firm that scans about 400 million e-mail messages a day for its clients. That?s up from 50 percent of total e-mails sent before the federal anti-spam law went into effect January 2004.
The Can-Spam Act requires unsolicited mass e-mails to label advertisements as such and to post warnings on e-mails with sexually oriented material.
The law also requires senders to list a physical postal address as well as an option allowing one to request removal from the mailing list.
But, it?s difficult to restrict unsolicited mass e-mails through laws, Allred said. Many of the people sending out mass junk mail don?t obey the restrictions the laws place upon them.
Such laws require opponents of spam to investigate where the junk mail is coming from before they even begin to prosecute.
?The laws hardly are worth it because of the amount of investigation you have to do,? he said.
Paul Angerhofer, assistant general in BYU?s general counsel office, said the new spam law doesn?t help individuals as much as it could; the law doesn?t allow individual e-mail users to sue spammers.
Because agencies like the Federal Trade Commission and state attorneys general hold the authority to take legal action against spammers. Recipients of unwanted spam should contact the state attorney?s general or the FTC and register complaints with them, Angerhofer said.
Without question, there are groups out there that just solicit broadly, he said.
Depending on the user and what kinds of Web sites and bulletin boards they visit, they could be opening themselves up to more unsolicited commercial e-mail.
Allred said a lot of people on campus complain that the university is not doing anything because they?re still receiving junk mail but they don?t see how much success BYU has blocking spam.
To combat the onslaught, BYU uses a virus filter and five third-party anti-spam blacklists. The blacklists intercept IP addresses of e-mail servers they recognize as being associated with unsolicited mass e-mail in one way or another.
Halted e-mails either came from blacklisted addresses or traveled through spam-tainted open-relay servers, which don?t require a user log-in-name and password.
Although the blacklists may stop a few legitimate e-mails that inadvertently became associated with spam, the vast majority of e-mails halted are either commercial or pornographic in nature.
Despite the concentrated filtering process, students and employees will continue to receive unsolicited e-mails, Allred said.
?Professional spammers know how to get around this,? he said.
Recipients of spam should delete unwanted mass e-mails rather than responding by clicking ?unsubscribe,? Allred said.
?Sooner or later they?ll stop sending it, because they don?t know if you?re a correct address,? he said.
By responding to the e-mail and asking to be removed from the list, recipients open themselves up to further spamming.
?Most spammers don?t unsubscribe you; all it does is confirm that you exist,? Allred said.
He suggested students adopt e-mail aliases which would allow them to create bogus addresses they could give to companies or other groups demanding an e-mail address.
He said the Office of IT is trying to promote the use of aliases among students and faculty in order to protect BYU?s e-mail server domain name??email.byu.edu.?
?We try not to advertise our real e-mail domain,? Allred said.
People have a good chance of getting into BYU e-mail boxes if they know the university?s e-mail server domain and that mailboxes are named with the user?s Net ID. They can try any combination of letters and numbers as a Net ID and end up successful
BYU offers all students e-mail aliases ?a name of their choice @byu.net.? Students can set up aliases through Route Y.
An alias creates a permanent e-mail address that students can continue to use after graduation and throughout their lives.
Students can have up to two e-mail aliases at anytime, so they can use one address for friends and family and the other as a bogus address that might be compromised.
The e-mail alias forwards messages to whatever e-mail address individuals choose to use at any given time. This allows individuals to change their e-mail account as often as they want without having to notify friends, family or recruiters etc., who can continue to send mail to the alias.
As BYU continues to crack down on the amount of incoming junk e-mail, the university also warily screens the mass e-mails sent from within the university community.
Brent Harker, director of Web communications at BYU, said the university, as the network owner, does assume some rights for sending unsolicited mass e-mails, but they?re closely regulated.
?People don?t like to get spam,? he said. ?We try to route things through me so we don?t send too many messages; I have some very strict guidelines.?
Harker gets involved when people want to send unsolicited mass e-mail to the entire BYU community. Last year, he sent fewer than 230 messages to students and employees.
If people just want to advertise an upcoming event or bring attention to their club, there?s not much chance that those things will go out, he said.
?We choose things in the best interest of students or faculty members,? Harker said. ?For instance, students might get a message about scholarship deadlines or a message about changing personal information on route Y.?
Once a year, the university allows the athletic department to send a message announcing the availability of student all-sport passes; the fine arts department sends a one-time message as well.
Separate from Harker, deans have authority to e-mail anyone within their college and teachers have authority to e-mail their students.
Also, people can send permission-based e-mails if they have an established relationship. For example, the Department of Fine Arts can e-mail anyone who has bought a ticket to an event and ask them if they want to receive more e-mails, but they have to give those they e-mail an option to refuse, Harker said.
Sidebar #1:
How do Spammers get my e-mail address?
-Trolling through Web sites looking for e-mail addresses (particularly mail-to links)
-Trolling through newsgroups
-Buying lists from commercial organizations or other sources. (Be wary of giving your e-mail address out without first reading the organization?s privacy policy.)
-Some web browsers will provide your e-mail address to web sites that you visit. You can check to see if your Web browser gives out your e-mail address by visiting http://www.junkbusters.com/cgi-bin/privacy
-HTML (web) based e-mail messages can contain ?web bugs? that let the sender know when you read their e-mail. You can prevent this by disabling HTML-based e-mail in your e-mail client.