However, cursory studies that have been conducted are either biased because they seem to present a biased review of certain products or are insufficient because of their limitations and shallowness. Those studies that have been considered to be useful are mentioned below.
Robert D. Boerner, Joanne Bourquard, Pam Greenberg (2000) comprehensively elaborates the legal aspect of spam. He provides an in-depth review of the present laws in actions and the future of legislation against spam. He concludes his study by revealing, "Most of the laws target spammers who misrepresent, falsify or forge the point of origin or the routing information of messages. Several states also prohibit the sale or distribution of software that is primarily designed for this type of falsification (Robert D. Boerner, Joanne Bourquard, Pam Greenberg, 2000)." Also, "Most states have specified that the laws apply only to spam that is sent to or generated from locations within the state." However, it is important to note that the menace of spam is a global phenomenon and even United States, with all it powers, cannot solve the problems associated with spamming.
Many other studies also examine the legal efforts and endeavors of United States and European Union to combat spam. For instance, Peter Piazza (2004) highlights the efforts made by the European Union to wage the war on spam. Furthermore, Mark Kellner (2002) provides a very shallow and limited review of some of latest measures being used by the Internet users to stop spam. The most commonly used techniques are purchasing and consistently upgrading spam filtering software and making the email addresses invisible (Mark Kellner 2002).
Lisa Phifer and David M. Piscitello (2002) provide a thorough analysis of the present security situation relating to the use of Internet. They conclude their study by summarizing and suggesting the 10 most valuable practices successfully adopted by organizations to combat the evils associated with ecommerce, which includes spam. These 10 most valuable practices are:
1). Physical security. Think beyond the obvious measures usually taken to secure company offices; (2). Secure perimeters. Internet firewalls meet the 90-percent rule: Properly configured, they block the noisy, low-level inbound attacks; (3). Authentication. it's high time to get rid of weak username/password authentication. Use two-factor authentication, based on tokens, digital certificates or biometrics, alone or in combination; (4). Content inspection. Complement desktop anti-virus measures with gateway software and firewall application proxies that can block malicious code; (5). System and server integrity. Many exploits allow attackers to gain administrative control of operating systems and access file systems; (6). Information integrity. Use file system encryption to protect stored data, especially on laptops and PDAs; (7). Availability. Identify mission-critical servers, security systems and network connections, and determine where you need high availability, redundancy, mirroring and diversity; (8). Access Controls. Access controls enforce security and acceptable use policies; (9). Intrusion prevention, detection and rejection. While intrusion detection provides a valuable security service, consider building your networks to be immune to attacks and (10). Auditing and Logging. Log, log, log.., then log some more. Logging and auditing are like blood tests, x-rays and MRIs. They tell you what's happening in your network (Lisa Phifer and David M. Piscitello 2002)."
Robin L. Wakefield (2004) highlights the importance of information security by analyzing the present threats and methods adopted by the organizations to counter those threats. He believes that the best tool to fight spam is the content-filtering software. He reveals, "Content security involves using electronic means to monitor the transmission and storage of data over a company's network. Content- filtering software can stop spam, scan attachments for inappropriate language, block dangerous attachments, stop intellectual property breaches, quarantine questionable messages or embedded images, and notify systems managers when policies are violated. (Robin L. Wakefield, 2004)."
Michael J. Blotzer (2002) analysis the various spam-filtering softwares presently being used. He reveals the operating methods of these softwares: "Spam filtering software screens e-mail before it's downloaded by your email software. The spam filter scans email waiting on your e-mail server and looks for signs that a message is spam based on a set of defined rules. The rules can include known spam e-mail addresses, spam IP addresses, suspicious e-mail addresses and key words in the subject or body of an e-mail... The spam filter then presents a list of all waiting e-mail, flagging the potential spam. A quick review, followed by a click of a button, deletes the flagged spam at the server, before it is downloaded to your computer (Michael J. Blotzer, 2002)."
Lastly, after analyzing all the present solutions the industry has to offer, he discloses his favorite spam-filtering software, "In my evaluation, Novasoft's SpamKiller stood head and shoulders above the rest. SpamKiller came pre-configured with an extensive set of known spammers and e-mail cues. In addition, SpamKiller can be set to accept all mail from an email list. With other programs, I spent so much time establishing filtering criteria that it was easier to manually trash my spam (Michael J. Blotzer, 2002)."
Peter Piazza (2002) examines the usefulness of spam filtering tools presently being used. He reveals that while corporate gateways are useful against blocking viruses, they are useless against blocking spam. However, he writes, "Filters can also be used to block mail from particular senders, although that's less useful, and content filters (which can be configured by the end-user or the system administrator) can block attachments that don't have a valid business purpose, such as [MP.sub.3] files."
Furthermore, Peter Piazza (2004) discusses the success of two companies in the battle against spam. These companies have used spam filters, which, "attempt to identify the characteristics common to spam and then customize filters to block those identifiers; they look for technical clues in a message indicating that it is probably spam; and they block addresses believed to be used by spammers (Peter Piazza, 2004)."
Rebecca Wetzel (2004) discusses various initiatives being taken to discourage spam. These include consistently upgrading technology and adding payment structures for spammers in order to discourage them Rebecca Wetzel primarily discusses two forms of spam filter tools, (1) content-based filtering and (2) sender-based filtering. While explaining content-based filters, she writes, "Content-based filters draw on a variety of spam identification methods ranging from pattern recognition to recipient complaint systems to Bayesian filtering, a technique that uses words or character strings to identify email as spam, and learns to identify new spam the more incoming email it analyzes (Rebecca Wetzel 2004)." And while classifying sender-based filters, she reveals, "Sender-based filtering blocks based on a sender's reputation -- with filtering decisions made using information in 'black lists' or 'white lists'. Email from senders of ill repute is filtered, whereas email from 'white-listed' senders is always allowed through (Rebecca Wetzel 2004)."
Despite the fact that spam filtering tools are very helpful in blocking unwanted emails, Rebecca reveals some of the disadvantages about these filters. "Filtering can effectively reduce spam on the network and/or at the desktop, but it can have drawbacks. The higher the spam capture rate, the greater the chance of blocking wanted email. No matter how low the risk, undelivered email can hurt business (Rebecca Wetzel 2004)."
Jason Catlett (1998) discusses the present laws related to spamming and also briefly touches upon the subject of spam filtering tools. She critically evaluates the present spam blocking tools being used by ISPs and reveals the challenges and disappointments associated with the use of spam filtering tools. She writes, "The people and companies who provide Internet access to millions of consumers bear the brunt of complaints about spam, and every day they fight hundreds of unseen battles to stem its flow. A highly sophisticated arms race of blocking and filtering software is being waged, and administrators are starting to gain the upper hand, with updates of blacklists being propagated before spammers can switch to their next target. The problem is that such action requires constant vigilance and is very expensive to maintain because of the high level of expertise required to adapt filters continuously to new spamming tactics. Like intelligence agencies, their failures are trumpeted while their victories go unnoticed. Large companies are finding that they have to use similar measures to prevent their employees' time being wasted by spam (Jason Catlett, 1998)."
While concluding her study she writes, "There is no simple solution to junk e-mail. It was born of the freedom and affluence brought by the Internet, and, as long as we enjoy those qualities, we all can expect to have to struggle against junk (Jason Catlett, 1998)."
Lastly, Jason Levitt (2003) discusses the present concepts and tools related to spam filtering solutions, such as, blacklists, white lists, content filtering and machine learning. On the subject of blacklists and white lists, he writes, "Several third-party organizations maintain blacklists, sometimes called real-time black-hole lists, or RBLs, or block-lists, which are lists of IP addresses or domain names that are known to be originators of spam. Businesses can decrease the amount of spam they receive by subscribing to blacklists and blocking any E-mail traffic…