Monday, August 08, 2005

Spam Quarantines Considered Harmful

You may have heard me predict the death of email spam before. Briefly, the argument goes like this:
  1. as more people's mailboxes are protected by anti-spam filters,
  2. and as those filters get more accurate,
  3. fewer spam messages get delivered,
  4. so fewer products get bought from spam,
  5. so less commission goes to spammers,
  6. so the economic incentive to spam dries up.
However, there's a wrinkle in this oh-so-neat reasoning... quarantines. Anti-spam products keep most of the spam email in a holding pattern, just in case they accidentally filter out a legitimate message (a "false positive"). Users can browse the quarantine to check that the filter isn't deleting good mail. The problem is that the quarantine will be full of the very solicitations that we need to keep away from users' eyes if we are to defeat spam. (There are other problems too, such as the wasted productivity involved in checking the quarantine.)

What should be done? Anti-spam software should delete messages that are clearly spam. When modern spam filters assess a message, they do so using a battery of tests and criteria. This process usually produces an aggregate score. Some spam messages score so high that they're clearly spam. There's practically zero chance that this might be a legitimate message. Anti-spam software should only present grey-area messages to the user in the quarantine.

