Frontier justice

Checking e-mail used to be one of the pleasures of the information age. The technology made it easy to keep up with family and friends and to launch into discourses with kindred spirits in discussion groups. Now, before opening wanted messages, the drill for most users is to first delete all of the ads for viagra, anatomy enhancers, money schemes, and pornography.

As much as 45 percent of all e-mail is "spam," mass mailings trying to sell unsavory products. The volume is up 16 percent from last year. Companies like America Online filter out as much of this traffic as they can, but a good percentage still makes it through.

Since spam goes out automatically to electronically generated lists, it is no respecter of persons. Children with online accounts are just as likely as adults-through no fault of their own-to have their inboxes clogged with ads for pornographic sites, complete with samples.

How do these people get our e-mail addresses? As explained by Saul Hansell, who wrote a series of articles about spam for The New York Times, spammers can use "opt-in" lists-i.e., lists of people who have given their e-mail addresses to businesses or list servers, often without reading fine print about receiving "occasional offers of products you might find valuable from our marketing partners."

But spam can find even those who opt out of giving away their e-mail addresses. Special software roams the Web, harvesting addresses from discussion groups, websites, or chatrooms. Other bulk e-mailers use "dictionary attacks," sending spam to every combination of letters and possible screen names. (And bulk is important: Mr. Hansell points out that a spammer can turn a profit if only one out of every 100,000 spam recipients buys the product.)

Major Internet providers do what they can to stop spam, and special software is available to recognize it and keep it out. But spammers keep finding ways to get around the safeguards. Innocuous subject lines ("Hi, I'd like to talk") thwart programs that filter out offensive language in the subject heading. More sophisticated anti-spam programs that filter the text of the message can be thwarted by putting the ad in HTML, the format for Web images, rather than text, or by simply providing a link to the site with the goods.

Servers can block messages from offending sources, but the spammers simply change their sending addresses constantly, sometimes sending the messages through layers of intermediate sources.

Can anything stop spam, or will it be allowed to ruin a promising technology?

Though a number of states have passed legislation against spammers, the laws are scarcely enforceable and the fines are so small as to be written off by Internet marketers as overhead. But now Virginia has enacted a law with teeth.

Under the new law, anyone sending more than 10,000 copies of an e-mail that has a "deceptive" return address or subject line would go to prison for one to five years and face forfeiture of his profits and assets. Since Virginia is home to AOL and other Internet providers, as much as half of all e-mails pass through the state.

That spam involves interstate commerce, though, suggests the need for a federal law. Congress is considering laws ranging from the simple requirement that advertisements be labeled "ADV" to the establishing of a national registry of people who do not want to receive spam.

But the free-form, laissez faire world of the Internet has proved almost impossible to regulate. Savvy marketers can move their operations to an offshore server, eluding American jurisdiction, and can use ever-better technology to cover their tracks. Civil libertarians invoke the right of free speech for spammers. Legitimate businesses that use the Internet for commercial purposes are leery of laws that might lump them together with pornographers.

In the meantime, the frontier that is the Internet, like the old West, has its own posses, citizens who group together to dispense rough justice to the cyber-rustlers.

A group called "Spews," for Spam Prevention Early Warning System, operates a website, www.Spews.org, that posts the names of companies, websites, and computer service providers that are responsible for spam. These typically become the targets of angry consumers, who bombard the company with protests and hack attacks.

Spews targets not only the advertising companies but the servers who host their e-mail programs, putting some otherwise reputable and often unknowing companies in jeopardy. Mr. Hansell quotes marketers who say that "Spews has brought fear" to service providers that house spammers.

The Spews posse is said to have "a shoot-first-and-ask-questions-later mentality." Sometimes innocent bystanders reportedly get hurt in the crossfire. But where there is no law and order, the alternative is vigilante justice.