E-mail spam. Overview

(From Wikipedia, the free encyclopedia)

E-mail spam, also known as bulk or junk e-mail is a subset of spam that involves sending nearly identical messages to numerous recipients by e-mail. A common synonym for spam is unsolicited bulk e-mail (UBE). Some definitions of spam specifically include the aspects of email that is unsolicited and sent in bulk. UCE refers specifically to Unsolicited Commercial E-mail.
From the beginning of the internet, sending of junk e-mail has been prohibited, and enforced by ISP's Terms of Service (TOS) and by peer pressure. It is simply not possible for a thousand users to read a thousand messages a day, or today for a million users to read a million messages a day.As the internet has grown, ISP's have no longer been able to police the sending of UBE and have turned to government for relief, which has failed to materialize, particularly in the US, which aborted tough state laws with a promiscuous federal law, the CAN-SPAM Act of 2003.
As the recipient directly bears the cost of delivery, storage, and processing, one could regard spam as the electronic equivalent of "postage-due" junk mail. Due to the low cost of sending unsolicited e-mail only an opt-in law will stop junk e-mail. "Today, much of the spam volume is sent by career criminals and malicious hackers who won't stop until they're all rounded up and put in jail."
Spam is rarely sent by well-known companies, and is quickly regretted; spam from these sources is sometimes called mainsleaze. A widely-known instance of spamming by a large corporation was Kraft Foods' marketing of its Gevalia coffee brand. Advance fee fraud spam such as the Nigerian "419" scam may be sent by a single individual from a cyber cafe in a developing country. Organized "spam gangs" operating from Russia or eastern Europe share many features in common with other forms of organized crime, including turf battles and revenge killings.As much as 80% of spam received by internet users in North America and Europe can be traced to less than 600 spammers.
Spammers may engage in deliberate fraud to send out their messages. Spammers often use false names, addresses, phone numbers, and other contact information to set up "disposable" accounts at various Internet service providers. They also often use falsified or stolen credit card numbers to pay for these accounts. This allows them to move quickly from one account to the next as the host ISPs discover and shut down each one.
Spam is often used to collect personal information bought by other companies (phishing), allowing them to access your information typed in the "spam".
Senders may go to great lengths to conceal the origin of their messages. Large companies may hire another firm to send their messages so that complaints or blocking of email falls on a third party. Others engage in spoofing of e-mail addresses (much easier than IP address spoofing). The e-mail protocol (SMTP) has no authentication by default, so the spammer can pretend to relay a message apparently from any e-mail address. To prevent this, some ISPs and domains require the use of SMTP-AUTH, allowing positive identification of the specific account from which an e-mail originates. Senders cannot completely spoof e-mail delivery chains (the 'Received' header), since the receiving mailserver records the actual connection from the last mailserver's IP address. To counter this, some spammers forge additional delivery headers to make it appear as if the e-mail had previously traversed many legitimate servers.
Spammers frequently seek out and make use of vulnerable third-party systems such as open mail relays and open proxy servers. The SMTP system, used to send e-mail across the Internet, forwards mail from one server to another; mail servers that ISPs run commonly require some form of authentication that the user is a customer of that ISP. Open relays, however, do not properly check who is using the mail server and pass all mail to the destination address, making it quite a bit harder to track down spammers.
Increasingly, spammers use networks of virus-infected PCs (zombies) to send their spam. Zombie networks are also known as Botnets. In June 2006, an estimated 80% of e-mail spam were sent by zombie PCs, an increase of 30% from the prior year. An estimated 55 billion e-mail spam were sent each day in June 2006, an increase of 25 billion per day from June 2005.
Spoofing can have serious consequences for legitimate e-mail users. Not only can their e-mail inboxes get clogged up with "undeliverable" e-mails in addition to volumes of spam, they can mistakenly be identified as a spammer. Not only may they receive irate e-mail from spam victims, but (if spam victims report the e-mail address owner to the ISP, for example) their ISP may terminate their service for spamming.

More about E-Mail Spam...