AOL and Yahoo users, meanwhile, are getting some help in identifying mail that isn't spam through each company's partnership with a firm called GoodMail, which offers "legitimate" bulk e-mailers a service it calls "certified e-mail."
GoodMail chief executive Richard Gingras says that the company accepts only customers that have no history of sending spam. Mailings from GoodMail customers are routed through GoodMail's servers, which insert a unique cryptographic token into each message. Partner e-mail services recognize the token when they receive the message, and the mail appears in the user's inbox with a special icon and words like AOL Certified Mail. Gingras says the service addresses one side effect of phishing: Fearful of identity theft, people simply delete all mail claiming to come from any financial institution.
GoodMail charges its customers 0.25 cent per message and shares that revenue with its partner e-mail services. Critics say that the scheme simply affords wealthy bulk e-mailers easy access to the inboxes of people whose mail services use (and profit from) GoodMail. Gingras, however, says that GoodMail turns down three out of every four prospective customers because their record on spam isn't clean enough to satisfy his firm's standards.
If you haven't noticed much extra spam in your mailbox lately, you likely have your e-mail service to thank for it. Ferris Research's Jennings says that if more than 10 percent of mail in your inbox is illegitimate, you can probably do better.
I did, by setting up automatic forwarding of all my personal e-mail to Google's Gmail. Fortunately, my hosting company makes mail forwarding easy through its Web-based e-mail management tools. Most ISPs that offer e-mail based on POP3 or IMAP will have similar tools--I found EarthLink's tools, for example, by searching its Help for "e-mail forwarding."
Gmail cleaned an additional 30 messages per day from the forwarded mail, leaving only a handful of stragglers each day; in a week I found only one false positive in its spam folder. (If you do switch services, be extra diligent about checking the new service's spam folder for false positives in the first couple of weeks.)
I haven't tested other major e-mail services, but Jennings says they are all being very aggressive about keeping consumer inboxes clean--and are better equipped for the job than any desktop software. "It makes very little sense for consumers to be running software on their desktop that filters spam," Jennings notes, "[because] you still have to download the spam." Nevertheless, for users who are wedded to Outlook but want spam-filtering help, we have recommended Cloudmark Desktop and Sunbelt Software's IHateSpam in the past.
In the midst of the current spam wave, the usual caveats for reading e-mail safely still apply. When in doubt, don't open an e-mail message--especially if it includes an attachment. Don't click on links that promise to send you to a site where you have an account--type in the institution's URL in the address field of your browser. And consider using a free e-mail account for your e-commerce transactions.
Engaging in safe e-mail practices offers you the best hope of safe shelter from the worst fallout of the spam storm.