A new set of guidelines may pave the way for dozens of U.K. Internet service providers to participate in a University of Cambridge research project into the problem of spam, estimated to comprise 60 percent or more of the world's e-mail traffic.

The guidelines concern how ISPs should deal with sensitive issues, such as customer privacy and data-protections laws, while cooperating to shut down machines propagating spam, says Martin Hutty, head of public relations for the London Internet Exchange (LINX), a nonprofit group of around 220 ISPs and network providers.

When an e-mail is sent from a machine using one ISP to a machine using another ISP, both hold details that can be used to detect spam and locate the machine where the message originated, Hutty says. A user may have been infected with a Trojan Horse program, through which a hacker has gained control of the machine and is using it to send spam, he says.

The guidelines will open the door for ISPs that want to participate in spamHints, an ongoing research project at the University of Cambridge, Hutty says. Richard Clayton, who holds a doctorate in computer science from Cambridge, heads the research.

"E-mail is not just a technical problem, but a market failure compounded by regulatory deficiencies," Clayton writes in a paper outlining spamHints.

The research project uses traffic analysis rather than content to determine which e-mail is legitimate. Spam, Clayton writes, has characteristics that make it stand out from real mail, even aside from its content.   

The IDG News Service is a Network World affiliate.

---