GeoCities tries antispam measure

The Net community will implement a new system requiring its users to authenticate themselves by logging in before sending mail.

Paul Festa Staff Writer, CNET News.com
Paul Festa
covers browser development and Web standards.
Paul Festa
2 min read
Yielding to pressure from an antispam boycott, Net community GeoCities tomorrow will finally take action against spammers who use its servers to send bulk email.

The free email and Web page provider will implement a new system requiring the company's more than 1 million email users to authenticate themselves by logging into the system before sending mail.

The way it is now, users can access the system without logging in and being authenticated. Spammers are taking advantage of this capability to use GeoCities servers to send out bulk emailings; as a result they have given the company a costly reputation for aiding the distribution of unsolicited email.

James Glicker, vice president of marketing at GeoCities, described the new policy as a protective measure, rather than a reactive one.

"Spam hasn't been a huge problem for us," Glicker said. "We probably have the same problem that most big sites have. But we want to be proactive and take every step possible to limit it."

Sources say, however, that GeoCities decided to impose the new restriction after an antispam boycott caused the company and its users considerable inconvenience.

Between June 15 and July 2, GeoCities found itself on the Mail Abuse Protection System's Realtime Blackhole List, or MAPS RBL. MAPS added GeoCities to the list, according to MAPS volunteer David Rand, because the company was letting spammers take advantage of its servers. Many GeoCities users found their mail bounced back to them as a result.

According to a source close to GeoCities, the company decided to implement the new system to be removed from the MAPS list.

The new policy is not GeoCities' first move against spammers. GeoCities in March began requesting that users send email through their individual Internet service providers' servers. But the company decided it could not enforce that policy after complaints were lodged by America Online members, who were unable to designate AOL servers for that purpose.

Executives at GeoCities downplayed the new policy's effect on the average user while heralding it as a potent weapon against spam.

"Most users log in anyway before sending mail, and they won't notice a difference," said Glicker. "This is a well-known, well-accepted solution that is quickly becoming standard on the Internet."

One difference that users may notice is that from the time they log in to the system, they have a 15-minute time limit in which to send mail before logging in again. Checking for messages counts as a log-in, and Glicker noted that many email programs can be set to perform this task automatically at set intervals.