Many of us spend a lot of time--too much time--discarding e-mails that we don't need or want. Here's some information, along with the name of a resource that can help block Spam and other unsolicited emails.

Many practitioners and other firm employees receive an overwhelming number of e-mail messages every day. So daunting can be the number of emails some receive that they shudder when they open up to their message list. The problem can be resolved, however, in many ways.

Microsoft Corp., as would be expected, uses technology to help resolve the problem, but they also use human resources to screen and filter messages. Microsoft Corp. chair Bill Gates "literally receives 4 million pieces of mail per day, most of it spam," according to Steve Ballmer, Microsoft Corp.'s chief executive, speaking at the company's Government Leader's forum in Singapore on Thursday, November 18. To manage this mountain of e-mail, Microsoft has special technology that filters only spam sent to Gates. Also, several Microsoft employees work only to ensure nothing unwanted gets into Gates's mailbox. "Literally there's a whole department almost that takes care of it," Ballmer said.

Unfortunately such dedicated resources are not available to many CPA firms. Even if some partners have an assistant to screen and filter messages, consider how those resources may be better used when technology is available that would allow an assistant to focus on other projects and tasks. Technology is in fact available to help minimize spam volume, thereby freeing up employees for more profitable work.

Such technology and its virtues and drawbacks are described the recently published A CPA's Guide to Understanding and Controlling Spam (New York: AICPA, 2004) by Roman H. Kepcyzk, CPA, CITP. Kepcyzk devotes a significant portion of his book to "a variety of lists that organizations can use to minimize spam volume." The following paragraphs are excerpts from the book.

Real-Time Block Lists

One of the more effective tools an organization can deploy to reduce the volume of spam is the use of RBLs (Real-Time Block Lists), which block delivery of known spammers' e-mail to the organization.

The RBL acronym usually stands for real-time block lists, but the terms blacklist or boycott list are also commonly used. The role of RBLs is to identify spammers at their root servers or those servers they use to relay spam, and to maintain a list, which is made available to the public either for free or a minimal fee. These lists can be imported into the organization's e-mail filters to block messages before they enter the organization.

To use RBLs, organizations import the list into their e-mail application, which compares every inbound e-mail against the list and then either automatically deletes it or moves it into a designated folder, where it is quarantined. Many organizations prefer to use quarantined junk mail folders that allow the organization the benefit of reviewing the e-mails before deleting them and also allows searching through the e-mails in the event that a valid e-mail has been tagged as spam.

RBLs can also be used by individual users locally by loading them into their own groupware application to identify spam.

White lists

Another useful tool to fight spam is white lists, which work exactly the opposite of RBLs. White lists (also known as safe senders in Outlook 2003) identify valid e-mail addresses from individual senders or domains that the organization normally corresponds with and allows through any e-mails from those organizations. The downside to relying solely on the white-list approach is that all other e-mails are blocked or placed in the junk mail folder.

If using a white list, it is imperative that users be trained to update the list with every new contact or organization with whom they wish to communicate. Organizations can build white lists by including all e-mail addresses from those found within their employer's groupware or contacts list. They should also train users on adding e-mail addresses to the white list.

Another method of minimizing spam and populating white lists is the use of challenge/response system. These systems direct all incoming e-mail to a Web server that stores the e-mail and automatically replies to the sender with a challenge that must be completed prior to the Web site releasing the e-mail to the recipient.

Kepcyk offers a more detailed, comprehensive discussion of the advantages and disadvantages of these tools. He also provides a list of "Antispam Resources." and describes some of the predominant e-mail features that make e-mail usage more effective.

A CPA's Guide to Understanding and Controlling Spam is available in print format or it can be downloaded in pdf format. In either format, the cost for AICPA members is $25.00. Members of the AICPA Information Technology Section were sent a gratis copy as a benefit of membership in the section. To purchase a copy, contact www.cpa2biz.com. The product number is 091015.