According to a study undertaken for the European Commission, Internet subscribers world-wide are unwittingly paying an estimated euro 10 billion a year in connection costs just to receive “junk” e-mails (also referred to as spam). Typically, a person who sends spam (the “spammer”) will do so via a dial-up or a broadband Internet Service Provider (ISP). The spammer sends e-mail message from an e-mail client and uses the ISP's e-mail server to deliver the e-mail message to the recipients or to other e-mail servers that will eventually forward the e-mail message to the intended recipient.
Today, there are few good solutions for preventing the transmission of spam. Typically, a spammer is stopped when the spammer's ISP receives a certain number of complaints about the spammer's activities, at which point the ISP may elect to deny the spammer access to the ISP's e-mail server (assuming that the ISP is able to determine which customer is the spammer). If the ISP from which the spam is originated does not, or cannot, take action against the spammer, other ISPs or network providers will simply “blacklist” all e-mail messages from the spammer's ISP, which means that the other ISPs or network providers will refuse to accept or forward any e-mail messages coming from the spammer's ISP. This has unfortunate consequences for other customers of the spammer's ISP as their legitimate e-mail messages will also be rejected from the other ISPs or network providers. Thus, while Internet subscribers pay the cost and inconvenience of receiving spam, ISPs that receive spam and pass it on to the Internet face more their own set of consequences.
Not only must ISPs deal with the consequence of spam, but so must a growing number of shared Internet access providers (SIAPs). A SIAP may be a stand-alone service provider or, more commonly, a brick-and-mortar establishment (for example, a coffee house, a pub, or a café) that offers access to the Internet as an additional service, either through wired terminals or through a wireless network.
Wireless connectivity has recently become popular with SIAPs, especially those SIAPs that are also food establishments. A customer (a user) provides a laptop computer that either has a wireless 802.11x transmitter/receiver attached or built into the laptop. The SIAP provides a wireless 802.11x access point that shares an Internet connection with multiple users.
One problem with shared systems is that such systems can be used to send large volumes of unsolicited e-mail through the SIAP's ISP. The SIAP's ISP, in order to protect itself and its other customers from being blacklisted by other ISPs, may in turn block all e-mail message traffic from the SIAP.
There are several means by which a spammer can send e-mail message from an SIAP: (1) the spammer uses the SIAP's e-mail server; (2) the spammer uses the SIAP's network to transmit e-mail messages directly to another ISP's e-mail server (presumably the spammer is a customer of that other ISP and is actually paying for the other ISP's services); or (3) the spammer hosts an e-mail server on the spammer's laptop and transmits e-mail messages onto the Internet from the SIAP's network.
In the case of (2) above, the SIAP is not in jeopardy of being blacklisted as the other ISP's e-mail server is the source of the e-mail messages about which other ISPs will complain. However, the spammer may be affecting other customers of the SIAP if the spammer is consuming an excessive amount of bandwidth of the SIAP's shared network. In both (1) and (3), the SIAP is put in jeopardy of being blacklisted by other providers as it would appear as though all of the spam is originating from within the SIAP's network.
What ISPs, SIAPs, and other Internet access providers (collectively, IAPs) have in common is that e-mail abusers are a problem that may have serious consequences for the IAP and its customers.
What is needed is a system and method for determining whether e-mail messages originating from an IP address are spam and, if identified as spam, for limiting e-mail traffic originating from that IP address. Such a system and method should also provide means to determine if a particular IP address is using excess network resources to send e-mail over a network.