Effectively stopping spam over the long-term requires much more than blocking individual IP addresses and creating rules based on keywords that spammers typically use. The increasing sophistication of spam tools coupled with the increasing number of spammers in the wild has created a hyper-evolution in the variety and volume of spam. The old ways of blocking the bad guys just don't work anymore.
Examining spam and spam-blocking technology can illuminate how this evolution is taking place and what can be done to combat spam and reclaim e-mail as the efficient, effective communication tool it was intended to be.
Heuristics (Rule-based Filtering)
One method used to combat spam is Rule-based, or Heuristic Filtering. Rule-based filters scan email content for predetermined words or phrases that may indicate a message is spam. For example, if an email administrator includes the word "sex" on a company's rule-based list, any email containing this word will be filtered.
The major drawback of this approach is the difficulty in identifying keywords that are consistently indicative of spam. While spammers may frequently use the words "sex" and 'Viagra" in spam emails, these words are also used in legitimate business correspondence, particularly in the healthcare industry. Additionally, spammers have learned to obfuscate suspect words by using spellings such as "S*E*X", or "VI a a GRR A".
It is impossible to develop dictionaries that identify every possible misspelling of "spammy" keywords. Additionally, because filtering for certain keywords produces large numbers of false positives, many organizations have found they cannot afford to rely solely on rule-based filters to identify spam.
Signature-Based Spam Filters
Another method used to combat spam is Signature-based Filtering. Signature-based filters examine the contents of known spam, usually derived from honey pots, or dummy email addresses set up specifically to collect spam. Once a honey pot receives a spam message, the content is examined and given a unique identifier. The unique identifier is obtained by assigning a value to each character in the email. Once all characters have been assigned a value, the values are totaled, creating the spam's signature. The signature is added to a signature database and sent as a regular update to the email service's subscribers. The signature is compared to every email coming in to the network and all matching messages are discarded as spam.
The benefit of signature-based filters is that they rarely produce false-positives, or legitimate email incorrectly identified as spam. The drawback of signature-based filters is that they are very easy to defeat. Because they are backward-looking, they only deal with spam that has already been sent. By the time the honey pot receives a spam message, the system assigns a signature, and the update is sent and installed on the subscribers' network, the spammer has already sent millions of emails. A slight modification of the email message will render the existing signature useless.
Furthermore, spammers can easily evade signature-based filters by using special email software that adds random strings of content to the subject line and body of the email. Because the variable content alters the signature of each email sent by the spammer, signature-based spam filters are unable to match the email to known pieces of spam.
Developers of signature-based spam filters have learned to identify the tell-tale signs of automated random character generation. But as is often the case, spammers remain a step ahead and have developed more sophisticated methods for inserting random content. As a result, most spam continues to fool signature-based filters.
The Solution
When used individually, each anti-spam technique has been systematically overcome by spammers. Grandiose plans to rid the world of spam, such as charging a penny for each e-mail received or forcing servers to solve mathematical problems before delivering e-mail, have been proposed with few results. These schemes are not realistic and would require a large percentage of the population to adopt the same anti-spam method in order to be effective. You can learn more about the fight against spam by visiting our website at www.ciphertrust.com and downloading our whitepapers.
Dr. Paul Judge is a noted scholar and entrepreneur. He is Chief Technology Officer at CipherTrust, the industry's largest provider of enterprise email security. The company's flagship product, IronMail provides a best of breed enterprise anti spam solution designed to stop spam, phishing attacks and other email-based threats. Learn more by visiting enterprise anti spam solution today.
Wood Dale Chicago prom limo .. Lockport Chicago limo O’HareI'm really, truly fed up with spam. Every day when... Read More
While we all admit that unsolicited commercial email is a... Read More
You may have already received a do not spam list... Read More
Before we start getting deep into the meat of this... Read More
A blacklist, as the name implies, is a list of... Read More
The Vandals are coming! And this time they're after your... Read More
It's no secret that the US economy has slowed down,... Read More
Below is a letter I wrote to the following organizations:S.H.U.... Read More
Each day we all face the same challenge. Spam. It... Read More
If you are buried in SPAM then you're not alone.... Read More
Spam filters are responsible for deleting a high percentage of... Read More
Let me ask a couple of questions:If (potential) customers sends... Read More
E-mails now have a connection back to their servers. I... Read More
About a month ago I had the privilege of giving... Read More
Spam can be a lot more damaging than you might... Read More
1. Ignore Spam EmailDo not open an unsolicited email. Spammers... Read More
In 1998, nearly 10% of all email traffic on the... Read More
Spam is out of control! I guess that would be... Read More
News last week that Internet service provider Verizon settled its... Read More
Did you know that there are software programs that view... Read More
If you're anything like me, you're pretty sick of it,... Read More
With SPAM being such a problem it might seem the... Read More
Spam filter is the solution that most people resort when... Read More
Like everybody who will ever read this, I get spam... Read More
You're not alone!Who hasn't surfed the web looking for information... Read More
Antigo wedding limo ..While we all admit that unsolicited commercial email is a... Read More
A Privacy Policy can be defined as the policy under... Read More
Are you tired of spam stealing your time, your money,... Read More
You just sat at your desk, opened your email account... Read More
Why is someone from India, Africa, or elsewhere writing you... Read More
There are hundreds of thousands of people who are trying... Read More
1. Ignore Spam EmailDo not open an unsolicited email. Spammers... Read More
This review is taken DIRECTLY from a piece of "junk... Read More
What comes to your mind when you think about your... Read More
Google is engaged in a war. It is a war... Read More
What is spam ? ... Read More
Even being as careful as possible with my email address,... Read More
As the flood of spam increases end users are looking... Read More
Spam can bring down your website faster than a speeding... Read More
For years I didn't worry much about spam.But lately it's... Read More
A hearty welcome to all the spam fighting filters and... Read More
No. I'm not talking here about the outdoor activity enjoyed... Read More
I'm sure I'm not the only person on the planet... Read More
Very often SPAMMERS take advantage of catch-all email setup on... Read More
Are you getting too much spam? We all are, but... Read More
... and you'd better sit up and take notice! Customers... Read More
I imagine you have seen, heard about, or already know... Read More
You can stop unwanted email spam, you can choose to... Read More
Although there still seem to be some differences among the... Read More
The first thing I do every morning when I wake... Read More
Spam Blocking |