Home
>
Spam Blocking
>
How Spammers Fool Whitelists - And How to Stop Them

How Spammers Fool Whitelists - And How to Stop Them

Effectively stopping spam over the long-term requires much more than blocking individual IP addresses and creating rules based on keywords that spammers typically use. The increasing sophistication of spam tools coupled with the increasing number of spammers in the wild has created a hyper-evolution in the variety and volume of spam. The old ways of blocking the bad guys just don't work anymore.

Examining spam and spam-blocking technology can illuminate how this evolution is taking place and what can be done to combat spam and reclaim e-mail as the efficient, effective communication tool it was intended to be.

One method used to combat spam is whitelisting. Whitelists are databases of trusted email sources. The list may contain specific email addresses, IP addresses or trusted domains. Emails received from a whitelisted source are allowed to pass through the system to the user's email box. The list is built when users and email administrators manually add trusted sources to the whitelist. Once built, the catch-rate for spam can be close to 100%, however, whitelists produce an inordinate number of false positives.

It is virtually impossible to produce an exhaustive list of all possible legitimate email senders because legitimate email can come from any number of sources. To get around this difficulty, some organizations have instituted a challenge-response methodology. When an unknown sender sends an email to a user's account, the system automatically sends a challenge back to the sender. Some challenge-response systems require the sender to read and decipher an image containing letters and numbers. The image is designed to be unreadable by a machine, but easily recognizable by a human. Spammers would not spend the time required to go through a large number of challenge-response emails, so they drop the address and move on to those users who don't use such a system.

Whitelists are only partially successful and impractical for many users. For example, problems can arise when users register for online newsletters, order products online or register for online services. If the user does not remember to add the new email source to their whitelist, or if the domain or IP address is entered incorrectly, the communication will fail. Additionally, whitelists impose barriers to legitimate email communication and are viewed by some as just plain rude.

Whitelists are not widely used by email users and administrators as a primary tool to fight spam because of the high number of false positives, and the difficulties in creating a comprehensive list of email sources. Because whitelists are not widely used, spammers typically do not develop countermeasures. As with other spam fighting techniques, whitelists are most effective when used in conjunction with other anti-spam tools.

The Solution

When used individually, each anti-spam technique has been systematically overcome by spammers. Grandiose plans to rid the world of spam, such as charging a penny for each e-mail received or forcing servers to solve mathematical problems before delivering e-mail, have been proposed with few results. These schemes are not realistic and would require a large percentage of the population to adopt the same anti-spam method in order to be effective. You can learn more about the fight against spam by visiting our website at www.ciphertrust.com and downloading our whitepapers.

Dr. Paul Judge is a noted scholar and entrepreneur. He is Chief Technology Officer at CipherTrust, the industry's largest provider of enterprise email security. The company's flagship product, IronMail provides a best of breed enterprise anti spam solution designed to stop spam, phishing attacks and other email-based threats. Learn more by visiting enterprise anti spam solution today.

shuttle from O'Hare Orland Park .. Lockport Chicago limo O’Hare

In The News:

FireSat is a satellite project designed to detect and track wildfires early, aiming to detect a fire that's the size of a classroom within 20 minutes.

Tech expert Kurt “CyberGuy" Knutsson reports that researchers have uncovered a Chrome vulnerability used in a cyber espionage campaign.

Preserving voicemails securely on Android: Tech expert Kurt “CyberGuy" Knutsson reveals easy methods to keep memories alive forever.

This phishing kit bypasses 2FA via session hijacking and real-time credential theft. Kurt “CyberGuy" Knutsson offers four ways to stay safe from Astaroth phishing attacks.

Tech expert Kurt “CyberGuy" Knutsson discusses Joby Aviation and Virgin Atlantic planning to launch 200-mph U.K. air taxis linking airports and cities.

Fake Apple virus warnings, security alerts and messages are tactics used to prompt you to call a number or click on a malicious link. The CyberGuy explains how to protect your devices.

The combination of artificial intelligence and neuroscience allows a paralyzed man to manipulate a robotic arm by using his brain to imagine movements.

With the help of artificial intelligence, sophisticated fraud techniques emerging today are virtually undetectable to the untrained eye.

Stay up to date on the latest AI technology advancements and learn about the challenges and opportunities AI presents

If you need to free up space on your Mac, consider deleting duplicate photos in your image library. Apple makes it easy to do, and the CyberGuy explains the process.

Microsoft is discontinuing Skype in May after 22 years of service. Kurt the CyberGuy addresses other options for internet-based phone and video service.

Tron 1, a Chinese company's two-legged robot, is versatile and can walk, roll and pivot, even on rough terrain. Tron 1 stands 33 inches tall and weighs 44 pounds.

Hackers are tricking people into installing password-stealing malware by making them press keyboard shortcuts under the pretense of proving they're not bots.

Saving the voices of loved ones can be a comforting way to keep alive memories. Kurt "the CyberGuy" Knutsson explains how to preserve voicemail messages.

Stay up to date on the latest AI technology advancements and learn about the challenges and opportunities AI presents now and for the future.

The FBI warns that some free online document converters load malware onto people's computers, making their private information vulnerable to attack.

Toyota's compact electric FT-Me is designed to tackle challenges of city living while offering an accessible and eco-friendly transportation solution.

Kurt “CyberGuy" Knutsson says 23andMe's bankruptcy raises data privacy fears: Opt out, download and delete data now.

UBTech and Zeekr unite with AI robot swarms to make car manufacturing faster and smarter. Tech expert Kurt “CyberGuy" Knutsson explains how the process works.

Tech expert Kurt “CyberGuy" Knutsson says Apple's Passwords app had a three-month phishing flaw from iOS 18 to 18.2 patch.

Tech expert Kurt “CyberGuy" Knutsson discusses how this super-small electric mini-truck takes a big step toward production.

Artificial intelligence-generated images and videos that use someone’s likeness typically target women without their consent. The CyberGuy unpacks how to protect loved ones.

A humanoid robot developed in China has transformed from a nimble dancer to performing kung fu moves with surprising precision and balance.

To protect memories, documents and personal data, you should back up your information on personal drives, according to Kurt the CyberGuy.

Stay up to date on the latest AI technology advancements and learn about the challenges and opportunities AI presents

How Spammers Fool Whitelists - And How to Stop Them

Spam Blocking