Home
>
Spam Blocking
>
How Spammers Fool Whitelists - And How to Stop Them

How Spammers Fool Whitelists - And How to Stop Them

Effectively stopping spam over the long-term requires much more than blocking individual IP addresses and creating rules based on keywords that spammers typically use. The increasing sophistication of spam tools coupled with the increasing number of spammers in the wild has created a hyper-evolution in the variety and volume of spam. The old ways of blocking the bad guys just don't work anymore.

Examining spam and spam-blocking technology can illuminate how this evolution is taking place and what can be done to combat spam and reclaim e-mail as the efficient, effective communication tool it was intended to be.

One method used to combat spam is whitelisting. Whitelists are databases of trusted email sources. The list may contain specific email addresses, IP addresses or trusted domains. Emails received from a whitelisted source are allowed to pass through the system to the user's email box. The list is built when users and email administrators manually add trusted sources to the whitelist. Once built, the catch-rate for spam can be close to 100%, however, whitelists produce an inordinate number of false positives.

It is virtually impossible to produce an exhaustive list of all possible legitimate email senders because legitimate email can come from any number of sources. To get around this difficulty, some organizations have instituted a challenge-response methodology. When an unknown sender sends an email to a user's account, the system automatically sends a challenge back to the sender. Some challenge-response systems require the sender to read and decipher an image containing letters and numbers. The image is designed to be unreadable by a machine, but easily recognizable by a human. Spammers would not spend the time required to go through a large number of challenge-response emails, so they drop the address and move on to those users who don't use such a system.

Whitelists are only partially successful and impractical for many users. For example, problems can arise when users register for online newsletters, order products online or register for online services. If the user does not remember to add the new email source to their whitelist, or if the domain or IP address is entered incorrectly, the communication will fail. Additionally, whitelists impose barriers to legitimate email communication and are viewed by some as just plain rude.

Whitelists are not widely used by email users and administrators as a primary tool to fight spam because of the high number of false positives, and the difficulties in creating a comprehensive list of email sources. Because whitelists are not widely used, spammers typically do not develop countermeasures. As with other spam fighting techniques, whitelists are most effective when used in conjunction with other anti-spam tools.

The Solution

When used individually, each anti-spam technique has been systematically overcome by spammers. Grandiose plans to rid the world of spam, such as charging a penny for each e-mail received or forcing servers to solve mathematical problems before delivering e-mail, have been proposed with few results. These schemes are not realistic and would require a large percentage of the population to adopt the same anti-spam method in order to be effective. You can learn more about the fight against spam by visiting our website at www.ciphertrust.com and downloading our whitepapers.

Dr. Paul Judge is a noted scholar and entrepreneur. He is Chief Technology Officer at CipherTrust, the industry's largest provider of enterprise email security. The company's flagship product, IronMail provides a best of breed enterprise anti spam solution designed to stop spam, phishing attacks and other email-based threats. Learn more by visiting enterprise anti spam solution today.

to o hare transportation Riverwoods .. Lockport Chicago limo O’Hare

In The News:

Kurt the CyberGuy walks through steps he recommends immediately taking after getting new electronics — like phones or TVs — as gifts this holiday season.

When speaking becomes physically challenging, you can preserve your unique voice using Apple's Personal Voice and Live Speech technology.

Google Maps is deleting location history soon. Tech expert Kurt “CyberGuy" Knutsson shows you how to back it up before it's gone.

iOS 18.2 lets AirTag owners securely share item locations with trusted individuals. Tech expert Kurt “CyberGuy" Knutsson examines the powerful new feature.

The FBI is warning timeshare owners of a telemarketing scam tied to a Mexican drug cartel. Tech expert Kurt “CyberGuy" Knutsson provides steps to stay safe.

Protecting your home network includes securing your router, just like your phone or laptop. Kurt “CyberGuy" Knutsson reveals six ways to protect your Wi-Fi router from hackers.

Kurt “CyberGuy" Knutsson: ConnectOnCall breach leaks sensitive data of 910,000+ patients.

Rising elder scams: How to recognize them and protect yourself and your loved ones. Tech expert Kurt “CyberGuy" Knutsson helps you outsmart the scammers.

There are common habits and oversights that could leave your financial information vulnerable to cybercriminals, according to Kurt the CyberGuy.

Counting calories just got easier with The Drop, the world's first automated nutrition tracker using advanced computer vision and artificial intelligence.

A virtual private network can help ensure your information remains security and your privacy remains intact. Kurt the CyberGuy explains.

Stay up to date on the latest AI technology advancements and learn about the challenges and opportunities AI presents now and for the future.

Artificial intelligence-based cameras are giving air defense operators unprecedented capabilities in monitoring and protecting airspace.

Apple's iOS 18.1 Inactivity Reboot automatically reboots your iPhone if it hasn't been used or unlocked for more than three days, providing better data protection.

An inventor designed rooftop solar panels for a Tesla that draws solar energy while the car is parked, adding travel mileage without plugging in.

There are currently no laws governing what artificial intelligence can and cannot do with the information it gathers; here are 10 things to avoid telling AI chatbots to keep yourself safe.

A credit union with over 240,000 members recently revealed it was targeted by cybercriminals, resulting in a data breach that was part of a two-month attack by hackers.

Scammers have become skilled at creating convincing fake websites that can easily fool unsuspecting users. The CyberGuy offers tips to protect yourself.

Stay up to date on the latest AI technology advancements and learn about the challenges and opportunities AI presents now and for the future.

CAPTCHAs, which are used by websites to confirm whether users are people or bots, are harmless, but hackers are using them to infect PCs with malware.

Hackers recently leaked personal information of about 500,000 Americans and stole patient medical records that included lab results and insurance details.

The holiday season sees a rise in mobile shopping scams. Tech expert Kurt “CyberGuy" Knutsson helps you learn how to stay safe.

Tech expert Kurt “CyberGuy" Knutsson says a VPN enhances online banking security by encrypting data and protecting privacy.

Beware of these six sneaky holiday scams. Tech expert Kurt “CyberGuy" Knutsson gives you tips to avoid falling victim.

Tech expert Kurt “CyberGuy" Knutsson reveals how to securely back up and factory reset your Android to protect your privacy and data.

How Spammers Fool Whitelists - And How to Stop Them

Spam Blocking