Effectively stopping spam over the long-term requires much more than blocking individual IP addresses and creating rules based on keywords that spammers typically use. The increasing sophistication of spam tools coupled with the increasing number of spammers in the wild has created a hyper-evolution in the variety and volume of spam. The old ways of blocking the bad guys just don't work anymore.
Examining spam and spam-blocking technology can illuminate how this evolution is taking place and what can be done to combat spam and reclaim e-mail as the efficient, effective communication tool it was intended to be.
One method used to combat spam is blacklisting. The goal of blacklisting is to force Internet Service Providers (ISPs) to crack-down on customers who send spam. A blacklisted ISP is blocked from sending email to organizations. When an ISP is blacklisted, they are provided with a list of actions they must take in order to be removed from the blacklist. This controversial method blocks not just the spammers, but all of the ISP's customers. Blacklisting is generally considered an unfriendly approach to stopping spam because the users most affected by the blacklist are email users who do not send spam. Many argue blacklisting actually damages the utility of email more than it helps stop spam since the potential for blocking legitimate email is so high.
In addition to the ethical considerations, there are other problems with blacklists. Many blacklists are not updated frequently enough to maintain effectiveness. Some blacklist administrators are irresponsible in that they immediately block suspect servers without thoroughly investigating complaints or giving the ISP time to respond. Another downside is that blacklists are not accurate enough to catch all spam. Only about half of servers used by spammers, regardless of how diligent the blacklist administrator may be, are ever cataloged in a given blacklist.
Blacklists are used because they can be partially effective against spammers who repeatedly use the same ISP or email account to send spam. However, because spammers often change ISPs, re-route email and hijack legitimate servers, the spammer is a moving target. Blacklist administrators are forced to constantly revise lists, and the lag-time between when a spammer begins using a given server and when the blacklist administrator is able to identify the new spam source and add it to the blacklist allows spammers to send hundreds of millions of emails. Spammers consider this constant state of flux a part of doing business and are constantly looking for new servers to send spam messages.
When used individually, each anti-spam technique has been systematically overcome by spammers. Blacklists have some utility in stopping known spammers, but they may also block valid emails. Because of their limitations, blacklist data should only be used in conjunction with other sources to determine if a given message is spam. Grandiose plans to rid the world of spam, such as charging a penny for each e-mail received or forcing servers to solve mathematical problems before delivering e-mail, have been proposed with few results. These schemes are not realistic and would require a large percentage of the population to adopt the same anti-spam method in order to be effective.
The Solution
Reputation systems offer a comprehensive anti spam solution by dynamically updating black and whitelists based on sender behavior. These systems also automatically update and score messages thereby removing the burden from administrators. Today's spammers are more clever than ever, so today's reputation systems must be equally sophisticated. An effective reputation system must be dynamic, comprehensive, precise, and based on actual enterprise mail traffic in order to keep the spammers from gaining any advantage. You can learn more about the fight against spam by visiting our website at www.ciphertrust.com and downloading our whitepapers.
Dr. Paul Judge is a noted scholar and entrepreneur. He is Chief Technology Officer at CipherTrust, the industry's largest provider of enterprise email security. The company's flagship product, IronMail provides a best of breed enterprise anti spam solution designed to stop spam, phishing attacks and other email-based threats. Learn more by visiting enterprise anti spam solution today.
We've all become familiar with the term spam. It's become... Read More
Your message is not being delivered.If you send emails to... Read More
Phishing is rapidly becoming on the largest threats to your... Read More
Am I Just Being Paranoid Or Are The Robots Out... Read More
It's no secret that the US economy has slowed down,... Read More
Block Spam and Other Email Threats From Entering Your Gateway... Read More
Spam can be a lot more damaging than you might... Read More
Why is someone from India, Africa, or elsewhere writing you... Read More
A Privacy Policy can be defined as the policy under... Read More
Spam, as defined in the context of computers, the Internet... Read More
6 August, 2004: Polesoft Inc., home of Professional anti spam... Read More
Why do so many people think I need to take... Read More
Until recently, spam has been an annoyance, a definite load... Read More
Although there still seem to be some differences among the... Read More
Before we start getting deep into the meat of this... Read More
5 Ways Spam Is Affecting Your Business And what we... Read More
You just sat at your desk, opened your email account... Read More
Anyone who uses email knows what Spam is!It's annoying and... Read More
Unless the filters on your computer are really good, you're... Read More
English, German, Italian - It's All SPAM To MeHas anyone... Read More
You may have already received a do not spam list... Read More
Below is a letter I wrote to the following organizations:S.H.U.... Read More
Like everybody who will ever read this, I get spam... Read More
Spam filter is the solution that most people resort when... Read More
With the number of spam filtering solutions increasing each week... Read More
Before we start getting deep into the meat of this... Read More
In 1998, nearly 10% of all email traffic on the... Read More
Spam is annoying. Period. Why people would want to send... Read More
Although there still seem to be some differences among the... Read More
... and you'd better sit up and take notice! Customers... Read More
Google is engaged in a war. It is a war... Read More
For years I didn't worry much about spam.But lately it's... Read More
Junk e-mail or spam has become the scourge of the... Read More
6 August, 2004: Polesoft Inc., home of Professional anti spam... Read More
Death by spam is now possible with a new device... Read More
You just sat at your desk, opened your email account... Read More
English, German, Italian - It's All SPAM To MeHas anyone... Read More
In a word Bayesian spam filters are "intelligent". Bayesian spam... Read More
Very often SPAMMERS take advantage of catch-all email setup on... Read More
They're sneaky. And stealthy. They're quiet and mostly unobtrusive, but... Read More
A Privacy Policy can be defined as the policy under... Read More
Q: I am so sick of all the spam that... Read More
With the number of spam filtering solutions increasing each week... Read More
I. BACKGROUNDThe CAN-SPAM Act of 2003 (Controlling the Assault of... Read More
It seems like the volume of email spam has doubled... Read More
Most of us have opened our email program and found,... Read More
We receive so much information on the Internet, especially via... Read More
You can stop unwanted email spam, you can choose to... Read More
Spammers get email addresses from web pages using programs called... Read More
Let me ask a couple of questions:If (potential) customers sends... Read More
Spam Blocking |