Logo -Internet Security Systems

Anti-spam
advICE :Countermeasures : Anti-spam
Spamming is one of the biggest real hacking attacks carried out on the Internet. Spams costs victims money due to lost time, CPU, disk storage, and Internet bandwidth.

Spammers have two main goals: collect valid e-mail addresses and relay spam through other peoples systems. Concerns that administrators must confront are:

open relays
Roughly 50% of all e-mail servers on the Internet will "relay" spam, meaning a spammer can send the server a single e-mail with a hundred recipients, and the server will forward that e-mail. This sucks the CPU/bandwidth from the server, and hides the real source of the spam.
mailto surfing
Spammers surf web sites looking for any e-mail addresses they can find in the web pages in order to spam those people.
overload
Administrators at large corporations will find that a significant amount of overhead is spent dealing with occasional instances of massive spam sent to their users.
policy
End-users must be made aware of how to respond to spam (for example, sending e-mail asking to be removed from one spammer's list usually results in being added to a hundred other spam lists).
    • MAPS RBL-A must-read resource about how to prevent your e-mail server from relaying spam to other people (and consequently, overloading your own server). The Mail Abuse Prevention System, Real-time Blackhole List.
    • RFC2505 -Best Current Practice RFC. Describes how to stop unauthorized mail-relaying in order to force spammers out into the open.
    • ORBS-Open Relay Behavior-modification System
    • IMRSS-Internet Mail Relay Services Survey Project This actively sweeps netblocks worldwide looking for open mailservers. It's also fed from an extensive range of spamtrap addresses. This is the database to use if you want to tag or stop mail from open relays, however implementing filters based on data from it may be politically sensitive because of the "hunting down open relays" aspect of their operation.
    • Yahoo on "bot bait"-Many spammers get their e-mail addresses by trolling through sites hunting for addresses.
    • Relay Strobe-Linux tool for finding open e-mail relays. See also http://typhaon.ucs.uwa.edu.au/EmailSecurity/EmailSecurity.txt
    • Sendmail-The most popular e-mail server on the net; the latest version comes with spam-filters.

    RESOURCES
  • Books
  • FAQs
  • Intro
  • News
  • Lists
  • Notes
    • SEARCH

    Privacy Policy |  Copyright Info