Anti Spam
Why does the small and medium business (SMB) need Anti Spam?
Let me ask you a personal question as a business professional – do you need to refinance your house, buy a fake Rolex, or take some medicine not prescribed by your doctor to be more productive at work? If Aliens ever came to earth and read our email, that would probably be what they thought we spent 90% of our time doing!
While spam does not normally impact resources as aggressively as a virus or spyware, it can have a major impact on productivity as users are constantly bombarded with unwanted email that effects there day. Also, as an employer, you may be liable for what your employees are exposed to. If inappropriate spam or email offends an employee, you may have a hostile work environment suit on your hands.
What is Anti Spam?
From wikipeida.com:
As the recipient directly bears the cost of delivery, storage, and processing, one could regard spam as the electronic equivalent of “postage-due” junk mail. However, this does not mean that all commercial email is spam; for example, some recipients may have opted in (i.e., willingly chosen) to receive the marketer’s email.
Spam is sent by organizations of varying sizes and motivations. Some are large, well-known companies; spam from these sources is sometimes called mainsleaze. Spammers may engage in deliberate fraud to send out their messages. Spammers often use false names, addresses, phone numbers, and other contact information to set up “disposable” accounts at various Internet service providers. They also often use falsified or stolen credit card numbers to pay for these accounts. This allows them to move quickly from one account to the next as the host ISPs discover and shut down each one.
Increasingly, spammers use networks of virus-infected PCs (zombies) to send their spam. Zombie networks are also known as Botnets. In June 2006, an estimated 80% of e-mail spam were sent by zombie PCs, an increase of 30% from the prior year. An estimated 55 billion e-mail spam were sent each day in June 2006, an increase of 25 billion per day from June 2005.
Some popular methods for filtering and refusing spam include e-mail filtering based on the content of the e-mail, DNS-based blackhole lists (DNSBL), greylisting, spamtraps, enforcing technical requirements, checksumming systems to detect bulk email, and by putting some sort of cost on the sender via a Proof-of-work system or a micropayment. Each method has strengths and weaknesses and each is controversial due to its weaknesses.
Detecting spam based on the content of the e-mail, either by detecting keywords such as “viagra” or by statistical means, is very popular. Such methods can be very accurate when they are correctly tuned to the types of legitimate email that an individual gets, but they can also make mistakes such as detecting the keyword “cialis” in the word “specialist”. The content also doesn’t determine whether the email was either unsolicited or bulk, the two key features of spam. So, if a friend sends you a joke that mentions “viagra”, content filters can easily mark it as being spam even though it is both solicited and not bulk.
Spamtraps are often email addresses that were never valid or have been invalid for a long time that are used to collect spam. An effective spamtrap is not announced and is only found by dictionary attacks or by pulling addresses off hidden webpages. For a spamtrap to remain effective the address must never be given to anyone. Some black lists, such as spamcop, use spamtraps to
catch spammers and blacklist them.Enforcing technical requirements of the Simple Mail Transfer Protocol (SMTP) can be used to block mail coming from systems that are not compliant with the RFC standards. A lot of spammers use poorly written software or are unable to comply with the standards because they do not have legitimate control of the computer sending spam (zombie computer). So by setting restrictions on the mail transfer agent (MTA) a mail administrator can reduce spam significantly. In many situations, simply requiring a valid fully qualified domain name (FQDN) in the SMTP’s EHLO (extended hello) statement is enough to block 25% of incoming spam. Some small organizations go so far as to remove their MX (Mail eXchange) record and arrange to have their A-record point to their SMTP server. RFC standards call for fall-back to a domain’s A record when an MX lookup fails. While this method runs the risk of losing some legitimate e-mail from being received, some claim that it results in a 75% reduction in spam.
Contact CopiaTECH to see how we can help you today with Anti Spam products.