|Page (1) of 3 - 02/15/06||email article||print page|
Stopping Spam At the Server: The Meta-View
It doesn't take me long to clean the junk out of my non-virtual mail box. But for ordinary computer users -- and the IT staff who support them -- the e-mail burden is much heavier. Most experts estimate that more than half of Internet e-mail traffic is unsolicited commerical e-mail: junk that fills up our in-boxes, drowns us in clutter, phishes for identity theft, and offends us with fake offers for even more fake products.
In many companies, the end-users fight back on their own desktops. They install content filters on their e-mail client applications, so that any messages containing certain words -- you know which those are -- goes into a Junk folder. Or they'll sign up for intrusive opt-in services (called "challenge-response" services), which require correspondents to fill in a "yes, I'm human" form before their messages are authorized to actually reach the user.
Meanwhile, the spam flows through your e-mail servers, and half of the traffic you manage is stuff that nobody wants. If you can minimize the amount of spam that gets onto your local network, you'll reduce support problems, require less bandwidth and disk storage, and make your users love you.
In this article, I'll give a brief overview of techniques that can help you stop spam at the server, with a few resources about how to learn more. Later articles will go into some detail about these techniques.
Philosophical Attitude Adjustment
Before we get into specifics, though, it's important to adopt the right philosophy about spam fighting. We once assumed that all e-mail was good, unless it proved itself otherwise. Because of the volume of junk -- now that the scales tip the other way -- fighting spam requires that you assume that all mail is bad (or at best neutral) unless it proves that it's good.
The easiest way for e-mail to prove its worthiness is to determine if it follows the rules. Quite simply, spammers are not law-abiding, at least in regard to the e-mail RFCs.
RFC stands for "Request for Comment," but in reality the RFCs are the standards which detail how the Internet works. The Internet Engineering Task Force (IETF) The IETF is the protocol engineering and development arm of the Internet. As the IETF's documentation states, "Each distinct version of an Internet standards-related specification is published as part of the 'Request for Comments' (RFC) document series." In other words, it's the rulebook.
Spammers who did follow the rules wouldn't last long. Any spammer who used a valid e-mail address which was accurately registered would be reported to black lists within hours. If there was any legal hanky-panky in the services or products ordered (which is a strong likelihood; how often have you seen spam for something legal you actually wanted?), the cops would knock on the door soon thereafter. As a result, you can count on one thing: spammers lie.
Part of the philosophy behind several effective spam-fighting methods, therefore, is to ensure that whomever sends an e-mail message is rule-abiding. Plus, in addition to sending the spammers packing, you'll also get rid of lots of viruses; the people who send those don't follow the rules, either.
Another part of the philosophy is to look at the behavior of the message rather than its content. While some might argue, content filtering doesn't work. At least, it doesn't work well.
Related Keywords:spam, e-mail, greylisting, teergrubing, administration, network, virus
Source:Digital Media Online. All Rights Reserved