Techniques for combating spam mails, Computer Network Security

Assignment Help:

Techniques for combating Spam mails

Many anti spam products are commercially available in market. But it should also be noted that no  one technique is a complete solution to the problem of spam and each has trade-offs between incorrectly rejected legitimate e-mail and not rejecting all spam, and the associated cost in terms of time and effort.

Some of the commercial anti spam products are Surf control, GFI Mail Essentials, Red Earth Policy Patrol etc. Each of these products does a reasonably good job filtering SPAM at the Exchange level, but each has its strengths and weaknesses.

SurfControl takes a multi step approach to filtering SPAM. First, SurfControl blocks the mail relay host. This proves to be huddle to the spammers in relaying SPAM through the server on its way to other destinations. Closing the relay host is a good feature, but it can be easily achieved  directly through Exchange.

Next, SurfControl makes use of an anti SPAM agent to scrutinize each incoming mail. The tests performed on the messages include like a dictionary based scan that looks for words and phrases commonly used by spammers , and a client name DNS lookup. This lookup tests each address by comparing the sending domain's DNS entry against the IP address that actually sent the message. This checks for spoofed E-mail addresses. Messages are also checked against a live database of blacklisted senders. Senders can be blacklisted by domain, E-mail address, and IP address. One of the best features of SurfControl is that the online database contains actual SPAM messages that have been stored to produce digital signatures. When a new message arrives, the message's digital signature is compared against those stored in the database. Finally, if a received message contains some HTML code, the HTML code is stripped from the message. This would  remove any potentially harmful code.

GFIMailEssential firstly looks at what language the inbound messages are sent in. A lot of SPAM comes from foreign countries and is not even written in English or any other native language which is generally used. If a message comes into organization and is in a foreign language, the message can automatically be treated as SPAM . GFIMailEssential uses black lists and white lists.  In addition,GFI product also has the capacity to use third party blacklists. This means that the GFI product can also be benefitted by Internet databases containing the IP addresses of known spammers.

Red Earth Policy Patrol is a comprehensive e-mail-filtering software that offers advanced anti-spam, anti-virus, content & attachment checking, disclaimers, archiving and reporting. Using content filtering, Policy Patrol cuts down on false positives by allowing word scores to differentiate between certain phrases and words. Using this approach, an administrator can ensure minimal disruption is caused while still maintaining high standards of protection. In all, this solution provides effective filtering and has the benefit of anti-virus to further protect the  network from both known and potentially dangerous new threats, while ensuring that content is both legal and appropriate.

Some anti-spam sites, such as projecthoneypot.org, provide code which the users can include in their website pages. Typically, the pages contain one or more unique, randomised and hidden e-mail addresses or links, intended not for the human visitors but for spambots. Each time the page is served, the embedded addresses are automatically changed, allowing individual pieces of spam to be directly matched to the IP address of bots which gathered or harvested the addresses from naive sites. The IP address which the bot used to view the site is automatically submitted to the operators of the blacklist service. Often a link to a fake 'comment' or 'guest book' is also hidden as a trap to bots which post spam to web forms.

Some measures can be taken at the level of the end user also to combat spam.

Sharing of email addresses with unknown people should be avoided.When it is absolutely necessary to forward messages to recipients who don't know one another, it is a good practice to list the recipient names all after 'bcc:' instead of after 'to:'. This practice also decreases the risk of the address being distributed by machines affected with email address harvesting malware.

The email addresses,while posting on blogs and web sites, can be altered in such a way that they can only be read by humans and not by spammers. Avoid responding to spam as this would not stop the spammer from further sending spam mails rather this would confirm that the mailing address is valid and would lead to more spam mails.

With the advent of more and more anti spamming techniques, the number of spam mails have been reduced considerably. There has been a fair degree of success in the recent prosecutions of spammers. The biggest challenge in this field is that the laws of the land are not applicable on internet. There are also some issues of international Law which may prevent action being taken against overseas spammers. A joint effort is being made by different countries in collaboration with the industry to combat this problem.


Related Discussions:- Techniques for combating spam mails

Firewall architectures-screened subnet architecture, Screened Subnet Archit...

Screened Subnet Architecture This setup provides an extra security layer to screened host architecture by creating a perimeter subnet which further isolates internal network f

Collision, COLLISION: The receiver can get simultaneous requests, which gi...

COLLISION: The receiver can get simultaneous requests, which gives in collision at receivers and both service lost and in this way no transmitter accepts reservations and both use

Explain the terms used in network security, Question 1 (a) Explain b...

Question 1 (a) Explain briefly the following terms as used in network security: (i) Denial of service (DoS) attack (ii) Birthday attack (iii) DeMilitarized Zone

Mastering the complexity of network system, To master the complexity one mu...

To master the complexity one must apply the given points. CONCENTRATE IN UNDERSTANDING THE CONCEPTS: Instead of details of wires used to connect computers to a specif

Briefly list functions of a public key infrastructure, Question: (a) Wh...

Question: (a) What is the major problem with public key encryption when compared to symmetric key encryption? (b) Consider the following protocol for communication between t

What do you understand by the concept web of trust, Question: a) Name ...

Question: a) Name a method to allow a person to send a confidential email to another person, without risks of a third-party reading the email. Describe briefly the operations

Security goals, what is relation ship between computer security goals?

what is relation ship between computer security goals?

Define half-duplex, A  half-duplex (HDX) system gives communication in b...

A  half-duplex (HDX) system gives communication in both directions, but only one direction at a time. Hardly, once a party stats receiving a signal, it must need for the transmi

Example of an attack against a windows, The objective of this example is to...

The objective of this example is to demonstrate the steps required for a successful attack against a vulnerable Windows XP SP2 system. It will show: a) how Nessus can be used to di

What is an autonomous system, QUESTION 1: a) Differentiate between a r...

QUESTION 1: a) Differentiate between a routing protocol and a routed protocol. b) Describe any three design goals of Routing protocols. c) Lists some of the features shared

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd