DOCSLIB.ORG

Anti-Spam Methods – State-Of-The-Art

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Anti-Spam Methods – State-Of-The-Art Anti-Spam Methods – State-of-the-Art W. Gansterer, M. Ilger, P. Lechner, R. Neumayer, J. Strauß Institute of Distributed and Multimedia Systems Faculty of Computer Science University of Vienna, Austria March 2005 This report summarizes the results of Phase 1 of the project FA 384018 “Spamabwehr” of the Institute of Distributed and Multimedia Systems at the University of Vienna, funded by Mobilkom Austria, UPC Telekabel and Internet Service Providers Austria (ISPA). We would like to thank Mobilkom Austria, UPC Telekabel and Internet Service Providers Austria (ISPA) for their support which made this research project possible. We also would like to express our gratitude to all those commercial vendors of antispam tools who provided us with their products for experimental investigations as well as to the volunteers who provided us private e-mail messages for testing purposes. Copyright: © 2005 by University of Vienna. All rights reserved. No part of this publication may be reproduced or distributed in any form or by any means without the prior permission of the authors. The Institute of Distributed and Multimedia Systems at the University of Vienna does not guarantee the accuracy, adequacy or completeness of any information and is not responsible for any errors or omissions or the result obtained from the use of such information. Note: Experimental data not to be used for ranking purposes Since the objective of this report was the analysis of existing methodology and not a comprehensive and detailed evaluation or comparison of available anti-spam products/tools, the results of our experiments must not be interpreted as a “ranking”. In order to produce a sound basis for a rigorous “ranking” of various anti-spam products/tools more effort has to be spent on defining comparable parameter settings and on fine tuning. 2 About the Authors Project “Spamabwehr” was launched in summer 2004 at the Department of Computer Science (Distributed Systems group) which, due to internal restructuring at the University of Vienna, became the new Institute of Distributed and Multimedia Systems at the Faculty of Computer Science. The team: Dr. Wilfried Gansterer (project leader), Michael Ilger, Peter Lechner, Robert Neumayer and Jürgen Strauß. From left to right: J. Strauß, M. Ilger, P. Lechner, W. Gansterer, R. Neumayer Contact for Project “Spamabwehr”: phone: +43-1-4277-39650 e-mail: Each team member can be contacted at [email protected] The institution: The Faculty of Computer Science (Fakultät für Informatik) is currently lead by Dean Prof. Dr. Günter Haring. The Institute of Distributed and Multimedia Systems, headed by Prof. DDr. Gerald Quirchmayr, is one of the institutes within this faculty. Institute of Distributed and Multimedia Systems University of Vienna Lenaugasse 2/8, A-1080 Vienna (Austria) 3 Table of Content EXECUTIVE SUMMARY ..................................................................................................................6 1. INTRODUCTION........................................................................................................................9 1.1. WHAT IS “SPAM”?...............................................................................................................10 1.2. STATISTICAL DATA .............................................................................................................11 1.2.1. Total Amount of Spam...............................................................................................11 1.2.2. Sources of Spam........................................................................................................13 1.2.3. Content of Spam........................................................................................................14 1.3. THE ECONOMIC BACKGROUND ...........................................................................................15 1.3.1. Why Spam?................................................................................................................15 1.3.2. Damage Caused by Spam..........................................................................................18 1.3.3. Conclusion ................................................................................................................18 1.4. THE TECHNICAL BACKGROUND ..........................................................................................19 1.4.1. Simple Mail Transfer Protocol..................................................................................19 1.4.2. Internet Message Format ..........................................................................................20 1.4.3. Spammers’ Techniques..............................................................................................21 2. ANTI-SPAM METHODS..........................................................................................................23 2.1. QUALITY CRITERIA FOR ANTI-SPAM METHODS ..................................................................23 2.2. SENDER SIDE (=PRE-SEND) METHODS ................................................................................25 2.2.1. Increasing Sender Costs............................................................................................25 2.2.2. Increasing Spammers’ Risk.......................................................................................29 2.3. RECEIVER SIDE (=POST-SEND) METHODS...........................................................................30 2.3.1. Approaches Based on Source of Mail .......................................................................30 2.3.2. Approaches Based on Content ..................................................................................38 2.3.3. Using Source and Content ........................................................................................41 2.4. SENDER AND RECEIVER SIDE ..............................................................................................47 2.4.1. IM 2000.....................................................................................................................48 2.4.2. AMTP ........................................................................................................................48 3. PRODUCTS AND TOOLS .......................................................................................................49 3.1. OVERVIEW ..........................................................................................................................49 3.1.1. Quality Criteria.........................................................................................................49 3.1.2. Comparisons of Anti-Spam Software ........................................................................49 3.2. COMMERCIAL PRODUCTS.....................................................................................................50 3.2.1. Symantec Brightmail Anti-Spam ...............................................................................50 3.2.2. Kaspersky Anti-Spam ................................................................................................52 3.2.3. SurfControl E-Mail Filter for SMTP.........................................................................53 3.2.4. Symantec Mail Security for SMTP ............................................................................55 3.2.5. Borderware MXtreme Mail Firewall ........................................................................57 3.2.6. Ikarus mySpamWall ..................................................................................................57 3.2.7. Spamkiss....................................................................................................................58 3.3. OPEN SOURCE .....................................................................................................................60 3.3.1. SpamAssassin............................................................................................................60 3.3.2. CRM 114 ...................................................................................................................61 3.3.3. Bogofilter ..................................................................................................................62 4. PERFORMANCE EVALUATION ..........................................................................................63 4.1. SOURCES FOR OUR OWN SAMPLES......................................................................................63 4.1.1. University of Vienna..................................................................................................63 4.1.2. Mobilkom Austria......................................................................................................63 4.1.3. UPC Telekabel..........................................................................................................64 4.2. TEST SAMPLE DESCRIPTION .................................................................................................64 4 4.2.1. Our Test Sample........................................................................................................64 4.2.2. SpamAssassin Test Sample........................................................................................65 4.3. EXPERIMENTAL SETUP ........................................................................................................65 4.3.1. Windows Test Process...............................................................................................66 4.3.2. Linux Test Process ....................................................................................................66
Load more

Recommended publications
  • A Rule Based Approach for Spam Detection
    A RULE BASED APPROACH FOR SPAM DETECTION Thesis submitted in partial fulfillment of the requirements for the award of degree of Master of Engineering In Computer Science & Engineering By: Ravinder Kamboj (Roll No. 800832030) Under the supervision of: Dr. V.P Singh Mrs. Sanmeet Bhatia Assistant Professor Assistant Professor Computer Science & Engineering Department of SMCA COMPUTER SCIENCE AND ENGINEERING DEPARTMENT THAPAR UNIVERSITY PATIALA – 147004 JULY- 2010 i ii Abstract Spam is defined as a junk Email or unsolicited Email. Spam has increased tremendously in the last few years. Today more than 85% of e-mails that are received by e-mail users are spam. The cost of spam can be measured in lost human time, lost server time and loss of valuable mail. Spammers use various techniques like spam via botnet, localization of spam and image spam. According to the mail delivery process anti-spam measures for Email Spam can be divided in to two parts, based on Emails envelop and Email data. Black listing, grey listing and white listing techniques can be applied on the Email envelop to detect spam. Techniques based on the data part of Email like heuristic techniques and Statistical techniques can be used to combat spam. Bayesian filters as part of statistical technique divides the income message in to words called tokens and checks their probability of occurrence in spam e-mails and ham e-mails. Two types of approaches can be followed for the detection of spam e-mails one is learning approach other is rule based approach. Learning approach required a large dataset of spam e-mails and ham e-mails is required for the training of spam filter; this approach has good time characteristics filter can be retrained quickly for new Spam.
    [Show full text]
  • Address Munging: the Practice of Disguising, Or Munging, an E-Mail Address to Prevent It Being Automatically Collected and Used
    Address Munging: the practice of disguising, or munging, an e-mail address to prevent it being automatically collected and used as a target for people and organizations that send unsolicited bulk e-mail address. Adware: or advertising-supported software is any software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used. Some types of adware are also spyware and can be classified as privacy-invasive software. Adware is software designed to force pre-chosen ads to display on your system. Some adware is designed to be malicious and will pop up ads with such speed and frequency that they seem to be taking over everything, slowing down your system and tying up all of your system resources. When adware is coupled with spyware, it can be a frustrating ride, to say the least. Backdoor: in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice), or could be a modification to an existing program or hardware device. A back door is a point of entry that circumvents normal security and can be used by a cracker to access a network or computer system. Usually back doors are created by system developers as shortcuts to speed access through security during the development stage and then are overlooked and never properly removed during final implementation.
    [Show full text]
  • A Survey on Spam Detection Techniques
    ISSN (Online) : 2278-1021 ISSN (Print) : 2319-5940 International Journal of Advanced Research in Computer and Communication Engineering Vol. 3, Issue 12, December 2014 A survey on spam detection techniques Anjali Sharma1, Manisha 2, Dr.Manisha 3 , Dr.Rekha Jain 4 1,2,3,4 Bansthali Vidyapith, Jaipur Campus, India Abstract: Today e-mails have become one of the most popular and economical forms of communication for Internet users. Thus due to its popularity, the e-mail is going to be misused. One such misuse is the posting of unwelcome, unwanted e-mails known as spam or junk e-mails [1]. E-mail spam has various consequences. It reduces productivity, takes extra space in mail boxes, extra time, extend software damaging viruses, and materials that contains potentially harmful information for Internet users, destroy stability of mail servers, and as a result users spend lots of time for sorting incoming mail and deleting unwanted correspondence. So there is a need of spam detection so that its consequences can be reduced [2]. In this paper, we present various spam detection techniques. Keywords: Spam, Spam detection techniques, Email classification I. INTRODUCTION Spam refers to unsolicited commercial email. Also known firewalls; therefore, it is an especially useful way for as junk mail, spam floods Internet users’ electronic spammers. It targets the users when they join any chat mailboxes. These junk mails can contain various types of room to find new friends. It spoils enjoy of people and messages such as pornography, commercial advertising, waste their time also. doubtful product, viruses or quasi legal services [3].
    [Show full text]
  • Secure Email Gateway - Market Quadrant 2016 ∗
    . The Radicati Group, Inc. Palo Alto, CA 94301 . Phone: (650) 322-8059 . www.radicati.com . THE RADICATI GROUP, INC. Secure Email Gateway - Market Quadrant 2016 ∗ ......... An Analysis of the Market for Secure Email Gateway Solutions, Revealing Top Players, Trail Blazers, Specialists and Mature Players. November 2016 SM ∗ Radicati Market Quadrant is copyrighted November 2016 by The Radicati Group, Inc. Reproduction in whole or in part is prohibited without expressed written permission of the Radicati Group. Vendors and products depicted in Radicati Market QuadrantsSM should not be considered an endorsement, but rather a measure of The Radicati Group’s opinion, based on product reviews, primary research studies, vendor interviews, historical data, and other metrics. The Radicati Group intends its Market Quadrants to be one of many information sources that readers use to form opinions and make decisions. Radicati Market QuadrantsSM are time sensitive, designed to depict the landscape of a particular market at a given point in time. The Radicati Group disclaims all warranties as to the accuracy or completeness of such information. The Radicati Group shall have no liability for errors, omissions, or inadequacies in the information contained herein or for interpretations thereof. Secure Email Gateway - Market Quadrant 2016 TABLE OF CONTENTS RADICATI MARKET QUADRANTS EXPLAINED .................................................................................. 2 MARKET SEGMENTATION – SECURE EMAIL GATEWAYS .................................................................
    [Show full text]
  • Account Administrator's Guide
    ePrism Email Security Account Administrator’s Guide - V10.4 4225 Executive Sq, Ste 1600 Give us a call: Send us an email: For more info, visit us at: La Jolla, CA 92037-1487 1-800-782-3762 [email protected] www.edgewave.com © 2001—2016 EdgeWave. All rights reserved. The EdgeWave logo is a trademark of EdgeWave Inc. All other trademarks and registered trademarks are hereby acknowledged. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners. The Email Security software and its documentation are copyrighted materials. Law prohibits making unauthorized copies. No part of this software or documentation may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into another language without prior permission of EdgeWave. 10.4 Contents Chapter 1 Overview 1 Overview of Services 1 Email Filtering (EMF) 2 Archive 3 Continuity 3 Encryption 4 Data Loss Protection (DLP) 4 Personal Health Information 4 Personal Financial Information 5 Document Conventions 6 Other Conventions 6 Supported Browsers 7 Reporting Spam to EdgeWave 7 Contacting Us 7 Additional Resources 7 Chapter 2 Portal Overview 8 Navigation Tree 9 Work Area 10 Navigation Icons 10 Getting Started 11 Logging into the portal for the first time 11 Logging into the portal after registration 12 Changing Your Personal Information 12 Configuring Accounts 12 Chapter 3 EdgeWave Administrator
    [Show full text]
  • The History of Digital Spam
    The History of Digital Spam Emilio Ferrara University of Southern California Information Sciences Institute Marina Del Rey, CA [email protected] ACM Reference Format: This broad definition will allow me to track, in an inclusive Emilio Ferrara. 2019. The History of Digital Spam. In Communications of manner, the evolution of digital spam across its most popular appli- the ACM, August 2019, Vol. 62 No. 8, Pages 82-91. ACM, New York, NY, USA, cations, starting from spam emails to modern-days spam. For each 9 pages. https://doi.org/10.1145/3299768 highlighted application domain, I will dive deep to understand the nuances of different digital spam strategies, including their intents Spam!: that’s what Lorrie Faith Cranor and Brian LaMacchia ex- and catalysts and, from a technical standpoint, how they are carried claimed in the title of a popular call-to-action article that appeared out and how they can be detected. twenty years ago on Communications of the ACM [10]. And yet, Wikipedia provides an extensive list of domains of application: despite the tremendous efforts of the research community over the last two decades to mitigate this problem, the sense of urgency ``While the most widely recognized form of spam is email spam, the term is applied to similar abuses in other media: instant remains unchanged, as emerging technologies have brought new messaging spam, Usenet newsgroup spam, Web search engine spam, dangerous forms of digital spam under the spotlight. Furthermore, spam in blogs, wiki spam, online classified ads spam, mobile when spam is carried out with the intent to deceive or influence phone messaging spam, Internet forum spam, junk fax at scale, it can alter the very fabric of society and our behavior.
    [Show full text]
  • Image Spam Detection: Problem and Existing Solution
    International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 06 Issue: 02 | Feb 2019 www.irjet.net p-ISSN: 2395-0072 Image Spam Detection: Problem and Existing Solution Anis Ismail1, Shadi Khawandi2, Firas Abdallah3 1,2,3Faculty of Technology, Lebanese University, Lebanon ----------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - Today very important means of communication messaging spam, Internet forum spam, junk fax is the e-mail that allows people all over the world to transmissions, and file sharing network spam [1]. People communicate, share data, and perform business. Yet there is who create electronic spam are called spammers [2]. nothing worse than an inbox full of spam; i.e., information The generally accepted version for source of spam is that it crafted to be delivered to a large number of recipients against their wishes. In this paper, we present a numerous anti-spam comes from the Monty Python song, "Spam spam spam spam, methods and solutions that have been proposed and deployed, spam spam spam spam, lovely spam, wonderful spam…" Like but they are not effective because most mail servers rely on the song, spam is an endless repetition of worthless text. blacklists and rules engine leaving a big part on the user to Another thought maintains that it comes from the computer identify the spam, while others rely on filters that might carry group lab at the University of Southern California who gave high false positive rate. it the name because it has many of the same characteristics as the lunchmeat Spam that is nobody wants it or ever asks Key Words: E-mail, Spam, anti-spam, mail server, filter.
    [Show full text]
  • History of Spam
    1 Max W. Mosing1 THE UPS AND DOWNS IN THE HISTORY OF EU-SPAM-REGULATIONS AND THEIR PRACTICAL IMPACT “Two years from now, spam will be solved. I promise a spam-free world by 2006” (Bill Gates; January 2004) Table of content: 1. (Legal) History of Spam................................................................................................................................................................................... 1 1.1. „Monty Python“and „Canter and Seigel“............................................................................................................................................ 2 1.2. Definition of Spam from a Legal Perspective ...................................................................................................................................... 2 1.3. Harm of Spam and– if the Internet community wants to ban spam – why is spam so successful?........................................... 3 1.4. Legal Framework and legal background of spam .............................................................................................................................. 4 2. “Spam-Regulations” in EU-Directives .......................................................................................................................................................... 6 2.1. Directive 97/66/EC concerning the processing of personal data and the protection of privacy in the telecommunications sector – ISDN-Directive and National Laws..............................................................................................................................................
    [Show full text]
  • Asian Anti-Spam Guide 1
    Asian Anti-Spam Guide 1 © MediaBUZZ Pte Ltd January 2009 Asian Anti-SpamHighlights Guide 2 • Combating the latest inbound threat: Spam and dark traffic, Pg. 13 • Secure Email Policy Best Practices, Pg. 17 • The Continuous Hurdle of Spam, Pg. 29 • Asian Anti Spam Acts, Pg. 42 Contents: • Email Spam: A Rising Tide 4 • What everyone should know about spam and privacy 7 • Scary Email Issues of 2008 12 • Combating the latest inbound threat: Spam and dark 13 • Proofpoint survey viewed spam as an increasing threat 16 • Secure Email Policy Best Practices 17 • Filtering Out Spam and Scams 24 • The Resurgence of Spam 26 • 2008 Q1 Security Threat landscape 27 • The Continuous Hurdle of Spam 29 • Spam Filters are Adaptive 30 • Liberating the inbox: How to make email safe and pro- 31 ductive again • Guarantee a clear opportunity to opt out 33 • The Great Balancing Act: Juggling Collaboration and 34 Authentication in Government IT Networks • The Not So Secret Cost of Spam 35 • How to Avoid Spam 36 • How to ensure your e-mails are not classified as spam 37 • Blue Coat’s Top Security Trends for 2008 38 • The Underground Economy 40 • Losing Email is No Longer Inevitable 42 • Localized malware gains ground 44 • Cyber-crime shows no signs of abating 45 MEDIABUZZ PTE LTD • Asian Anti-Spam Acts 47 ASIAN ANTI-SPAM GUIDE © MediaBUZZ Pte Ltd January 2009 Asian Anti-SpamHighlights Guide 3 • Frost & Sullivan: Do not underestimate spam, Pg. 65 • Unifying email security is key, Pg. 71 • The many threats of network security, Pg. 76 • The UTM story, Pg.
    [Show full text]
  • Internet Security
    In the News Articles in the news from the past month • “Security shockers: 75% of US bank websites Internet Security have flaws” • “Blank robbers swipe 3,000 ‘fraud-proof’ UK passports” • “Korean load sharks feed on hacked data” • “Worms spread via spam on Facebook and Nan Niu ([email protected]) MySpace” CSC309 -- Fall 2008 • “Beloved websites riddled with crimeware” • “Google gives GMail always-on encryption” http://www.theregister.co.uk 2 New Targets of 2007 Scenario 1 • Cyber criminals and cyber spies have • The Chief Information Security Officer shifted their focus again of a medium sized, but sensitive, federal – Facing real improvements in system and agency learned that his computer was network security sending data to computers in China. • The attackers now have two new targets • He had been the victim of a new type of spear phishing attack highlighted in this – users who are easily misled year’s Top 20. – custom-built applications • Once they got inside, the attackers had • Next, 4 exploits scenarios… freedom of action to use his personal • Reported by SANS (SysAdmin, Audit, Network, computer as a tunnel into his agency’s Security), http://www.sans.org systems. 3 4 Scenario 2 Scenario 3 • Hundreds of senior federal officials and business • A hospital’s website was compromised executives visited a political think-tank website that had been infected and caused their computers to because a Web developer made a become zombies. programming error. • Keystroke loggers, placed on their computers by the • Sensitive patient records were taken. criminals (or nation-state), captured their user names and passwords when their stock trading accounts and • When the criminals proved they had the their employers computers, and sent the data to data, the hospital had to choose between computers in different countries.
    [Show full text]
  • Index Images Download 2006 News Crack Serial Warez Full 12 Contact
    index images download 2006 news crack serial warez full 12 contact about search spacer privacy 11 logo blog new 10 cgi-bin faq rss home img default 2005 products sitemap archives 1 09 links 01 08 06 2 07 login articles support 05 keygen article 04 03 help events archive 02 register en forum software downloads 3 security 13 category 4 content 14 main 15 press media templates services icons resources info profile 16 2004 18 docs contactus files features html 20 21 5 22 page 6 misc 19 partners 24 terms 2007 23 17 i 27 top 26 9 legal 30 banners xml 29 28 7 tools projects 25 0 user feed themes linux forums jobs business 8 video email books banner reviews view graphics research feedback pdf print ads modules 2003 company blank pub games copyright common site comments people aboutus product sports logos buttons english story image uploads 31 subscribe blogs atom gallery newsletter stats careers music pages publications technology calendar stories photos papers community data history arrow submit www s web library wiki header education go internet b in advertise spam a nav mail users Images members topics disclaimer store clear feeds c awards 2002 Default general pics dir signup solutions map News public doc de weblog index2 shop contacts fr homepage travel button pixel list viewtopic documents overview tips adclick contact_us movies wp-content catalog us p staff hardware wireless global screenshots apps online version directory mobile other advertising tech welcome admin t policy faqs link 2001 training releases space member static join health
    [Show full text]
  • Spam: History, Perceptions, Solutions
    Spam: History, Perceptions, Solutions Report written by Geneviève Reed and submitted to Industry Canada, Office of Consumer Affairs 2004 Spam: History, Perceptions and Solutions OPTION CONSOMMATEURS MISSION Option consommateurs is a nonprofit association whose mission is to defend and promote consumers’ rights by assisting them both individually and collectively, by providing them with information, and by advocating on their behalf to decision-makers. HISTORY The association has existed since 1983. In 1999, it merged with the Association des consommateurs du Québec (ACQ), an organization with a 50-year history and a mission similar to that of Option consommateurs. PRINCIPAL ACTIVITIES Option consommateurs’s staff of 20 are grouped into four departments: the Budgeting Department, the Legal Affairs Department, the Media Relations Department, and the Research and Representation Department. Over the years, Option consommateurs has developed expertise in the areas of financial services, health, agri-food, energy, travel, access to justice, trade practices, indebtedness, and protection of privacy. Each year, we reach 7,000–10,000 consumers directly and many more through our extensive media coverage. We participate in working groups and sit on boards of directors, carry out large-scale projects with important partners, and produce research reports, policy papers, buyer’s guides, and a consumer information and action magazine called Consommation. MEMBERSHIP Option consommateurs pursues a variety of activities aimed at making change, including research, class-action lawsuits, and lobbying of public- and private-sector bodies. You can help us do more for you by becoming a member of Option consommateurs at www.option-consommateurs.org. Report by Option consommateurs, 2004 ii Spam: History, Perceptions and Solutions ACKNOWLEDGMENTS This research report was written by Geneviève Reed, Director of Research and Representation, Option consommateurs, with the support of Annie Hudon, attorney, for the legislative analysis section.
    [Show full text]