TThhee DDeeffiinniittiivvee GGuuiiddeett m mTToo
Email Management and Security
Kevin Beaver Chapter 3
Chapter 3: Understanding and Preventing Spam...... 44 What’s the Big Deal about Spam?...... 45 Scary Spam Statistics...... 46 Example Estimated Cost of Spam...... 46 Additional Spam Costs ...... 47 Unintended Side Effects ...... 47 Security Implications of Spam...... 48 What’s in it for Spammers? ...... 48 Spam Laws...... 49 State Anti-Spam Laws ...... 50 Tricks Spammers Use ...... 51 Identifying Spam...... 52 Tracking Spam Sources ...... 53 Sending Through Open Relays ...... 54 Additional Spam Propagation Techniques...... 57 Spam Elimination Techniques ...... 57 Disable Open Email Relays ...... 58 Filtering Methods...... 58 Blacklist Filtering...... 59 Whitelist Filtering ...... 60 Signature Filtering ...... 61 Heuristics Filtering...... 61 Email Header Filtering...... 62 Content Filtering ...... 62 Bayesian Filtering ...... 63 Additional Ways to Fight Spam...... 64 Layered Anti-Spam Defenses ...... 66 What to Look for in Anti-Spam Solutions...... 68 Summary...... 70
i Chapter 3
Copyright Statement © 2003 Realtimepublishers.com, Inc. All rights reserved. This site contains materials that have been created, developed, or commissioned by, and published with the permission of, Realtimepublishers.com, Inc. (the “Materials”) and this site and any such Materials are protected by international copyright and trademark laws. THE MATERIALS ARE PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. The Materials are subject to change without notice and do not represent a commitment on the part of Realtimepublishers.com, Inc or its web site sponsors. In no event shall Realtimepublishers.com, Inc. or its web site sponsors be held liable for technical or editorial errors or omissions contained in the Materials, including without limitation, for any direct, indirect, incidental, special, exemplary or consequential damages whatsoever resulting from the use of any information contained in the Materials. The Materials (including but not limited to the text, images, audio, and/or video) may not be copied, reproduced, republished, uploaded, posted, transmitted, or distributed in any way, in whole or in part, except that one copy may be downloaded for your personal, non- commercial use on a single computer. In connection with such use, you may not modify or obscure any copyright or other proprietary notice. The Materials may contain trademarks, services marks and logos that are the property of third parties. You are not permitted to use these trademarks, services marks or logos without prior written consent of such third parties. Realtimepublishers.com and the Realtimepublishers logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. If you have any questions about these terms, or if you would like information about licensing materials from Realtimepublishers.com, please contact us via e-mail at [email protected].
ii Chapter 3
Chapter 3: Understanding and Preventing Spam
Spam: noun. 1. Commercial or other junk email sent without the recipient’s permission. 2. Spiced, canned ham made by Hormel dating back to the 1930s. Spam is a word with two very different meanings. For the purposes of this chapter, I’ll spare you the pig references and instead talk about spam as it applies to email in our daily business operations. This spam is sometimes referred to as unsolicited commercial email (UCE) or unsolicited bulk email (UBE). In fact, the two words unsolicited and bulk are what define spam. This definition can be expanded to include email jokes, hoaxes, urban legends, and so on.