Professional Documents
Culture Documents
This way, the packets are tagged with only the Public IP
address (Firewall level) and the internal private IP addresses
Application Level
Firewalls
Application level firewalls decide whether to drop a packet or send
them through based on the application information (available in
the packet).
Phishing Attacks: Spam filter software can help a user fight back
against phishing attacks. A hacker or cybercriminal implements a
phishing attack using HTML spam email. The email looks like it
originates from the user's bank, a social network account, or other
legitimate entity. However, the mail is fraudulent
What is spam?
Spam is any kind of email that you dont want and that
you didnt sign up to receive.
Spam email and other unsolicited messages are unwanted.
These types of email can contain attachments, deceiving
images and viruses , degrading network bandwidth and
consuming unnecessary processing power
Some spam is annoying but harmless, but some might be
part of an identity theft scam or other kind of fraud.
You can get spam in instant messages, text messages, and
on your social networking sites.
Ways to tell if an email is spam
If It Ends Up In Your Spam Folder :Unless you accidentally
categorized legitimate emails as spam, you can be pretty sure that
all the emails you need will appear in your inbox. You must deal
with emails in spam folder on a case-by-case basis to determine
whether or not theyre legitimate of pushing garbage into your
inbox.
Look at the Email Address: Legitimate companies send emails
through a server based out of their company website (for example,
support@microsoft.com). If you see a long string of numbers in
front of the @ sign or the name of a free email service before the
.com (or any other domain), you need to question the legitimacy of
the email in question.
Contd.
Look at the Content: Keep an eye for emails that say you need to do something
right at that second or within a certain no. of hours.
Also, be wary of any emails that include links. Most companies tell you what
to do, but they never direct you to where to do it with a link. Finally, rampant
grammatical and spelling errors within the body of an email are good signs that
its spam.
If It Asks for Personal Information: If you get an email that asks you for any
personal information, no matter how legitimate it might seem, delete it right
away.
Personal information is only meant to be entered in secure, encrypted forms,
not emails where anyone and everyone can get their hands on your information.
Look at the Greeting: When you receive a genuine email, the sender addresses
you directly, using either your first or last name. If you receive an email where
they refer to you as a Valued Customer or as a member of some company, its
spam.
How spam looks like??
What Does Spam Filter Software Do?
Spam filter software can help a user create a solid wall of
defense that only lets wanted emails into their inbox.
For the email-recipient, spam is easily recognized. However,
the receiver of spam loses countless hours manually deleting
the intrusive messages from their inbox. Spam filter
software can help mitigate this overwhelming chore. Spam
filter software can reduce the amount of junk mail delivered to
a user's inbox.
Spam is dangerous to both the computer and its users. Junk
mail can contain viruses, keyloggers, phishing attacks and
more. These types of malware can comprise a user's sensitive
private data by capturing bank account information, usernames
and passwords. Spam blocker applications can assist a user in
preventing these types of PC contaminations.
Contd.
1.The spam filter software you pick should support multiple email clients and webmail
service providers.
2.It is important to choose a spam filter software that meets your needs and fits into the
services and applications you use.
3.Blocking/Filtering
Reliably blocking and filtering spam is the most valuable feature of any spam filter
software.
The best spam filtering software has both black and white lists, sensitivity settings,
community-based filtering, challenge and response techniques, and quarantine
settings. Additional features to evaluate are blocking by IP address, server, email
address, and country code.
community-based filtering: People who observe the kind of spam messages that they
receive would perhaps be able to classify similar spam mails into communities. It
would be a common observation that spam mail classified into various communities
like,online pharmacies,mortgage,vacationoffers,porn mails etc.
Challenge-response techniques:
Deliver messages you want to review further to your own administrator account.
Delete messages.
Users with the appropriate User Access permissions can view and manage their
own quarantined messages
4.Rules:
The spam filter software should give the user the ability to edit predefined rule
settings as well as the creation of new rules. The best spam filter software can
adapt to meet the needs of the user, not the other way around.
5.Protection :
Spam blocker apps should have the capability of protecting multiple user
accounts with a single installation.
Moreover, the spam blocker must protect the user from email that contains
worms, viruses, Trojans, attachments with embedded keyloggers and other
malware.
Additionally, robust spam filter software can identify HTML email that contains
phishing attacks designed to garner a user's sensitive personal information.
6.Compatibility
When selecting a spam blocker, one needs to evaluate if the spam filtering
software they select is compatible with their current email client or webmail
service provider. Common supported email clients include Thunderbird, Outlook,
Outlook Express and other POP3/SMPT applications. The spam filtering
software should also support several webmail service providers like Gmail,
Yahoo, Hotmail and others.
How Anti Spam Software Works
Blacklist :
One of the primary anti spam methods is known as blacklisting.
This software identifies the IP address of the spam sender, and
then communicates with the Internet Service Provider of the
sender and instructs the ISP to block mail from that IP address to
your email account.
Spam Votes :
Spam voting software works through the participation of users.
When you receive email you have the option of classifying it as
spam, usually by pushing a button which says, unsurprisingly,
spam. Once enough people classify a piece of mail or an IP as
spam it falls in trust until ultimately it becomes completely
blocked from addresses.
Contd.
Profiling :
Profiling involves learning the common characteristics of spammers and
spam mail. It is software that looks for things like bugs, invalid message
IDs and other traits and uses these characteristics to evaluate incoming
pieces of mail. Each piece of mail is then given a score depending upon
how it fares against these criteria. The user is then given the option of
how high or how low to set the bar with regard to which emails are let in.
Bayesian Filtering :
The most promising spam blocking software follows no rules. Rather, it
constantly learns new techniques to fight spam by scanning the mail
youve read and comparing it to the mail that you have rejected. This
highly sophisticated software uses the data that it gleans from thousands
of users to identify which items are spam and which are not. It then has
the capability to adjust its standards to your particular preferences. Over
time, it becomes adept at sending you only the emails that you want, and
blocking the emails that you do not. Eg.mailBee.NET antispam
Examples of spam filters
SPAMfighter Pro
Cloudmark DesktopOne Pro
Although SPAMfighter Pro and Cloudmark DesktopOne Pro are similar,
each handles the user's ability to manage and create black and white lists
differently. In most instances, the spam blocker's whitelist consists of a
user's known contacts such as family, friends, coworkers and other
legitimate email addresses. The spam filter software always allows email
messages from whitelisted senders. Alternately, the app always blocks
email messages from spam senders entered into the spam blocker's
blacklist.
MailWasher Pro 2010
ChoiceMail One
iHateSpam
CleanMail Home
Spam Bully
Why do spam filters fail?
A challenge-response filter basically will not allow an e-mail message
from someone who has not been pre-approved. When a message
arrives from a new sender a spam filter using this method would
automatically reply to the senders asking them to validate themselves.
Rules based systems simply look for key words or phrases in the
message and block based when matches were found. Simple rules
based spam blockers are very poor at filtering out spam. They will
often block a legitimate message and also let through a good
percentage of the actual spam.
They usually list the physical IP address (Internet Protocol Address) of
where a message has come from. An e-mail server using spam-filtering
software can then check each message against the black list as it
arrives
Contd.
The problem is that these lists are based on reports by end-
users, so a spammer may well get a few thousand (Or even
million) messages sent out before he is listed on a black list.
Spammers often send their e-mail out through different
addresses, they even sometimes used hacked networks to send
out through other peoples machines (And addresses) which
can then lead to legitimate people being black listed.
The main problem is that these black lists do take time to
update, and until they are updated it does mean that the
spammers message will get through the filter.
Thank you