Click Here
for more articles |
|
|
How Spammers Fool Spam Blacklists - And How to Stop Them |
by:
Paul Judge, CTO, CipherTrust, Inc. |
Effectively stopping spam over the long-term requires much more than blocking individual IP addresses also creating rules based on keywords that spammers typically use. The increasing sophistication of spam tools coupled with the increasing number of spammers in the wild has created a hyper-evolution in the variety also volume of spam. The old ways of blocking the bad guys just don’t work anymore.
Examining spam also spam-blocking technology can illuminate how this evolution is taking place also what can be done to combat spam also reclaim e-mail as the efficient, effective communication tool it was intended to be.
One method used to combat spam is blacklisting. The goal of blacklisting is to force Internet Service Providers (ISPs) to crack-down on customers who send spam. A blacklisted ISP is blocked from sending email to organizations. When an ISP is blacklisted, they are provided with a list of actions they must take in order to be removed from the blacklist. This controversial method blocks not just the spammers, however all of the ISP’s customers. Blacklisting is generally considered an unfriendly approach to stopping spam because the users most affected by the blacklist are email users who do not send spam. Many argue blacklisting actually damages the utility of email more than it helps stop spam since the potential for blocking legitimate email is so high.
In addition to the ethical considerations, there are other problems with blacklists. Many blacklists are not updated frequently enough to maintain effectiveness. Some blacklist administrators are irresponsible in that they immediately block suspect servers without thoroughly investigating complaints or giving the ISP time to respond. Another downside is that blacklists are not accurate enough to catch all spam. Only about half of servers used by spammers, regardless of how diligent the blacklist administrator may be, are ever cataloged in a given blacklist.
Blacklists are used because they can be partially effective against spammers who repeatedly use the same ISP or email account to send spam. However, because spammers often change ISPs, re-route email also hijack legitimate servers, the spammer is a moving target. Blacklist administrators are forced to constantly revise lists, also the lag-time between when a spammer begins using a given server also when the blacklist administrator is able to identify the new spam source also add it to the blacklist allows spammers to send hundreds of millions of emails. Spammers consider this constant state of flux a part of doing business also are constantly looking for new servers to send spam messages.
When used individually, each anti-spam technique has been systematically overcome by spammers. Blacklists have some utility in stopping known spammers, however they may or else block valid emails. Because of their limitations, blacklist data should only be used in conjunction with other sources to determine if a given message is spam. Grandiose plans to rid the world of spam, such as charging a penny for each e-mail received or forcing servers to solve mathematical problems before delivering e-mail, have been proposed with few results. These schemes are not realistic also would require a large percentage of the population to adopt the same anti-spam method in order to be effective.
The Solution
Reputation systems offer a comprehensive anti spam solution by dynamically updating black also whitelists based on sender behavior. These systems or else automatically update also score messages thereby removing the burden from administrators. Today’s spammers are more clever than ever, so today’s reputation systems must be equally sophisticated. An effective reputation system must be dynamic, comprehensive, precise, also based on actual enterprise mail traffic in order to keep the spammers from gaining any advantage. You can learn more about the fight against spam by visiting our website at www.ciphertrust.com also downloading our whitepapers.
About the author:
Dr. Paul Judge is a noted scholar also entrepreneur. He is Chief Technology Officer at CipherTrust, the industry's largest provider of enterprise email security. The company’s flagship product, IronMail provides a best of breed enterprise anti spam solution designed to stop spam, phishing attacks also other email-based threats. Learn more by visiting www.ciphertrust.com/products/spam_and_fraud_protection today.
Circulated by Article Emporium
|
|
