Subscribe

0

Advertisment
Annuals

Security: Beyond Anti-spam Tools

author-image
DQI Bureau
New Update

Email was the killer app of the Internet, but now it seems to be
killing the bandwidth, thanks to spam. While its impossible to completely get
rid of spam, you can reduce it by following various measures. One is rules based
blocking, which is not sufficient because spammers will always find new ids,
subjects, and body text to send you spam. The next level is using anti-spam
software at the client as well as servers level. These tools use sophisticated
algorithms to filter spam, and also keep updating their filters with fresh
rules. You can also subscribe to DNS blacklists, such as mail-abuse.org and
spamhaus. org, which keep a list of known spamming domains. Even these measures
are not enough. To fight spam effectively, its also important to know how it
is generated and spreads. Plus, you also need proper anti-spam policies.

Advertisment

How Spam is Generated

It all starts when spammers manage to get hold of your email address. The
most common way is when you register with a website, perhaps to download
software or purchase a product. The website could belong to a spammer, or it
might be in the business of selling its mailing databases. Either way you figure
in the spammers list and start receiving unsolicited mail. Subscribing to
newsletters is another common cause of spam. You could do it unknowingly or
worse someone else subscribes you to mailing lists. In such a case, you could
either ignore the deluge of mail or check out the websites (if they have one) of
each newsletter for legitimacy. This is important because most spammers provide
an unsubscribe link in their email. If you try to unsubscribe from the link,
then the spammer gets a confirmation of your existence, and starts sending you
even more spam. So as a rule of thumb, dont fall for the
"unsubscribe" bit in spam mail.

Its also important to know about Web bugs. These are clear or
transparent graphic images, merely 1x1 pixel in size that can be placed in email
or Web pages. These are used to monitor the usage patterns of websites or email.
While the Web bug points to the website from where the image has to be
downloaded, it also sends information about the users machine to the website.
This information can be the IP address and the Web browser used of the machine.
Spammers can use Web bugs to confirm the presence of an email address so they
can continue spamming. Web bugs use cookies for sending back information, so
blocking cookies can stop Web bugs from sending your personal information.

Advertisment

Some Useful
Anti-spam Tools

yMail :



yMail is a stand-alone, portable email client with integrated
spam-tackling capabilities good enough to make it one of the contenders in
our shootout. The portable bit means that you can carry it around on a USB
drive as it can be configured to store mail, contact information and the
likes in the same folder as the program files. You can download this from www.spacejock.com/yMail.html

SpamAware:

This tool is very similar to SPAMfighter in terms of look, feel and
functionalityinfact we had to closely re-examine the two to really
appreciate the differences. For example, its default behavior is to mark
junk mail by adding a prefix SPAM to the subject, while SPAMfighter
moves it to a folder it creates. Of course, you can then create a filter
in your e-mail client to move all mail with a prefix SPAM to trash else
you desire. You can download it from www.jam-software.com

SPAMfighter

SPAMfighter sits inside Microsoft Outlook and Outlook Express, and
monitors incoming mail on all accounts.It compares the mail against
locally configured blacklists and whitelists as well as rules that are
periodically downloaded from a central server. Mails that are identified
as spam are moved to a separate folder within Outlook/OE, which you can
browse later, if necessary, to ensure that no useful mail was junked
and/or clean the folder. You can get it from www.spamfighter.com

Mailwasher
Free/ Pro

Mailwasher is like an e-mail
popper with advanced spam filtering capabilities. You set up an e-mail
account just like in an e-mail client and it downloads the mail headers
for you to preview, while marking the spam it can identify. The free
version identifies spam using built-in filters and, of course, allows you
to manually mark spam. it is available freely at www.mailwasher.net

Letterman
Spam Control Pro

This is perhaps the most feature rich tool amongst the ones we gave a run
during the shootout. It can operate in multiple modesas a standalone
popper to filter out your mail before download which you can use,
say, at the start of the day when youre checking mail for the first
time. And for the rest of the day, you can use it as a proxy server, an
intermediary between your email client and server that not only filters
out spam but also blocks hostile links in other email. You can get it from
www.whatlink.com

Fighting Back

Spammers use clever techniques to avoid getting caught, such as IP spoofing,
using drop boxes and free email websites, finding open relay servers, and using
spamming tools. So you may not be able to find out who is spamming you, but you
can always find out enough to do something about it. Spam mail headers come to
the rescue as they can reveal useful information about the spammer. You can
reach the mail header by choosing the e-mails properties.

Advertisment

The mail header usually tells you the route that the mail has
followed to reach you. In this, look for the IP addresses or domain names in the
"Received" lines. There are two to three such lines that show which
ISPs have relayed the message. The first line will say "Received from
by yourISP.com. Ignore the second address as
thats your own ISPs domain. The first will be the ISP who relayed this
message to you. Next look at the second "Received" line. This will
most likely be the ISP where the spam originated.

Once you know the ISPs who relayed spam to you, the next step is
to lodge a complaint with them about the spammer. You need to find out the ISPs
contact information like email ids and phone numbers. The most effective way of
doing so is by using tracing tools. These track the entire path used by an email
to get to your mailbox. They can also give complete information about all ISPs
found in this path. This information can include the ISPs complete name, whos
it registered to, phone and fax numbers and the contact email id. There are also
some free websites that can give you this information. Many ISPs provide a
separate email id that you can use to send them headers of all the spam mail youve
received through their servers.

While the process is simple, it may not be easy to execute,
simply because theres too much spam. Therefore, this process is better suited
for companies who can use dedicated staff for the job, rather than individuals
wasting time on it.

Advertisment

Also take measures to avoid getting unwanted subscribers. They
can send an email to new subscribers to check if theyve actually subscribed
or not. This mail should mention that only after the subscriber responds to the
mail would they continue sending newsletters in the future. Those who dont
respond would be removed from the list.

Anil Chopra

maildqindia@cybermedia.co.in

Advertisment