It is so irritating when i have to spent 10 minutes every morning while eating breakfast in front of my computer clearing Spam. Haha, kidding. Since the day i am involved in doing IT security, i hardly see them in my mails anymore. Let me share with you what is spam and slowly how we can prevent it.
A common synonym for spam is unsolicited bulk e-mail (UBE). Definitions of spam usually include the aspects that email is unsolicited and sent in bulk. "UCE" refers specifically to "unsolicited commercial e-mail." According A Gartner report in TechWeb News, Spam has cost the world a lost of $50 billion in lost of productivity and other expenses.
The questions often come to the user mind when they received spam email is how the spammer got their email address? E-mail spammers do not get their address because they are on the company distribution list or legitimate e-mail publications. In today’s world, legitimate mailing list is normally secured and is unlikely possible for spammer to got hold of their email address. But the problems start when user subscribes to unknown website or newsletters. Emails subscribes to unknown website or newsletters were often leak out intentionally or unintentionally resulting with the users receiving high amount of spam emails. User subscribing to newsletters or registering on unknown website should always check on the privacy policy. The policy should state clearly that the email or informations provided by the user will never be release to another party or use for other purpose other then stated.
Directory Harvest Attack or DHA is another a technique used by spammers in an attempt to find valid and existing e-mail addresses at a domain by using brute force attack. When under a directory harvest attack, the massive volume of attempts with different addresses sent by the spammer will consume a mail server's resources. At worse, the mail server may be prevented from receiving legitimate email if all available resources are exhausted. Organization should have in place Anti spam appliance that can detect any form of DHA conduct against it’s mail server. Today’s Anti spam appliance would normally have combination of features such as “Real Time Blacklist” (RBL), Domain key Authentication” (DKIM), “Sender Policy Framework” (SPF), “Greylisting”, “Bayesian filter” and many more other features.
Take a little time to digest this blog of "SPAM" ... i will fill you in on the different methods used to fight spam in the on coming blogs.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment