 |
| Get
on our email list |
|
 |
|
|
| TACKLING SPAM
CENTRALIZED EMAIL FILTERING
SPAM is an increasingly important problem for
computer users. For many, SPAM can constitute 90% or
more of their emails.
For the home user, workstation-based products offered by
McAfee, Norton and the like may offer a satisfactory
solution. But for firms with more than a few users, some
systematic approach is necessary.
The better SPAM filters combine several
strategies for filtering SPAM. These may include white
lists, black lists, dictionary processing, rules processing,
message formation analysis, and dynamic updating of common
SPAM signatures.
BOC has been implementing SurfControl's
email filtering product with good success. This product
combines all the above listed strategies to form an impressive
barrier to SPAM while suffering very few "false
positives" - a condition where desirable email is
blocked. These strategies are briefly described:
 | White Lists: White lists are lists of Internet
domain names that are known to the users and are
considered safe to receive mail. Any domain listed
on the White List is sent through to the intending recipients
without further filtering. White lists are created
by the client. |
| Black Lists: Black lists are created by a
number of organizations on the Internet that police SPAM
usage and list domain names that are found to be the source
of SPAM. Domain names can become black-listed
without the domain name owner being aware that they are
the source of SPAM. This can occur if one's email
server is compromised by SPAMMERs either through lax
security or through an Open Relay. |
| Dictionary Processing: SurfControl has
constructed several dictionaries that address common words
that are used in different Categories of SPAM. These
dictionaries also include common misspellings used by
SPAMMERS to circumvent the dictionary method. SurfControl
applies a weighted score to each word. Each email is
scored and if the score reaches a certain set threshold,
the email is flagged as SPAM and is blocked. |
| Rules Processing. The dictionary
method is one example of the sophisticated rules that
SurfControl applies to filtering mail. Various other
rules have been specifically written for different
SPAMMING strategies and use Boolean logic to help filter
these. |
| Message Formation Analysis:
SurfControl uses algorithms to check the formation of a
message's header and encryption. SPAM messages tend
to have distinctive formatting that can be distinguished
from legitimate mail by this analysis. |
| Dynamic Updating: SurfControl
subscribers receive constant automatic updates to keep the
various filtering strategies honed to current SPAMMING
trends. |
LAYERED EMAIL FILTERING
As SPAM becomes increasingly pernicious, IT implementers
have starting considering a layered approach to the problem.
In addition to implementing a centralized filtering solution
such as SurfControl, this approach would include a secondary
workstation-based filter. This approach not only offers
a doubled gauntlet of filtering, but also provides for more
customized control by the individual users. This can
relieve some of the administrative burden placed on the IT
administrator to maintain white lists and rules of the
centralized system, and allow individual users to make some of
their own adjustments.
The release of Microsoft's Outlook 2003
makes this layered approach immediately viable because it
ships with its own built-in email filters at no extra
cost.
IN SUMMARY
SPAM is an ever growing problem whose
perpetrators use extremely dynamic and constantly evolving
strategies. Until fundamental changes are made to the
email protocol itself - changes which are actively being
considered by various industry committees - defenses
maintained to combat it must be equally sophisticated and
dynamic. |
|
|
|
BOC offers
hands-on Express Demo Classes now with MCLE
credit.
Served with breakfast or
Lunch.
