lancelotarnold

Spamming refers to use of an electronic messaging system to send unsolicited messages especially advertising messages to a group of recipients. Unsolicited messages mean the recipient did not grant permission for those message to be sent. Anti-spam refers to the use of any software, hardware or process to block spam from entering a system. The anti-spam software uses a set of protocols to determine unsolicited and unwanted messages and prevent those messages from getting to a user’s inbox. Most of the Anti-spam solutions that are available today can be customized as per your needs, allowing only the approved emails into your inbox. Such software always presumes that all the incoming emails are spam, and only allow those, from the people you know, to come in. What is Anti-spam and Benefits of Using Antispam Software? Blocking Spam Quarantining Spam Automatic Filter Updates Monitoring Multiple Accounts Your Personal Whitelist Reporting Spam Let us look at some of the benefits and features of the anti-spam software: Blocking Spam Certain anti-spam solutions not only block specific email addresses but also search for subject lines and text in the email messages. You can customize it to block incoming emails based on senders, and even if your email address is not in the recipient field. Quarantining Spam Anti-spam filters automatically quarantine the spam emails, ensuring your inbox is spam free. Such quarantined emails are held for a fixed number of days, say 30 days or so, and then dumped. During that period, you can check and recover any legitimate email that may have been quarantined. Automatic Filter Updates Most of the anti-virus software comes with automatic filter update feature for timely detection of new types of Malware threats. Automatic updates not only helps the anti-spam software to stay up-to-date, it also helps secure your system from new kinds of Malware. Monitoring Multiple Accounts With this feature, you can monitor and filter spam from multiple accounts. You can filter your home email from work email, and vice versa. Your Personal Whitelist Some anti-spam software allows you to maintain a ‘friendly’ list of people whose emails you wish to accept. These emails will never be mistaken for spam as against the blacklist of spammers. You can also update the list in the future. Reporting Spam Some anti-spam programs allow you to report spam back to the company supplying the program. It helps that company to develop new type of filters based on the analysis of the reported spam. Emails have become a very popular way of advertising, and it is time that you start filtering your emails, to avoid spam. Most of the anti-spam solutions are signature based that use their signature file (blacklist) to detect and respond to new type of Malware. In signature based anti-spam software, new and unknown types of Malware goes undetected since there is a time gap between the time these new type of Malware threats are released and the time anti-spam software vendors have identified them and updated their signature file. This is where Containment technology comes into play. Containment technology works by keeping the threats or harmful files under control or within certain limits. The harmful files are processed in a restricted operating system environment, thus controlling the resources and the spread of infection.

A Guide to Anti-Spam Software Anti-spam software dates back to the mid-1990s, when two software engineers started compiling a list of IP addresses from which they had received unsolicited and unwanted emails. The list was distributed as a Border Gateway Protocol to subscribers of the “Mail Abuse Prevention System” (“MAPS” or “SPAM” spelled backwards), which later developed into the Domain Name Server Blackhole List. More than twenty years later, the Domain Name Server Blackhole List (often called the Real-time Blackhole List or “RBL”) is still the primary mechanism used by anti-spam software to detect unsolicited and unwanted emails. Unfortunately, due to the increasing sophistication of spammers, RBL filters alone are not adequate defenses against email-borne threats such as malware, ransomware and phishing. What Do Modern Anti-Spam Solutions Consist Of? Modern anti-spam solutions use a multi-layered approach to detect spam. The mechanisms included in the multi-layered approach vary according to each email service and software provider, but generally consist of a Real-time Blackhole List, Recipient Verification Protocol, Sender Policy Framework and a content analysis tool. The functions of each mechanism are described below: Real-time Blackhole Lists As mentioned above, a Real-time Blackhole List is a list of IP addresses from which spam is known to have originated. If a match is found between an inbound email and an IP address on the list, the email may be rejected depending on its “IP Reputation” (please see note below with regard to IP Reputation). Recipient Verification Protocol The Recipient Verification Protocol checks recipient addresses to ensure they are valid. If the business does not have a (for example) info@xyz.com recipient address, the email is rejected, placed into a quarantine folder or flagged, depending on how the business´s spam filter has been configured. Sender Policy Framework The Sender Policy Framework mechanism checks that inbound mail from a domain (i.e. info@xyz.com) comes from a host authorized by that domain’s administrators. It is an effective means of eliminating “spoofed emails”, in which the sender´s email address is disguised to look as if it is legitimate. Content Analysis Tool Most anti-spam solutions have a content analysis tool that inspects the heading and content of each email and rates it accordingly. These mechanisms “learn” the probability of an email being legitimate or spam from user actions – usually through a technique known as “Bayesian Analysis”. One significant development from the mid-1990s is that Real-time Blackhole Lists are now more refined than they were. This is due to RBL agencies assigning an “IP Reputation Score” to IP addresses based on factors such as email open rates, click-through rates, spam complaints and hard bounces (emails returned to their senders because the domain name does not exist or the recipient is unknown). Modern anti-spam solutions consider IP reputation scores along with the ratings calculated by Content Analysis Tools in order to assign a “spam score”. System administrators can set a “Spam Acceptance Threshold” and, if the spam score exceeds the threshold, the email is rejected, quarantined or flagged, depending on how the business´s spam filter has been configured.

Advanced anti-spam software contains mechanisms not usually incorporated into standard email filters that are effective at increasing the spam detection rate (often to beyond 99.9%) and mitigating email-borne threats. Typically these mechanisms include Greylisting, SURBL/URIBL filtering and SMTP controls. The function of each is again described below: Greylisting Greylisting is a process in which emails are returned to the server from which they were sent with a request for the email to be resent. Spammers´´ servers are often too busy to respond to the requests and the spam email is never returned. This process prevents spam from “not-yet-known” sources being delivered. SURBL/URIBL Filtering SURBL and URIBL filtering provides protection against phishing attacks by rejecting, quarantining or flagging emails that include malicious URLs or links to websites that have been identified as suspicious in previous spam emails. Like RBL lists, these filters are updated frequently by anti-spam software providers. SMTP Controls SMTP controls perform tests to authenticate the sources of emails and their configurations. The controls can be set to reject emails from non-fully qualified domains, from non-fully qualified MAIL FROM commands, and from those with no DNS A or MX record. Exclusions can be created if necessary. One potential issue with Greylisting is the time it takes for business-critical emails to be returned to spam filter to be processed by the secondary mechanisms of the anti-spam software. Usually the process may delay email delivery by up to a minute but, in extreme cases, it could take as long as twenty minutes for the originating server to respond to the request for the Greylisted email to be resent. In order to overcome this potential issue, businesses can whitelist email addresses and domain names so emails originating from the whitelisted source bypass the Greylisting process. Excessive use of the whitelisting process should be avoided, as a spammer could take control of a contact´s trusted email account at any time and use the account to send spam emails from a source with a good IP reputation.