by: Paul Judge, CTO, CipherTrust, Inc.
Effectively stopping spam over the long-term requires much more
than blocking individual IP addresses and creating rules based
on keywords that spammers typically use. The increasing
sophistication of spam tools coupled with the increasing number
of spammers in the wild has created a hyper-evolution in the
variety and volume of spam. The old ways of blocking the bad
guys just don’t work anymore.
Examining spam and spam-blocking technology can illuminate how
this evolution is taking place and what can be done to combat
spam and reclaim e-mail as the efficient, effective
communication tool it was intended to be.
One method used to combat spam is white listing. White lists are
databases of trusted email sources. The list may contain
specific email addresses, IP addresses or trusted domains.
Emails received from a white listed source are allowed to pass
through the system to the user’s email box. The list is built
when users and email administrators manually add trusted sources
to the white list. Once built, the catch-rate for spam can be
close to 100%, however, white lists produce an inordinate number
of false positives.
It is virtually impossible to produce an exhaustive list of all
possible legitimate email senders because legitimate email can
come from any number of sources. To get around this difficulty,
some organizations have instituted a challenge-response
methodology. When an unknown sender sends an email to a user’s
account, the system automatically sends a challenge back to the
sender. Some challenge-response systems require the sender to
read and decipher an image containing letters and numbers. The
image is designed to be unreadable by a machine, but easily
recognizable by a human. Spammers would not spend the time
required to go through a large number of challenge-response
emails, so they drop the address and move on to those users who
don’t use such a system.
White lists are only partially successful and impractical for
many users. For example, problems can arise when users register
for online newsletters, order products online or register for
online services. If the user does not remember to add the new
email source to their white list, or if the domain or IP address
is entered incorrectly, the communication will fail.
Additionally, white lists impose barriers to legitimate email
communication and are viewed by some as just plain rude.
White lists are not widely used by email users and
administrators as a primary tool to fight spam because of the
high number of false positives, and the difficulties in creating
a comprehensive list of email sources. Because white lists are
not widely used, spammers typically do not develop
countermeasures. As with other spam fighting techniques, white
lists are most effective when used in conjunction with other
anti-spam tools.
The Solution
When used individually, each anti-spam technique has been
systematically overcome by spammers. Grandiose plans to rid the
world of spam, such as charging a penny for each e-mail received
or forcing servers to solve mathematical problems before
delivering e-mail, have been proposed with few results. These
schemes are not realistic and would require a large percentage
of the population to adopt the same anti-spam method in order to
be effective. You can learn more about the fight against spam by
visiting our website at
www.ciphertrust.com and downloading our
whitepapers.
About the author:
Dr. Paul Judge is a noted scholar and entrepreneur. He is Chief
Technology Officer at CipherTrust, the industry's largest
provider of enterprise email security. The company’s flagship
product, IronMail provides a best of breed enterprise anti spam
solution designed to stop spam, phishing attacks and other
email-based threats. Learn more by visiting
www.ciphertrust.com/products/spam_and_fraud_protection/index.php today.
