How Spammers Fool Spam Blacklists And How to Stop Them


Effectively stopping spam over the long-term requires much more than blocking individual IP addresses and creating rules based on keywords that spammers typically use. The increasing sophistication of spam tools coupled with the increasing number of spammers in the wild has created a hyper-evolution in the variety and volume of spam. The old ways of blocking the bad guys just dont work anymore.



Examining spam and spam-blocking technology can illuminate how this evolution is taking place and what can be done to combat spam and reclaim e-mail as the efficient, effective communication tool it was intended to be.

One method used to combat spam is blacklisting. The goal of blacklisting is to force Internet Service Providers (ISPs) to crack-down on customers who send spam. A blacklisted ISP is blocked from sending email to organizations. When an ISP is blacklisted, they are provided with a list of actions they must take in order to be removed from the blacklist. This controversial method blocks not just the spammers, but all of the ISPs customers. Blacklisting is generally considered an unfriendly approach to stopping spam because the users most affected by the blacklist are email users who do not send spam. Many argue blacklisting actually damages the utility of email more than it helps stop spam since the potential for blocking legitimate email is so high.

In addition to the ethical considerations, there are other problems with blacklists. Many blacklists are not updated frequently enough to maintain effectiveness. Some blacklist administrators are irresponsible in that they immediately block suspect servers without thoroughly investigating complaints or giving the ISP time to respond. Another downside is that blacklists are not accurate enough to catch all spam. Only about half of servers used by spammers, regardless of how diligent the blacklist administrator may be, are ever cataloged in a given blacklist.

Blacklists are used because they can be partially effective against spammers who repeatedly use the same ISP or email account to send spam. However, because spammers often change ISPs, re-route email and hijack legitimate servers, the spammer is a moving target. Blacklist administrators are forced to constantly revise lists, and the lag-time between when a spammer begins using a given server and when the blacklist administrator is able to identify the new spam source and add it to the blacklist allows spammers to send hundreds of millions of emails. Spammers consider this constant state of flux a part of doing business and are constantly looking for new servers to send spam messages.

When used individually, each anti-spam technique has been systematically overcome by spammers. Blacklists have some utility in stopping known spammers, but they may also block valid emails. Because of their limitations, blacklist data should only be used in conjunction with other sources to determine if a given message is spam. Grandiose plans to rid the world of spam, such as charging a penny for each e-mail received or forcing servers to solve mathematical problems before delivering e-mail, have been proposed with few results. These schemes are not realistic and would require a large percentage of the population to adopt the same anti-spam method in order to be effective.

The Solution

Reputation systems offer a comprehensive anti spam solution by dynamically updating black and whitelists based on sender behavior. These systems also automatically update and score messages thereby removing the burden from administrators. Todays spammers are more clever than ever, so todays reputation systems must be equally sophisticated. An effective reputation system must be dynamic, comprehensive, precise, and based on actual enterprise mail traffic in order to keep the spammers from gaining any advantage. You can learn more about the fight against spam by visiting our website at www.ciphertrust.com and downloading our whitepapers.

Dr. Paul Judge is a noted scholar and entrepreneur. He is Chief Technology Officer at CipherTrust, the industry's largest provider of enterprise email security. The companys flagship product, IronMail provides a best of breed enterprise anti spam solution designed to stop spam, phishing attacks and other email-based threats. Learn more by visiting http://www.ciphertrust.com/products/spam_and_fraud_protection today.
Close    To Top
  • Prev Article-Geek:
  • Next Article-Geek:
    • Now: Tutorial for Web and Software Design > Geek Articles > Spam > Geek Content
    Photoshop Tutorial
     

    Special Effect
      3D Effect
      Photoshop Articles
    Programming Tutorial
     

    C/C++ Tutorial

      Visual Basic
      C# Tutorial
    Database Tutorial
     

    MySQL Tutorial

      MS SQL Tutorial
      Oracle Tutorial
    Geek Tutorial
     

    Blogging Tutorial

      RSS Tutorial
      Podcasting Tutorial
    Graphic Design Tutorial
      Coreldraw Tutorial
      Illustrator Tutorial
      3D Tutorials
    Webmaster Articles
     

    Domain Service

      Web Hosting
      Site Promotion
    Java Tutorial/ Articles
     

    Java Servlets

      JavaEE Tutorial
     

    JavaBeans Tutorial

    XML Tutorial/ Articles
     

    XML Style

      AJAX Tutorial
      XML Mobile
    Flash Tutorial/ Articles
     

    Flash Video

      Action Script
      Flash Articles
    OS Tutorial/ Articles
      Linux Tutorial
      Symbian Tutorial
      MacOS Tutorial
    Personal Tech
      Hardware Tutorial
      Software Tutorial
      Online Auction