ISPs are one of the most vocal opponents of SPAM because it eats up their bandwidth. Yet, a lot of ISPs continue to allow their customers to send email out to the world on TCP port 25 with no restrictions. Huh?
I’m of the opinion that the ISPs need to take more responsibility for the email that is leaving their networks. If you are an ISP and you have SPAM zombie PCs on your network spewing thousands of outbound SPAM messages per day, then you need to shut them down. Continue reading
Getting your legitimate email through the maze of SPAM filters is a tricky business. Many of the “gotchas” are the result of an improperly configured technical details on your end of things (eg. your server, your DNS, your mail client, etc.). The problem for 99% of email senders is they have very little control over these details but they can control the content of their emails. Here is where the common sense kicks in: If you email looks like SPAM then it is going to get treated like SPAM!
SPAM filtering 101
Most good SPAM filters use some form of Bayesian Analysis to do statistical analysis on the text content of your email. I’ll spare you the gory details, but essentially these filters learn common text patterns from SPAM email and then use that information to filter out SPAM.
If you send email that contains “spammy” content then there is a much better chance that your message will end up getting blocked. Continue reading
Setting up your DNS with a Sender Policy Framework (SPF) record is a great way to help ensure that your email makes it through to your intended recipients.
In a nutshell, a SPF record in your DNS tells the receiving mail server whether your email server is allowed to send mail for your domain. It really helps the receiving server to trust that your message isn’t forged, unlike the vast majority of SPAM messages. There is quite a bit more to it, so if you’re interested then check out Wikipedia on SPF. Continue reading
I posted recently regarding the battle against image SPAM. One of the comments pointed out that defeating image SPAM was actually fairly straightforward if OCR software was used to scanned image attachments. I agree, but the real problem is that very few people have access to an Optical Character Recognition (OCR) based scanning solution. Either you pay the BIG bucks for a commerical SPAM filtering solution, or you get an uber-geek to integrate FuzzyOCR into your existing Spamassassin based solution. I would guess that 95%+ of email inboxes are not currently protected by OCR so it appears the image spammers aren’t yet too concerned about fooling OCR-based anti-SPAM solutions. Continue reading
Blocking spam is an arms race between spam detection and detection avoidance techniques. Lately spammers had the upper hand but the tide has turned with new PTR record blocking techniques. This is how implementing PTR record filtering has reduced our spam to nearly zero. Reducing Spam to Nearly Zero with PTR Record Filtering
Interesting article on how a big company, using a Barracuda SPAM filter, reduced their SPAM significantly by filtering out email originating from cable modem users on the Shaw Cable network in Canada.
There is really no good reason why legitimate email would be originating directly from home users on the Shaw network. It is pretty safe to assume that 99% of email being sent directly from a consumer broadband connection (and not relayed through Shaw’s SMTP server) is SPAM of some flavor.
If home users are geek savvy enough to be running their own home mail server on the Shaw network (like me!) then they should also be smart enough to know that they should be using Shaw’s SMTP server as a relay host for their outbound mail!
The only “problem” with this approach is the scalability and maintainability of the solution. Trying to compile and maintain a comprehensive collection of regular expressions to match all the potentially SPAMmy PTR records is daunting. Having said that, anything that can reduce the amount of SPAM reaching my inbox is probably worth pursuing.
Most anti-SPAM solutions are getting pretty good at categorizing SPAM by doing statistical analysis on the text found in the email. Run a message through a Bayesian filter, do a few regular expression checks, and you can be relatively sure if a message is SPAM or not.
So what happens when the “message” in the SPAM message isn’t text but an image instead? The spammers have come to the conclusion that text based SPAM isn’t working anymore, so now they have moved on to a new strategy: image SPAM. I’m sure you’ve all seen it. A typical image SPAM email contains a small image with fuzzy text that promotes a “pump & dump” stock scheme. Beneath the image is usually several paragraphs of random text which are meant to fool anti-SPAM software into allowing the message to pass as a legitimate email. Continue reading
