Antispam. Aren't We All! Don't You Just Hate It?

Antispam. Aren't we all! Don't you just hate it? You've got enough to do without having to sift through a bunch of worthless, or worse yet, offensive junk e-mails in your Inbox.

So what can be done about it? What antispam procedures and software really work?

Spam filtering software is the first stop in your antispam campaign, but in some ways it's the easiest to subvert.


What this antispam tool does is tell your e-mail system to look for designated clue words - sex, nude, porn, for example - and to eliminate the messages that contain these clue words. Of course, there are easy ways to get around these antispam tactics. Did you ever see a message that comes through with the word sex spelled s*e*x? Well, that asterisk method has circumvented your spam filter - or the spam filter of your Internet and e-mail provider.

The other problem with this filter is that you could miss legitimate messages. A friend, for instance, who might mail you that she was "sick of porn sites popping up" might have her message deleted because it contained the word porn.

Two upgraded versions of these antispam filtering products are Bayesian and heuristic filters, which try to identify offensive messages through recognition of phrases as objectionable. SpamAssassin by Apache is probably the best known example of heuristic filtering. What these filters are doing that the more basic ones aren't is looking at the message itself rather than the subject header. Both Bayesian and heuristic filters have an Achilles heel in that they depend for their filtering on frequency. Were a spammer to send a short message it would get past.

To further complicate things by punishing the "good guys," major Internet service providers started simply considering batch emailing as potential spam. What this did, however, was to disrupt opt-in products such as e-zines and newsletters. So that didn't work well. The spammers themselves found a way around it anyway. As they sent out their batch messages they inserted a program that produced a variant in each heading. Perhaps a word that didn't even make sense, but still individualized each message enough to have the batching not appear as batching.

Some non-profit Internet watchdog agencies started keeping lists of the IP addresses of spammers. When these addresses cropped up in mail they were blocked. The way around this for spammers was simple - they changed IP addresses. The result was even worse, in that those addresses then got handed out to completely innocent folks who now had problems sending e-mail. Then the spammers got really aggressive and started creating and distributing viruses allowing them to hijack IP addresses that weren't on the "spam" lists.

Where the answer seems to lie for many businesses and their sites is to bypass standard email communication altogether and resort to online feedback forms for electronic communication. Which of course doesn't resolve the antispam issue for private individuals who have no Web site of their own.



No comments:

Post a Comment