How to Avoid Spam (Part 7 of 10) - Use a spam filter
Use a spam filter
Spam filters are not new, back when Usenet was most of the Internet, there were already spammers, and they were dealt with by killfiles. If you didn't want to hear from a particular person, you added their name to your killfile, and then anything they sent or posted didn't get through to you. The idea that you can identify a particular sender as a spammer and block the spam in that way has had its day in the sun, but is no longer effective. Spammers use aliasing and forged headers to make it appear that their spam is coming from a legitimate user (I've gotten many bouncebacks from spam messages I didn't send), or are using zombie computers or viruses to send spam from other computers than their own.
Nowdays, spam filters use many other techniques to identify spam. Large ISP's can spot multiple instances of the same message to their customers. Spammers get around this by adding in random text to each spam email, from a book or dictionary. Also, sometimes newsletters or other legitimate email can be blocked by mistake. Spam filters look for key words, like Viagra and Make Money Fast. Spammers get around this by varying the spelling of the key words, like V1@gra and M@ke M0ney F@st. Spam filters look at the email headers to see if they are forged. Spammers get around this by using zombie machines or viruses to deliver their spam. Spam filters scan the text of an email and use fuzzy logic to give a weighted opinion as to whether the email is spam. Spammers get around this by including their content in an attached image, or add in random words that might appear to be legitimate email language. This can also occasionally filter out emails that are not spam. This can usually be overridden by explicitly authorizing email from particular senders or domains.
False positives are a big problem. If you have to wade through all the spam to find the couple of legitimate emails that were misidentified, then a spam filter isn't doing much good. And friends get fed up if you don't receive emails from them, or if they keep getting email warnings about their emails being spam.
Many ISPs and e-mail services provide spam filtering. While filters are not perfect, they can significantly cut down the amount of spam, and very rarely produce false positives. Check with your ISP to see if they do (AOL, MSN, Hotmail, and Yahoo! do). If they don't or you want more protection, you can get programs, both free and commercial products, to block, identify, or delete spam. Another option is to manually set up filtering in your email program such as Outlook Express or Outlook. Here's an article by Microsoft on how to set up spam filtering in Outlook 2003.
HTML emails, URLs, and images can expose you (or your kids) to pornographic or otherwise offensive images in spam. In addition, spam written in HTML can contain Java programs to direct your browser to a spammers web page, or to make the spam message difficult to close or delete. In some cases, spam messages can install spyware or viruses. Also, the HTML or images can be used to signal whether a spam message is actually read and seen by a user (see Part 3 of this article). You can defend against these risks by setting up your email software to not automatically display HTML, images or attachments by default. Spam filters are not just good for reducing the tedium of deleting spam. Spam filters can reduce or eliminate risks, too.
See tomorrow's posting for Part 8 of How to Avoid Spam.
Previous | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Next
Spam filters are not new, back when Usenet was most of the Internet, there were already spammers, and they were dealt with by killfiles. If you didn't want to hear from a particular person, you added their name to your killfile, and then anything they sent or posted didn't get through to you. The idea that you can identify a particular sender as a spammer and block the spam in that way has had its day in the sun, but is no longer effective. Spammers use aliasing and forged headers to make it appear that their spam is coming from a legitimate user (I've gotten many bouncebacks from spam messages I didn't send), or are using zombie computers or viruses to send spam from other computers than their own.
Nowdays, spam filters use many other techniques to identify spam. Large ISP's can spot multiple instances of the same message to their customers. Spammers get around this by adding in random text to each spam email, from a book or dictionary. Also, sometimes newsletters or other legitimate email can be blocked by mistake. Spam filters look for key words, like Viagra and Make Money Fast. Spammers get around this by varying the spelling of the key words, like V1@gra and M@ke M0ney F@st. Spam filters look at the email headers to see if they are forged. Spammers get around this by using zombie machines or viruses to deliver their spam. Spam filters scan the text of an email and use fuzzy logic to give a weighted opinion as to whether the email is spam. Spammers get around this by including their content in an attached image, or add in random words that might appear to be legitimate email language. This can also occasionally filter out emails that are not spam. This can usually be overridden by explicitly authorizing email from particular senders or domains.
False positives are a big problem. If you have to wade through all the spam to find the couple of legitimate emails that were misidentified, then a spam filter isn't doing much good. And friends get fed up if you don't receive emails from them, or if they keep getting email warnings about their emails being spam.
Many ISPs and e-mail services provide spam filtering. While filters are not perfect, they can significantly cut down the amount of spam, and very rarely produce false positives. Check with your ISP to see if they do (AOL, MSN, Hotmail, and Yahoo! do). If they don't or you want more protection, you can get programs, both free and commercial products, to block, identify, or delete spam. Another option is to manually set up filtering in your email program such as Outlook Express or Outlook. Here's an article by Microsoft on how to set up spam filtering in Outlook 2003.
In a single day in May [2003], No. 1 Internet service provider AOL Time Warner (AOL ) blocked 2 billion spam messages -- 88 per subscriber -- from hitting its customers' e-mail accounts. Microsoft (MSFT), which operates No. 2 Internet service provider MSN plus e-mail service Hotmail, says it blocks an average of 2.4 billion spams per day. According to research firm Radicati Group in Palo Alto, Calif., spam is expected to account for 45% of the 10.9 trillion messages sent around the world in 2003.- Business Week Magazine
HTML emails, URLs, and images can expose you (or your kids) to pornographic or otherwise offensive images in spam. In addition, spam written in HTML can contain Java programs to direct your browser to a spammers web page, or to make the spam message difficult to close or delete. In some cases, spam messages can install spyware or viruses. Also, the HTML or images can be used to signal whether a spam message is actually read and seen by a user (see Part 3 of this article). You can defend against these risks by setting up your email software to not automatically display HTML, images or attachments by default. Spam filters are not just good for reducing the tedium of deleting spam. Spam filters can reduce or eliminate risks, too.
See tomorrow's posting for Part 8 of How to Avoid Spam.
Previous | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Next
Labels: Blog
posted by drewc4 at
11:59 PM
0 Comments:
Post a Comment
<< Home