|
Anti-spam Techniques (e-mail)
Various anti-spam techniques are used to prevent email spam (unsolicited bulk email). No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email (false positives) as opposed to not rejecting all spam email (False positives and false negatives#False negative error, false negatives) – and the associated costs in time, effort, and cost of wrongfully obstructing good mail. Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by email administrators, those that can be automated by email senders and those employed by researchers and law enforcement officials. End-user techniques There are a number of techniques that individuals can use to restrict the availability of their email addresses, with the goal of reducing their chance of receiving spam. Discretion Sharing an email address only among a limited group of correspondents is one ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Email Spam
Email spam, also referred to as junk email, spam mail, or simply spam, refers to unsolicited messages sent in bulk via email. The term originates from a Spam (Monty Python), Monty Python sketch, where the name of a canned meat product, "Spam (food), Spam," is used repetitively, mirroring the intrusive nature of unwanted emails. Since the early 1990s, spam has grown significantly, with estimates suggesting that by 2014, it comprised around 90% of all global email traffic. Spam is primarily a financial burden for the recipient, who may be required to manage, filter, or delete these unwanted messages. Since the expense of spam is mostly borne by the recipient, it is effectively a form of "postage due" advertising, where the recipient bears the cost of unsolicited messages. This cost imposed on recipients, without compensation from the sender, makes spam an example of a "negative externality" (a side effect of an activity that affects others who are not involved in the decision). The ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Federal Trade Commission
The Federal Trade Commission (FTC) is an independent agency of the United States government whose principal mission is the enforcement of civil (non-criminal) United States antitrust law, antitrust law and the promotion of consumer protection. It shares jurisdiction over federal civil antitrust law enforcement with the United States Department of Justice Antitrust Division, Department of Justice Antitrust Division. The agency is headquartered in the Federal Trade Commission Building in Washington, DC. The FTC was established in 1914 by the Federal Trade Commission Act of 1914, Federal Trade Commission Act, which was passed in response to the 19th-century monopolistic trust crisis. Since its inception, the FTC has enforced the provisions of the Clayton Antitrust Act of 1914, Clayton Act, a key U.S. antitrust statute, as well as the provisions of the FTC Act, et seq. Over time, the FTC has been delegated with the enforcement of additional business regulation statutes and has promul ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Anti-Spam Research Group
The Anti-Spam Research Group (ASRG) was a research group started within the Internet Research Task Force (IRTF), where its charter concluded on 18 March 2013. It is still a reference and a melting pot for anti-spam research and theorization. In particular, the wiki lives on. Dedicated to research into curbing spam on an Internet-wide level, it consists of a mailing list to coordinate work and a small web site with a wiki. As with other IRTF groups, the ASRG contributed to the Internet Engineering Task Force (IETF) process with drafts, documents, and assistance in the creation of new working groups. One IETF group spun off from the ASRG is MARID. The ASRG is sporadically active, as little evolves in the anti-spam landscape, with most activity happening on the mailing list. In 2008 the ASRG worked on Internet Drafts about DNSBL A Domain Name System blocklist, Domain Name System-based blackhole list, Domain Name System blacklist (DNSBL) or real-time blackhole list (RBL) is a s ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
SURBL
SURBL (stands for Spam URI Realtime Block List) is a collection of URI DNSBL lists of Uniform Resource Identifier (URI) hosts, typically web site domains, that appear in unsolicited messages or other data. SURBL can be used to check data against known misused email addresses, phone numbers, uri shortners and coin hashes via the HASHBL sets. SURBL can be used to search incoming e-mail message bodies for spam payload links to help evaluate whether the messages are unsolicited. For example, if ''http://www.example.com'' is listed, then e-mail messages with a message body containing this URI may be classified as unsolicited. URI DNSBLs differ from prior DNSBLs, which commonly list mail sending IP addresses. SURBL is a specific instance of the general URI DNSBL list type. Lists ABUSE, PH, MW, CR, CT, DM are gathered into ''multi.surbl.org''. HASHBL supports the following categories: * ABUSE * CRACKED * MALWARE * PHISH * EMAIL * CRYPTO * PHONE Usage A DNS query of a domain ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
The Spamhaus Project
The Spamhaus Project is an international organisation based in the Principality of Andorra, founded in 1998 by Steve Linford to track email spammers and spam-related activity. The name ''spamhaus'', a pseudo-German expression, was coined by Linford to refer to an internet service provider, or other firm, which spams or knowingly provides service to spammers. Anti-spam lists The Spamhaus Project is responsible for compiling several widely used anti-spam lists. Many internet service providers and email servers use the lists to reduce the amount of spam that reaches their users. In 2006, the Spamhaus services protected 650 million email users, including the European Parliament, US Army, the White House and Microsoft, from billions of spam emails a day. Spamhaus distributes the lists in the form of DNS-based blocklists (DNSBLs). The lists are offered as a free public service to low-volume mail server operators on the internet. Commercial spam filtering services and other sites p ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Open Mail Relay
An open mail relay is a Simple Mail Transfer Protocol (SMTP) server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users. This used to be the default configuration in many mail servers; indeed, it was the way the Internet was initially set up, but open mail relays have become unpopular because of their exploitation by spammers and worms. Many relays were closed, or were placed on blacklists by other servers. History and technology Until the 1990s, mail servers were commonly intentionally configured as open relays; in fact, this was frequently the installation default setting. The traditional store and forward method of relaying e-mail to its destination required that it was passed from computer to computer (through and beyond the Internet) via modems on telephone lines. For many early networks, such as UUCPNET, FidoNet and BITNET, lists of machines that were open relays were a co ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
DNSBL
A Domain Name System blocklist, Domain Name System-based blackhole list, Domain Name System blacklist (DNSBL) or real-time blackhole list (RBL) is a service for operation of mail servers to perform a check via a Domain Name System (DNS) query whether a sending host's IP address is blacklisted for email spam. Most mail server software can be configured to check such lists, typically rejecting or flagging messages from such sites. A DNSBL is a software mechanism, rather than a specific list or policy. Dozens of DNSBLs exist. They use a wide array of criteria for listing and delisting addresses. These may include listing the addresses of zombie computers or other machines being used to send spam, Internet service providers (ISPs) who willingly host spammers, or those which have sent spam to a honeypot system. Since the creation of the first DNSBL in 1998, the operation and policies of these lists have frequently been controversial, both in Internet advocacy circles and occasion ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Hashbusters
A hash buster is a program which randomly adds characters to data in order to change the data's hash sum. This is typically used to add words to spam e-mails, to bypass hash filters. As the e-mail's hash sum is different from the sum of e-mails previously defined as spam, the e-mail is not considered spam and therefore delivered as if it were a normal message. Hash busters can also be used to randomly add content to any kind of file until the hash sum becomes a certain sum. In e-mail context, this could be used to bypass a filter which only accepts e-mails with a certain sum. Initially spams containing "white noise" from hash busters tended to simply exhibit 'paragraphs' of literally random words, but increasingly these are now appearing somewhat grammatical. See also * Cryptographic hash function A cryptographic hash function (CHF) is a hash algorithm (a map (mathematics), map of an arbitrary binary string to a binary string with a fixed size of n bits) that has spec ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Distributed Checksum Clearinghouse
Distributed Checksum Clearinghouse (also referred to as DCC) is a method of spam email detection. The basic logic in DCC is that most spam mails are sent to many recipients. The same message body appearing many times is therefore bulk email. DCC identifies bulk email by calculating a fuzzy checksum on it and sending that to a DCC server. The server responds with the number of times it has received that checksum. An individual email will create a score of 1 each time it is processed. Bulk mail can be identified because the response number is high. The content is not examined. DCC works over the UDP protocol and uses little bandwidth. DCC is resistant to hashbusters A hash buster is a program which randomly adds characters to data in order to change the data's hash sum. This is typically used to add words to spam e-mails, to bypass hash filters. As the e-mail's hash sum is different from the sum of e-mail ... because "the main DCC checksums are fuzzy and ignore aspects of m ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Checksum
A checksum is a small-sized block of data derived from another block of digital data for the purpose of detecting errors that may have been introduced during its transmission or storage. By themselves, checksums are often used to verify data integrity but are not relied upon to verify data authenticity. The procedure which generates this checksum is called a checksum function or checksum algorithm. Depending on its design goals, a good checksum algorithm usually outputs a significantly different value, even for small changes made to the input. This is especially true of cryptographic hash functions, which may be used to detect many data corruption errors and verify overall data integrity; if the computed checksum for the current data input matches the stored value of a previously computed checksum, there is a very high probability the data has not been accidentally altered or corrupted. Checksum functions are related to hash functions, fingerprints, randomization functio ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Phishing
Phishing is a form of social engineering and a scam where attackers deceive people into revealing sensitive information or installing malware such as viruses, worms, adware, or ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim navigates the site, and transverses any additional security boundaries with the victim. As of 2020, it is the most common type of cybercrime, with the Federal Bureau of Investigation's Internet Crime Complaint Center reporting more incidents of phishing than any other type of cybercrime. The term "phishing" was first recorded in 1995 in the cracking toolkit AOHell, but may have been used earlier in the hacker magazine '' 2600''. It is a variation of ''fishing'' and refers to the use of lures to "fish" for sensitive information. Measures to prevent or reduce the impact of phishing attacks include legislation, user educa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Email Spoofing
Email spoofing is the creation of email messages with a forged sender address. The term applies to email purporting to be from an address which is not actually the sender's; mail sent in reply to that address may bounce or be delivered to an unrelated party whose identity has been faked. Disposable email address or "masked" email is a different topic, providing a masked email address that is not the user's normal address, which is not disclosed (for example, so that it cannot be harvested), but forwards mail sent to it to the user's real address. The original transmission protocols used for email do not have built-in authentication methods: this deficiency allows spam and phishing emails to use spoofing in order to mislead the recipient. More recent countermeasures have made such spoofing from internet sources more difficult but they have not eliminated it completely; few internal networks have defences against a spoof email from a colleague's compromised computer on that net ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
