|
Anti-spam
Various anti-spam techniques are used to prevent email spam (unsolicited bulk email). No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email ( false positives) as opposed to not rejecting all spam email ( false negatives) – and the associated costs in time, effort, and cost of wrongfully obstructing good mail. Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by email administrators, those that can be automated by email senders and those employed by researchers and law enforcement officials. End-user techniques There are a number of techniques that individuals can use to restrict the availability of their email addresses, with the goal of reducing their chance of receiving spam. Discretion Sharing an email address only among a limited group of correspondents is one way to limit the chance that the address will be "harv ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Email Spam
Email spam, also referred to as junk email, spam mail, or simply spam, refers to unsolicited messages sent in bulk via email. The term originates from a Spam (Monty Python), Monty Python sketch, where the name of a canned meat product, "Spam (food), Spam," is used repetitively, mirroring the intrusive nature of unwanted emails. Since the early 1990s, spam has grown significantly, with estimates suggesting that by 2014, it comprised around 90% of all global email traffic. Spam is primarily a financial burden for the recipient, who may be required to manage, filter, or delete these unwanted messages. Since the expense of spam is mostly borne by the recipient, it is effectively a form of "postage due" advertising, where the recipient bears the cost of unsolicited messages. This cost imposed on recipients, without compensation from the sender, makes spam an example of a "negative externality" (a side effect of an activity that affects others who are not involved in the decision). The ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
The Spamhaus Project
The Spamhaus Project is an international organisation based in the Principality of Andorra, founded in 1998 by Steve Linford to track email spammers and spam-related activity. The name ''spamhaus'', a pseudo-German expression, was coined by Linford to refer to an internet service provider, or other firm, which spams or knowingly provides service to spammers. Anti-spam lists The Spamhaus Project is responsible for compiling several widely used anti-spam lists. Many internet service providers and email servers use the lists to reduce the amount of spam that reaches their users. In 2006, the Spamhaus services protected 650 million email users, including the European Parliament, US Army, the White House and Microsoft, from billions of spam emails a day. Spamhaus distributes the lists in the form of DNS-based blocklists (DNSBLs). The lists are offered as a free public service to low-volume mail server operators on the internet. Commercial spam filtering services and other sites p ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Sender Policy Framework
Sender Policy Framework (SPF) is an email authentication method that ensures the sending mail server is authorized to originate mail from the email sender's domain. This authentication only applies to the email sender listed in the "envelope from" field during the initial SMTP connection. If the email is bounced, a message is sent to this address, and for downstream transmission it typically appears in the "Return-Path" header. To authenticate the email address which is actually visible to recipients on the "From:" line, other technologies, such as DMARC, must be used. Forgery of this address is known as email spoofing, and is often used in phishing and email spam. The list of authorized sending hosts and IP addresses for a domain is published in the DNS records for that domain. Sender Policy Framework is defined in RFC 7208 dated April 2014 as a "proposed standard". History The first public mention of the concept was in 2000 but went mostly unnoticed. No mention was made of th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Email Address
An email address identifies an email box to which messages are delivered. While early messaging systems used a variety of formats for addressing, today, email addresses follow a set of specific rules originally standardized by the Internet Engineering Task Force (IETF) in the 1980s, and updated by . The term email address in this article refers to just the ''addr-spec'' in Section 3.4 of . The RFC defines ''address'' more broadly as either a ''mailbox'' or ''group''. A ''mailbox'' value can be either a ''name-addr'', which contains a ''display-name'' and ''addr-spec'', or the more common ''addr-spec'' alone. An email address, such as ''[email protected]'', is made up from a local-part, the symbol @, and a '' domain'', which may be a domain name or an IP address enclosed in brackets. Although the standard requires the local-part to be case-sensitive, it also urges that receiving hosts deliver messages in a case-independent manner, e.g., that the mail system in the domain ''ex ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Open Mail Relay
An open mail relay is a Simple Mail Transfer Protocol (SMTP) server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users. This used to be the default configuration in many mail servers; indeed, it was the way the Internet was initially set up, but open mail relays have become unpopular because of their exploitation by spammers and worms. Many relays were closed, or were placed on blacklists by other servers. History and technology Until the 1990s, mail servers were commonly intentionally configured as open relays; in fact, this was frequently the installation default setting. The traditional store and forward method of relaying e-mail to its destination required that it was passed from computer to computer (through and beyond the Internet) via modems on telephone lines. For many early networks, such as UUCPNET, FidoNet and BITNET, lists of machines that were open relays were a co ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
DNSBL
A Domain Name System blocklist, Domain Name System-based blackhole list, Domain Name System blacklist (DNSBL) or real-time blackhole list (RBL) is a service for operation of mail servers to perform a check via a Domain Name System (DNS) query whether a sending host's IP address is blacklisted for email spam. Most mail server software can be configured to check such lists, typically rejecting or flagging messages from such sites. A DNSBL is a software mechanism, rather than a specific list or policy. Dozens of DNSBLs exist. They use a wide array of criteria for listing and delisting addresses. These may include listing the addresses of zombie computers or other machines being used to send spam, Internet service providers (ISPs) who willingly host spammers, or those which have sent spam to a honeypot system. Since the creation of the first DNSBL in 1998, the operation and policies of these lists have frequently been controversial, both in Internet advocacy circles and occasion ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Distributed Checksum Clearinghouse
Distributed Checksum Clearinghouse (also referred to as DCC) is a method of spam email detection. The basic logic in DCC is that most spam mails are sent to many recipients. The same message body appearing many times is therefore bulk email. DCC identifies bulk email by calculating a fuzzy checksum on it and sending that to a DCC server. The server responds with the number of times it has received that checksum. An individual email will create a score of 1 each time it is processed. Bulk mail can be identified because the response number is high. The content is not examined. DCC works over the UDP protocol and uses little bandwidth. DCC is resistant to hashbusters A hash buster is a program which randomly adds characters to data in order to change the data's hash sum. This is typically used to add words to spam e-mails, to bypass hash filters. As the e-mail's hash sum is different from the sum of e-mail ... because "the main DCC checksums are fuzzy and ignore aspects of m ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
DMARC
Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. The purpose and primary outcome of implementing DMARC is to protect a domain from being used in business email compromise attacks, phishing email and email scams. Once the DMARC DNS entry is published, any receiving email server can authenticate the incoming email based on the instructions published by the domain owner within the DNS entry. If the email passes the authentication, it will be delivered and can be trusted. If the email fails the check, depending on the instructions held within the DMARC record the email could be delivered, quarantined or rejected. DMARC extends two existing email authentication mechanisms, Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM). It allows the administrative owner of a domain to ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
DKIM
DomainKeys Identified Mail (DKIM) is an email authentication method that permits a person, role, or organization that owns the signing domain to claim some responsibility for a message by associating the domain with the message. The receiver can check that an email that claimed to have come from a specific domain was indeed authorized by the owner of that domain. It achieves this by affixing a digital signature, linked to a domain name, to each outgoing email message. The recipient system can verify this by looking up the sender's public key published in the DNS. A valid signature also guarantees that some parts of the email (possibly including attachments) have not been modified since the signature was affixed. Usually, DKIM signatures are not visible to end-users, and are affixed or verified by the infrastructure rather than the message's authors and recipients. DKIM is an Internet Standard. It is defined in RFC 6376, dated September 2011, with updates in RFC 8301 and RF ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
SpamCop
SpamCop is an email spam reporting service, allowing recipients of unsolicited bulk or commercial email to report IP addresses found by SpamCop's analysis to be senders of the spam to the abuse reporting addresses of those IP addresses. SpamCop uses these reports to compile a list of computers sending spam called the "SpamCop Blocking List" or "SpamCop Blacklist" (SCBL). History SpamCop was founded by Julian Haight in 1998 as an individual effort. As the reporting service became more popular, staff were added and the SCBL became more useful. It has commonly been the target of DDoS attacks and lawsuits from organizations listed in the SCBL. Email security company IronPort Systems announced its acquisition of SpamCop on November 24, 2003, but it remained independently run by Julian Haight. A small staff and volunteer help in its forum. IronPort agreed to become a division of Cisco Systems on January 4, 2007, effectively making SpamCop a Cisco service. Julian Haight left app ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
E-mail Address Harvesting
Email harvesting or scraping is the process of obtaining lists of email addresses using various methods. Typically these are then used for bulk email or spam. Methods The simplest method involves spammers purchasing or trading lists of email addresses from other spammers. Another common method is the use of special software known as "harvesting bots" or "harvesters", which uses spider Web pages, postings on Usenet, mailing list archives, internet forums and other online sources to obtain email addresses from public data. Spammers may also use a form of dictionary attack in order to harvest email addresses, known as a directory harvest attack, where valid email addresses at a specific domain are found by guessing email address using common usernames in email addresses at that domain. For example, trying [email protected], [email protected], @example.com, etc. and any others that are accepted for delivery by the recipient email server, instead of being rejected, are added to the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
E-mail Address
An email address identifies an email box to which messages are delivered. While early messaging systems used a variety of formats for addressing, today, email addresses follow a set of specific rules originally standardized by the Internet Engineering Task Force (IETF) in the 1980s, and updated by . The term email address in this article refers to just the ''addr-spec'' in Section 3.4 of . The RFC defines ''address'' more broadly as either a ''mailbox'' or ''group''. A ''mailbox'' value can be either a ''name-addr'', which contains a ''display-name'' and ''addr-spec'', or the more common ''addr-spec'' alone. An email address, such as ''[email protected]'', is made up from a #Local-part, local-part, the symbol @, and a ''#Domain, domain'', which may be a domain name or an IP address enclosed in brackets. Although the standard requires the local-part to be case-sensitive, it also urges that receiving hosts deliver messages in a case-independent manner, e.g., that the mail system i ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
