Email Spam

Posted by Spike Snizzle / at 4:15 AM / / 0 comments

E-mail spam, also known as junk e-mail, is a subset of spam that involves nearly identical messages sent to numerous recipients by e-mail. A common synonym for spam is unsolicited bulk e-mail (UBE). Definitions of spam usually include the aspects that email is unsolicited and sent in bulk. "UCE" refers specifically to unsolicited commercial e-mail.

E-mail spam has steadily, even exponentially grown since the early 1990s to several billion messages a day. Spam has frustrated, confused, and annoyed e-mail users. The total volume of spam (over 100 billion emails per day as of April 2008) has leveled off slightly in recent years, and is no longer growing exponentially. The amount received by most e-mail users has decreased, mostly because of better filtering. About 80% of all spam is sent by fewer than 200 spammers. Botnets, networks of virus-infected computers, are used to send about 80% of spam. Since the cost of the spam is borne mostly by the recipient, it is effectively postage due advertising.

The legal status of spam varies from one jurisdiction to another. In the United States, spam was declared to be legal by the CAN-SPAM Act of 2003 provided the message adheres to certain specifications. ISPs have attempted to recover the cost of spam through lawsuits against spammers, although they have been mostly unsuccessful in collecting damages despite winning in court.

Spammers collect e-mail addresses from chatrooms, websites, customer lists, newsgroups, and viruses which harvest users' address books, and are sold to other spammers. Much of spam is sent to invalid e-mail addresses. Spam averages 94% of all e-mail sent.

Address Munging

Posted by Spike Snizzle / at 10:11 AM / / 0 comments

Posting anonymously, or with a fake name and address, is one way to avoid e-mail address harvesting, but users should ensure that the fake address is not valid. Users who want to receive legitimate email regarding their posts or Web sites can alter their addresses so humans can figure out but spammers cannot. For instance, joe@example.net might post as joeNOS@PAM.example.net.invalid. Address munging, however, can cause legitimate replies to be lost. If it's not the user's valid address, it has to be truly invalid, otherwise someone or some server will still get the spam for it.[1] Other ways use transparent address munging to avoid this by allowing users to see the actual address but obfuscate it from automated email harvesters with methods such as displaying all or part of the e-mail address on a web page as an image, a text logo shrunken to normal size using in-line CSS, or as jumbled text with the order of characters restored using CSS.

Email Filtering

Posted by Spike Snizzle / at 11:37 PM / / 0 comments

Email filtering is the processing of e-mail to organize it according to specified criteria. Most often this refers to the automatic processing of incoming messages, but the term also applies to the intervention of human intelligence in addition to anti-spam techniques, and to outgoing emails as well as those being received.

Email filtering software inputs email. For its output, it might pass the message through unchanged for delivery to the user's mailbox, redirect the message for delivery elsewhere, or even throw the message away. Some mail filters are able to edit messages during processing.

Antispam Techniques

Posted by Spike Snizzle / at 10:47 PM / / 1 comments

To prevent e-mail spam, both end users and administrators of e-mail systems use various anti-spam techniques. Some of these techniques have been embedded in products, services and software to ease the burden on users and administrators. No one technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate e-mail vs. not rejecting all spam, and the associated costs in time and effort.

Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by e-mail administrators, those that can be automated by e-mail senders and those employed by researchers and law enforcement officials.

Detecting Spam

Posted by Spike Snizzle / at 2:30 AM / / 0 comments

People tend to be much less bothered by spam slipping through filters into their mail box (false negatives), than having desired e-mail ("ham") blocked (false positives). Trying to balance false negatives (missed spams) vs false positives (rejecting good e-mail) is critical for a successful anti-spam system. Some systems let individual users have some control over this balance by setting "spam score" limits, etc. Most techniques have both kinds of errors, to varying degrees. So, for example, anti-spam systems may use techniques that have a high false negative rate (miss a lot of spam), in order to reduce the number of false positives (rejecting good e-mail),

Detecting spam based on the content of the e-mail, either by detecting keywords such as "viagra" or by statistical means, is very popular. Such methods can be very accurate when they are correctly tuned to the types of legitimate email that an individual gets, but they can also make mistakes such as detecting the keyword "cialis" in the word "specialist"; see also Internet censorship#"By-catch". The content also doesn't determine whether the email was either unsolicited or bulk, the two key features of spam. So, if a friend sends you a joke that mentions "viagra", content filters can easily mark it as being spam even though it is neither unsolicited nor sent in bulk.

The most popular DNSBLs (DNS Blacklists) are lists of IP addresses of known spammers, open relays, zombie spammers etc.

Spamtraps are often email addresses that were never valid or have been invalid for a long time that are used to collect spam. An effective spamtrap is not announced and is only found by dictionary attacks or by pulling addresses off hidden webpages. For a spamtrap to remain effective the address must never be given to anyone. Some black lists, such as spamcop, use spamtraps to catch spammers and blacklist them.

Enforcing technical requirements of the Simple Mail Transfer Protocol (SMTP) can be used to block mail coming from systems that are not compliant with the RFC standards. A lot of spammers use poorly written software or are unable to comply with the standards because they do not have legitimate control of the computer sending spam (zombie computer). So by setting restrictions on the mail transfer agent (MTA) a mail administrator can reduce spam significantly, such as by enforcing the correct fall back of Mail eXchange (MX) records in the Domain Name System, or the correct handling of delays (Teergrube).

Introduction

Posted by Spike Snizzle / at 3:55 AM / / 0 comments

Spam and fraudulent e-mail messages are major issues for computer users and businesses of all sizes. Companies are being forced to commit significant resources to protect their messaging infrastructure and their brand from these abuses, and computer users must work to protect themselves from the influx of deceptive e-mail. Network infrastructure is being taxed. Spam was once just an annoyance, but it has now become the tactic of choice for online deception, fraud, and abuse.
To help detect and prevent this onslaught of abuse and deception, Microsoft has developed a holistic strategy that includes industry collaboration, prescriptive education, and the development of innovative technologies and antispam services. These technologies are found in all Microsoft e-mail clients, servers, and services, including Windows Live Hotmail, Microsoft Office Outlook, Microsoft Exchange Server, and Microsoft Exchange Hosted Filtering.

Microsoft Exchange Hosted Filtering

Posted by Spike Snizzle / at 3:45 AM / / 0 comments

Microsoft Exchange Hosted Filtering, formally FrontBridge Services, is an e-mail filtering service that stops spam and viruses before they reach the corporate network. A global, load-balanced network of data centers ensures reliable e-mail delivery even during the largest spam and virus attacks. A sophisticated, layered e-mail filtering approach improves employee productivity through high spam-capture rates with almost no false positives. Using a managed service model, Exchange Hosted Filtering reduces complexity in the IT environment, frees IT resources for more strategic corporate initiatives, allows for a predictable service payment regardless of increases in spam and virus activity, and eliminates the costs required to scale to increasingly severe messaging threats. Network performance and filtering accuracy are backed by a comprehensive set of service level agreements (SLAs).

Windows Live Hotmail

Posted by Spike Snizzle / at 3:40 AM / / 0 comments

To help reduce the negative impact of junk e-mail, Windows Live Hotmail uses SmartScreen technology to provide junk e-mail protection and help identify and separate junk e-mail from legitimate e-mail. The SmartScreen content filter learns from known spam threats and from information provided by Windows Live Hotmail customers who are part of the voluntary Feedback Loop Program (FBL).

When an external user sends an e-mail message to Windows Live Hotmail, SmartScreen evaluates the textual content of the message and assigns a rating based on the probability that the message is junk e-mail. This rating is stored within the message itself as a message property called a spam confidence level (SCL). Anti-phishing protection is also part of the patented technology. SmartScreen analyzes e-mail messages to help detect fraudulent links and spoofed domains. If a phishing indicator is detected, Windows Live Hotmail warns you to help protect you from these types of online threats.

Windows Live Hotmail handles e-mail messages by using rules that are based on a threshold SCL rating. If a message has an SCL rating that is higher than the threshold—that is, the message is believed to be spam—the message is deleted instead of being sent to your junk e-mail folder. If the message has a lower SCL rating, the e-mail is delivered to your junk e-mail folder rather than to your inbox.

Intelligent Message Filter

Posted by Spike Snizzle / at 2:56 AM / / 0 comments

The Exchange Server Intelligent Message Filter (IMF) is part of a comprehensive effort to enhance e-mail protection, security, hygiene, and productivity. IMF is designed to combat the influx of unsolicited commercial e-mail and to enable users to distinguish between legitimate e-mail messages and unsolicited spam. Based on SmartScreen technology, Exchange Server 2003 IMF provides server-side message filtering, heuristics-based message analysis, and support for per-message spam confidence level (SCL) ratings.

The Exchange Server 2007 implementation of IMF includes anti-phishing capabilities to help detect fraudulent links or spoofed domains and to help protect users from identity theft. Exchange Server 2007 customers are protected from emerging spam and phishing exploits through the automatic filter updates, which are published frequently. In addition to filtering messages by content, IMF consolidates guidance from Connection, Sender/Recipient, Sender Reputation, Sender ID verification, and Outlook E-Mail Postmark validation to apply an SCL rating to a given message. Administrators can use this SCL rating to preconfigure actions to be taken when a message is received, such as delivering the message to the inbox or junk e-mail folder, delivering it to the spam quarantine, or rejecting it.

Microsoft Exchange Server

Posted by Spike Snizzle / at 2:56 AM / / 0 comments

Exchange Server 2003 and the Intelligent Message Filter reduce the amount of spam by using advanced server-side technology powered by SmartScreen and client-side filtering offered through Outlook to identify both unwanted and legitimate e-mail. The combination of connection-level, protocol-level, and content-level protection provides an end-to-end e-mail hygiene solution that increases user productivity and reduces the network and storage costs associated with junk e-mail messages.

Exchange Server 2007 offers best-of-breed e-mail hygiene protection, with significantly more capabilities than Exchange Server 2003. It delivers integrated antispam technologies, including support for real-time IP block list services, IP reputation services, daily spam and IP reputation definition updates through Microsoft Update, e-mail authentication by using the Sender ID Framework, anti-phishing protection, and optional attachment stripping and .zip file inspection.

Office Outlook 2007 E-Mail Postmark

Posted by Spike Snizzle / at 2:55 AM / / 0 comments

Outlook E-Mail Postmark is an innovative technology available in Office Outlook 2007. It was created to improve deliverability of legitimate e-mail that would otherwise run the risk of being junked or deleted. This technology analyzes outbound e-mail messages for indications of spam using its content filtering technology and instructs the sender's computer to perform a computation or puzzle. This work is then assigned to a header within the e-mail message as a token of legitimacy (a postmark). While not noticeable to the sender and receiver, the Outlook E-Mail Postmark is designed to make it difficult and time-intensive for spammers to send large numbers of e-mail messages.

When an e-mail message with a postmark is received by an inbound system such as Microsoft Exchange 2007, the system can easily verify the postmark. This improves the spam confidence level (SCL) of the e-mail message and improves the likelihood that the message will be delivered to the recipient's inbox instead of being rejected or delivered to the junk e-mail folder.

Microsoft Office Outlook Junk E-Mail Filter

Posted by Spike Snizzle / at 2:55 AM / / 0 comments

Microsoft Office Outlook 2007 and Outlook 2003 offer features and functionality designed to help detect and block junk and phishing e-mail messages that businesses and individual computer users receive, while improving the deliverability of e-mail from known and trusted senders.

The Outlook Junk E-Mail Filter is powered by Microsoft SmartScreen technology. First introduced in Outlook 2003, the Junk E-Mail Filter helps prevent spam from cluttering your inbox. Combining the Junk E-Mail Filter with personalized antispam rules such as the Safe Senders, Safe Recipients, and Blocked Senders lists provides enhanced and personalized spam protection while reducing false positives.
The Junk E-Mail Filter is updated regularly to reflect machine-learning technologies and user feedback, continually improving its effectiveness and countering the latest spam tactics. Updates are available from the Office Update and Microsoft Update Web sites and can be downloaded automatically, providing up–to-date protection against spam and phishing.

Microsoft SmartScreen

Posted by Spike Snizzle / at 2:55 AM / / 0 comments

Microsoft SmartScreen is an intelligent spam-filtering solution based on Microsoft Research's patented machine-learning technology. SmartScreen technology has been integrated across all Microsoft e-mail platforms, including Windows Live Hotmail, Microsoft Exchange Server 2007 and Exchange Server 2003, Microsoft Office Outlook 2007 and Outlook 2003 messaging and collaboration client, and Windows Mail e-mail clients.

SmartScreen technology learns how to distinguish between legitimate e-mail messages and spam; it also detects phishing URLs embedded in e-mail messages. It does this by synthesizing extensive user input from hundreds of thousands of Windows Live Hotmail users who are part of the voluntary Feedback Loop Program (FBL). The result is improved delivery of legitimate e-mail and better identification of spam, with about 95 percent of spam blocked or identified as junk e-mail.

Sender ID Framework

Posted by Spike Snizzle / at 2:54 AM / / 0 comments

The Sender ID Framework (SIDF) is the leading e-mail authentication protocol. Created by Microsoft, with broad industry support, it helps protect more than 45 percent of all legitimate e-mail sent worldwide. By implementing Sender ID, your organization can realize a competitive advantage for your brand and online marketing initiatives, resulting in improved online trust and confidence.

Approved by the Internet Engineering Task Force (IETF), SIDF addresses spam and phishing exploits by validating a sender's identity. SIDF confirms that each e-mail message originates from the domain from which it claims to have been sent or that it authorized to mail on the domain's behalf. When combined with the sender's e-mail reputation, Sender ID significantly improves deliverability while substantially reducing false positives.
Microsoft has integrated SIDF into Microsoft Exchange Server 2007, Microsoft Exchange Server 2003 SP2, Microsoft Exchange Hosted Filtering, and Windows Live Hotmail Web-based e-mail services. In addition, the majority of industry antispam and messaging hygiene solutions now support SIDF.v