Security Watch
Still in Search of Spam Solutions
The perfect solution remains elusive as faulty spam policies and rules block legitimate e-mail at even large service providers.
Denial of Service
Any user of anti-spam technology knows that sometimes even the smartest anti-spam
filters catch valid e-mail and classify it as spam. But when the anti-spam technology
is hosted by
America Online, the problem becomes far greater.
With millions of subscribers, having your mail classified as spam by AOL can
mean your clients simply never see your messages. In a recent case, emergency
managers in Florida's Indian River County discovered that their e-mail
alerts regarding weather systems weren't getting through to many subscribers.
AOL detected surges in their e-mail traffic patterns and decided the most likely
cause was spam being sent by the county's e-mail servers. As a result, their
sending e-mail address was classified as a spam center, and further e-mail was
prevented. Although the two entities are collaborating to rectify the situation,
it appears they haven't found a solution yet.
This isn't an uncommon problem. Rogue e-mail can be tough to detect, even for
highly sophisticated anti-spam programs. A solicitation from a company you have
a long-standing relationship with looks just the same as one from a company
you've never heard of. The difference is known only to you; you don't want one
message, but you do want the other.
On top of this, many people use anti-spam programs as a way to avoid having
to remember how to unsubscribe from unwanted newsletters. I've witnessed this
first-hand: While participating in beta programs for anti-spam programs, I've
seen newsletters from the Wall Street Journal, Microsoft and others classified
as spam because other beta participants claim it is.
You can see how complicated the plague of spam is becoming. The bottom line
is that you have to do a lot more than simply asking recipients if they want
to receive your e-mails to keep your messages from being dropped in the spam
bucket.
Malicious Code
The website monitoring company Netcraft launched an anti-phishing system
at the start of 2005 via the Netcraft Toolbar. Those who install the toolbar
effectively become part of a giant neighborhood watch system whereby they can
report phishing sites and effectively block them for the rest of the community.
| Want
More Security? |
This
column was originally published in our weekly Security Watch
newsletter. To subscribe, click here. |
|
|
Community-oriented policing has its pros and cons. If enough reports come in
about a site, it will be considered a phishing site by the community—regardless
of whether or not the site is a phishing hole. Further, if sites or domain names
become compromised (as was the case recently with Hushmail), it may be considered
a phishing site long after the problems are corrected.
Nevertheless, community-oriented solutions are attractive, as many participants
feel they can be protected by a larger set of "eyes," and can also
report anything they find.
About the Author
Russ Cooper is a senior information security analyst with Verizon Business, Inc.
He's also founder and editor of NTBugtraq, www.ntbugtraq.com,
one of the industry's most influential mailing lists dedicated to Microsoft security.
One of the world's most-recognized security experts, he's often quoted by major
media outlets on security issues.