Security Watch

Still in Search of Spam Solutions

The perfect solution remains elusive as faulty spam policies and rules block legitimate e-mail at even large service providers.

Denial of Service
Any user of anti-spam technology knows that sometimes even the smartest anti-spam filters catch valid e-mail and classify it as spam. But when the anti-spam technology is hosted by America Online, the problem becomes far greater.

With millions of subscribers, having your mail classified as spam by AOL can mean your clients simply never see your messages. In a recent case, emergency managers in Florida's Indian River County discovered that their e-mail alerts regarding weather systems weren't getting through to many subscribers. AOL detected surges in their e-mail traffic patterns and decided the most likely cause was spam being sent by the county's e-mail servers. As a result, their sending e-mail address was classified as a spam center, and further e-mail was prevented. Although the two entities are collaborating to rectify the situation, it appears they haven't found a solution yet.

This isn't an uncommon problem. Rogue e-mail can be tough to detect, even for highly sophisticated anti-spam programs. A solicitation from a company you have a long-standing relationship with looks just the same as one from a company you've never heard of. The difference is known only to you; you don't want one message, but you do want the other.

On top of this, many people use anti-spam programs as a way to avoid having to remember how to unsubscribe from unwanted newsletters. I've witnessed this first-hand: While participating in beta programs for anti-spam programs, I've seen newsletters from the Wall Street Journal, Microsoft and others classified as spam because other beta participants claim it is.

You can see how complicated the plague of spam is becoming. The bottom line is that you have to do a lot more than simply asking recipients if they want to receive your e-mails to keep your messages from being dropped in the spam bucket.

Malicious Code
The website monitoring company Netcraft launched an anti-phishing system at the start of 2005 via the Netcraft Toolbar. Those who install the toolbar effectively become part of a giant neighborhood watch system whereby they can report phishing sites and effectively block them for the rest of the community.

Want More Security?

This column was originally published in our weekly Security Watch newsletter. To subscribe, click here.

Community-oriented policing has its pros and cons. If enough reports come in about a site, it will be considered a phishing site by the community—regardless of whether or not the site is a phishing hole. Further, if sites or domain names become compromised (as was the case recently with Hushmail), it may be considered a phishing site long after the problems are corrected.

Nevertheless, community-oriented solutions are attractive, as many participants feel they can be protected by a larger set of "eyes," and can also report anything they find.

About the Author

Russ Cooper is a senior information security analyst with Verizon Business, Inc. He's also founder and editor of NTBugtraq, www.ntbugtraq.com, one of the industry's most influential mailing lists dedicated to Microsoft security. One of the world's most-recognized security experts, he's often quoted by major media outlets on security issues.

comments powered by Disqus
Most   Popular