Turning the tide against spam

Featured eBooks
The State of Trust in Government
Cybersecurity in State and Local Government
Building Data Literacy in the State and Local Workforce
By J.B. Miles
 

Connecting state and local government leaders

By J.B. Miles

|

In a few short years, unsolicited bulk e-mail has blossomed from a mere nuisance into an epidemic that threatens all enterprise messaging.

In a few short years, unsolicited bulk e-mail has blossomed from a mere nuisance into an epidemic that threatens all enterprise messaging. In 2002, spam represented about 20 percent of all e-mail traffic, a rate that was annoying but not yet worrisome. IT managers were too busy fighting network viruses, Trojan horses and worms.Since then, however, spam has increased exponentially. The Radicati Group, a research company in Palo Alto, Calif., predicts that by 2007, there will be 50 billion spam messages a day in the U.S., costing enterprises almost $200 billion per year in lost productivity. The Meta Group of Stamford, Conn., estimates that in 2005, between 60 and 70 percent of in- bound e-mail has been spam. And Meta Group says that number will grow to at least 80 percent next year if left unchecked.This deluge puts a burden on e-mail relays, Simple Mail Transfer Protocol gateways and internal mail servers. It also saps human resources by clogging inboxes.Given the spate of legislative activity around spam, plus the reams of press coverage and a growing industry for e-mail security tools, you'd expect most agencies would be up to speed on this rising tide. Sadly, you'd be wrong.A recent report from the Government Accountability Office, Emerging Cybersecurity Issues Threaten Federal Information Systems, gave federal agencies no better than a C grade overall for handling of cybersecurity threats. Specifically, nearly 80 percent of agencies failed to identify spam as a true security risk. Only slightly more than half were aware that spam consumes network bandwidth and storage capacity. Which is why anti-spam tools are as important as ever.Now is no time to be complacent. Experts say that as anti-spam and antivirus solutions have proliferated, so have the skills of spammers and hackers. They've learned to combine several methods into a single attack, often called a blended threat.Industry watchers agree that when facing blended threats, even a best-of-breed anti-spam solution might not be enough to protect an organization. Ideally, an anti-spam solution should be part of an integrated e-mail security program that offers comprehensive protection.For government enterprises, the best spam protection comes in one of two forms: server- or appliance-based.[IMGCAP(2)]Server-based anti-spam software is a common choice for enterprises with enough IT skill and manpower to install and manage the products. The software is often highly flexible and modular, with add-on products that can be installed and managed alongside e-mail and Internet SMTP servers. Server software can be cost-effective to procure, but potentially expensive to integrate, administer and keep up on an ongoing basis.Anti-spam appliances are de- signed for organizations that want to avoid installing and maintaining software but still want an onsite solution. Many leading server-based programs eventually come out on appliances because customers demand it.Appliances often feature a hardened, secure hardware/software combination (usually running some version of Linux) that is easier to install, test, configure and run than systems you build yourself. Of course, a plug-and-play box limits the amount of customization you can perform. And you may have to buy updated hardware when the appliance reaches its performance limit.'Server-based software offers a high degree of customizability,' said Keith Crosley, director of marketing development for Proofpoint Inc., a developer of server-based and appliance-based e-mail security products.Crosley said large agencies with skilled IT personnel may prefer server-based anti-spam solutions over appliances, but a smaller IT department may be better off with appliances.'They are easier to set up, use, maintain and administer than server software, and you automatically get firmware and software updates,' he said.Regardless of how you choose to deploy spam protection, investigate the methods vendors apply to the task. Experts agree that no single approach to identifying and dealing with spam is 100 percent effective, so a combination of techniques is best.Content analysis techniques are used to analyze inbound e-mail. The idea is to uncover suspicious characteristics within the e-mail message that spammers attempt to hide. There are various types of content analysis, including:

Related Links

Anti-spam appliance

Mirapoint Inc.'s RazorGate 300 is designed to sit at the network edge and perform vendor-independent spam filtering of mail before messages ever get to the e-mail server.

Symantec's 8200 anti-spam appliances can be coupled with the company's 8100 series of e-mail security devices for additional protection.

Spam technologies continue to evolve; agencies just have to put them in place











Blended threats



















Anti-spam approaches




  • Keyword analysis, whereby specific keywords and phrases within the text of an e-mail message are scrutinized.

  • Lexical analysis, in which the context of words and phrases are analyzed. Suspicious words or phrases are assigned weights depending on the context in which they're found.

  • Bayesian analysis, whereby knowledge of prior events is used as a predictive tool. In spam detection, a Bayesian filter examines e-mail known to be legitimate, in addition to known spam, and compares the content to develop a database of words may help identify future spam.

  • Heuristic analysis, in which a message's spam-like characteristics are scrutinized. Each characteristic gets a probability score and the entire message receives a cumulative score. If a probability threshold is reached, the message is deemed to be spam.

  • Header analysis, whereby message headers are examined to determine the sender's validity.

  • URL analysis, in which embedded links in e-mail messages are compared to a list of URL rules or known spam addresses.

    • Used alone, content analysis can generate many false positives, labeling valid e-mails as spam. One way to guard against this is to place suspect messages in a quarantine area where IT staff or end users can inspect them without infecting the network.

    In addition, look for anti-spam solutions that go beyond content analysis to include techniques such as blacklists/whitelists, which compare messages against lists of domain names or e-mail addresses either known as spam sources (blacklists) or legit (whitelists).

    Other anti-spam techniques include sender authentication, challenge and response, and re- verse Domain Name System lookups. All three methods attempt to ensure that a sender is legitimate. Honey pots are decoy e-mail mailboxes that act as spam traps. And a growing number of anti-spam solutions can check outbound e-mail for compliance with federal e-mail regulations and internal policies.

    Remember, no single technique, whether server-based or in an appliance, can eliminate spam. Look for a vendor with a good track record and an integrated product that draws on multiple techniques. Bottom line: Agencies can no longer be complacent about spam.

    J.B. Miles writes from Honomu, Hawaii. E-mail him atjbmiles@starband.net.

NEXT STORY: Program detects dangers that run silent, run deep

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.