Comments on: Anti-Spam Products Are More Than the Sum of Their Parts http://www.allspammedup.com/2009/04/anti-spam-products-are-more-than-the-sum-of-their-parts/ Thu, 11 Mar 2010 22:28:34 -0700 http://wordpress.org/?v=2.8.6 hourly 1 By: Dealing With New Spam Threats to Business http://www.allspammedup.com/2009/04/anti-spam-products-are-more-than-the-sum-of-their-parts/comment-page-1/#comment-2508 Dealing With New Spam Threats to Business Wed, 03 Jun 2009 14:09:37 +0000 http://www.allspammedup.com/?p=873#comment-2508 [...] the need to deploy serious protection for email spam.  A “bits and bobs” solution cobbled together from separate free components will not have the effectiveness of a comprehensive, integrated anti-spam product from a vendor [...] [...] the need to deploy serious protection for email spam.  A “bits and bobs” solution cobbled together from separate free components will not have the effectiveness of a comprehensive, integrated anti-spam product from a vendor [...]

]]> By: Barry Leiba http://www.allspammedup.com/2009/04/anti-spam-products-are-more-than-the-sum-of-their-parts/comment-page-1/#comment-2393 Barry Leiba Thu, 07 May 2009 23:55:33 +0000 http://www.allspammedup.com/?p=873#comment-2393 On sender verification, something you surely know, Paul, but that readers might misunderstand: This technique, whether done by IP address (as with SPF and Sender-ID) or by digital signature (as with DKIM), isn't meant to be an anti-spam mechanism at all. No spam filter should give a message a better score because it passed an SPF or DKIM check, nor a worse one just because it failed it. These mechanisms validate that the sending domain is what it purports to be, are meant to be combined with some sort of reputation system, and are only useful in that regard. They can be very powerful white-listing mechanisms, when combined with a list of "known good" domains, preventing legitimate messages from, say, PayPal or Citibank from being mistakenly classified as spam. Conversely, given the knowledge that PayPal fully complies with SPF, or signs all its mail with DKIM, mail that purports to come from PayPal could have its spam score increased a great deal if it fails the test. The press often gets this wrong, reporting that, for example, SPF is supported by more spam domains than legitimate ones, implying that that's a criticism of the technique. Quite the opposite: we're very happy when spammers make a point of proving who they are. It ultimately makes it much easier to filter their mail. -- Barry Leiba DKIM working group chair On sender verification, something you surely know, Paul, but that readers might misunderstand:
This technique, whether done by IP address (as with SPF and Sender-ID) or by digital signature (as with DKIM), isn’t meant to be an anti-spam mechanism at all. No spam filter should give a message a better score because it passed an SPF or DKIM check, nor a worse one just because it failed it.

These mechanisms validate that the sending domain is what it purports to be, are meant to be combined with some sort of reputation system, and are only useful in that regard. They can be very powerful white-listing mechanisms, when combined with a list of “known good” domains, preventing legitimate messages from, say, PayPal or Citibank from being mistakenly classified as spam. Conversely, given the knowledge that PayPal fully complies with SPF, or signs all its mail with DKIM, mail that purports to come from PayPal could have its spam score increased a great deal if it fails the test.

The press often gets this wrong, reporting that, for example, SPF is supported by more spam domains than legitimate ones, implying that that’s a criticism of the technique. Quite the opposite: we’re very happy when spammers make a point of proving who they are. It ultimately makes it much easier to filter their mail.

– Barry Leiba
DKIM working group chair

]]> By: Paul http://www.allspammedup.com/2009/04/anti-spam-products-are-more-than-the-sum-of-their-parts/comment-page-1/#comment-2383 Paul Tue, 05 May 2009 23:43:40 +0000 http://www.allspammedup.com/?p=873#comment-2383 Hi Gregg, thanks for your comment, I'm glad you enjoyed the article. Hi Gregg, thanks for your comment, I’m glad you enjoyed the article.

]]> By: Gregg Oldring http://www.allspammedup.com/2009/04/anti-spam-products-are-more-than-the-sum-of-their-parts/comment-page-1/#comment-2350 Gregg Oldring Fri, 01 May 2009 16:58:11 +0000 http://www.allspammedup.com/?p=873#comment-2350 Very well written Paul. I often have to explain to senders that spam filters usually assess multiple factors. My descriptions are not nearly as clear or concise. Thanks! Very well written Paul. I often have to explain to senders that spam filters usually assess multiple factors. My descriptions are not nearly as clear or concise.

Thanks!

]]>