Spam Fighting TechnologiesWritten by Jeff on May 24, 2012
Spam doesn’t stop itself.
In fact, keeping your users’ inboxes free of spam requires some pretty sophisticated technologies. However for those who use modern day anti-spam filters, many of these technologies operate in the background without the administrator even knowing what is going on.
That’s the way it should be. Fighting spam should be effective and easy – especially for smaller IT departments where there are few people who have the time to specialize in one aspect of technology.
But even if your anti-spam solution requires very little background knowledge, it never hurts to know how these things work.
The following technologies are ones that are, or have been, used to fight spam using automated solutions. You may have seen one or two of these before, but if not, this is a great opportunity to expand your knowledge base.
When this technology is employed by your anti-spam solution it allows emails to pass through that come from servers that have been authenticated to be legitimate. This method uses DNS to determine the sender’s reputation.
The problem with authentication is that it does not filter spam itself. It filters senders that it does not know.
One common method for fighting spam is frequently used to prevent spam sent via contact forms on the web.
When you fill out a form, the Captcha test that you must successfully enter before hitting send is this type of spam prevention tool. But it is not the only one ever used.
For a while, certain email systems would automatically reply to any unknown senders (remember authentication?) with a message asking the sender to reply so that the original recipient would know that they are a real person and not some automated bulk emailer.
Of course if the original sender never sees the challenge email, their message goes undelivered.
Also known as DNS Blacklists or DNSBLs, this method of fighting spam requires the email server to check against a list of IP addresses, published by a third-party site, that lets the spam filter know if the sender’s address has been included.
Unfortunately, legitimate email marketing campaigns can result in an organization’s DNS address making their way onto one of these lists. Once on, it takes some work to get your address removed.
Like authentication, using a DNS Blocklist does not stop spam – it stops the spammer. Wise spammers simply change their sending DNS to work around this.
Relying on a large database of spam messages collected all over the world to determine what constitutes spam, pattern detection identifies commonalities among spam messages. Because it continually learns to indentify the different techniques spammers use, it is one of the most sophisticated spam fighting technologies in use.
This is one of the most common methods for fighting spam. The administrator simply sets up rules that tell the spam filter what to block. For example, when the words “Easy Credit Card Approval” appear in a message, the anti-spam filter knows to block that message because it violates a rule set by the admin.
To make life easier on email administrators, many companies provide pre-set rules for the people who use their products.
While rule based anti-spam solutions offer greater control for the administrator, they can be time consuming and they are prone to false positives.
Statistical Content Filtering
Also known as Bayesian filtering, this method works by assigning a score to different tendencies used by spammers. For example, a message with a high percentage of misspelled words sent from an Russian IP address that mentions Viagra (or spelling variations) has more tendencies used by spammers than a message regarding your annual sales forecast. Seeing that the first message fits a specific pattern, that message would be blocked if the score meets the threshold set by the administrator.
The more users identify spam, the smarter the system becomes in identifying it.
What is the best technology to use?
Bayesian is often thought to be the best method for stopping spam, but it is resource intensive unlike some of the more basic spam fighting technologies. The flip side is that these less laborious solutions don’t offer the same level of protection.
To best fight spam in your organization a combination, or hybrid, of different anti-spam technologies would be the best bet.