|
|
|
|
|
|
|
|
|
|
|
|
|
|
The evolution of anti-spam technology (continued)
Simple DNS tests help to prevent "spoofing" (when a machine masquerades as another by using its name). Although simple DNS tests are a significant tool to combat spam, they are not an anti-spam technology as such because they only check a sending machine's name and address, not whether the sender is a spammer or if the message contents are spam. Simple DNS tests are a weak technology because that can indicate a problem for a variety of completely legitimate reasons thus are not necessarily indicative of spam.
| First generation |
Second generation |
Third generation |
| Basic MTA controls |
Realtime Black Lists (RBLs) |
Artificial intelligence |
| While lists and black lists |
Signature networks |
Machine learning |
| Keyword searching |
Bayesian filtering |
- |
| Message envelope tests |
- |
- |
| Message header tests |
- |
- |
| Simple DNS tests |
- |
- |
Anti-spam technology - the second generation
Realtime Black Lists and signature networks are second-generation anti-spam technologies, because they are not a simple reuse or extension of pre-existing MTA features for anti-spam purposes. Second generation anti-spam technologies exist purely for the purpose of stopping spam and are vastly improved compared with prior methods.
Realtime Black Lists (RBLs)
Although they are technically a DNS test when based on Internet addresses rather than domain names, RBLs were the first true anti-spam technology. The concept behind RBLs is simply to maintain a list of the Internet addresses that send spam and block them from further transmission.
The technology has some effect but can be easily circumvented through a variety of means such as changing IP addresses or relaying messages through a third party not previously identified as a spammer. Similarly, domain names can be easily acquired, spoofed, or fabricated so that a spammer's sending domain cannot be depended upon to detect spam.
[There are also some vigilante RBLs out there that will block a domain or IP address with a single complaint. We've found that some RBLs actively block email from IBM, Lotus, Microsoft, and even DominoPower simply because they don't agree with our message or, in the case of Microsoft, their product directions and choices. -- Editor]
Signature networks
These are a significant and relatively new technology to combat spam. The concept of a signature network is to collect and identify spam messages by generating a unique 'signature' that can be used to identify a given message. Since spam messages are sent in bulk (many copies of the same message) this approach, if supported by a sufficient sample of spam messages, can stop a significant percentage of spam. Nonetheless, the concept depends upon the timeliness of the signature network's operation since spam must first be received somewhere in order for a signature to be generated.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
-- Advertisement --
Learn Notes and Domino 8 at your place and pace!
Learn Notes and Domino in your office and/or home! TLCC's highly acclaimed distance learning courses for users, developers, and admins will enhance your career and your resume.
The many included activities and demos will make you a pro! Expert instructor help is a click away.
Click here to try a FREE demo course!! |
-- Advertisement --
Struggling with exporting Notes data to spreadsheets? No More!
Try IntelliPRINT, The world's leading Reporting, Dashboards, and Analysis solution for Notes & Domino
- Don't spend unproductive time maintaining different versions of the same spreadsheet
- Preserve data integrity and security in multi-user environments
- Create reports in minutes INSIDE Notes
- Get freedom from iterative report requests, deliver self-serve capabilities
Experience Reporting, Dashboards, and Analysis INSIDE Notes.
Try IntelliPRINT NOW! |
|
|
|
|
|
|
|
|
|
|
