Email Tips and Suggestions - Defend Against Spam

by VeronicaCarrillo

A good portion, if not the majority of email traffic on the internet today is spam related. The subject matter of spam emails can include discounted Viagra, inexpensive Rolex watches, a surprise inheritance and any other type of scam imaginable. If your email address is more than a few years old or even only a few months, it is inevitable the spam will find its way into your in-box. You are not without hope though. The following tips and suggestions can help alleviate the influx of spam email messages.

The paper will provide an analysis of many modern anti-anti-spam techniques, accompanied by statistical reports and real-life examples. It will also outline some possible approaches to combat these often highly effective and thus increasingly 'popular' spam techniques. Although Internet spamming has been with us since as early as 1978 it first became more than a minor annoyance around September 1993, when America Online released AOL for Windows and the exponential expansion of the Internet began. At first, and for years subsequently, Usenet- and then email-based spam was very simple, consisting of unvarying ASCII messages sent from a limited number of IP addresses. Such simple 'plain text' spam required correspondingly unsophisticated approaches to blocking it. Content-based techniques such as keyword scanning and straightforward hashes (or 'signatures') over the message body were very effective, and at the connection level IP blocklist pioneers such as Spamhaus and MAPS helped turn spammers away before they could even ring the doorbell.

If you are signed up with one of the many free email providers, be sure to enable any provided spam filtering services. If you download your emails to an email client on your computer like Outlook or Outlook Express, consider installing spam filtering software that integrates with Outlook and other email clients.

In a business environment, email services are often hosted in house or outsourced. An organization or business may also want to standardize their email address format in a way that makes it harder for spammers to guess or discover legitimate email addresses.

Another good option for organizations that have a high volume of inbound emails is to enlist with an external to the organization spam filtering gateway service. This type of service receives all inbound emails and filters it before passing it on, majority spam free, to the final destination. An alternative to an external gateway spam filtering service would be to install spam filtering capabilities internally.

Image spam is arguably the ultimate in text obfuscation: spammers can say whatever they want without fear of triggering even the most sophisticated ASCII-based text filters. And straightforward hashes over the attachment body are prevented by (thus far) simple randomization of the image content, such as changing the compression level, adding faint dots in random locations within the image, rotating the image slightly in either direction, offsetting the actual content of the image within the frame around it, randomly changing font styles, sizes and colours, randomly chopping up the image and reassembling with HTML, and so on. There are far more ways to obfuscate image spam than text spam, and given the range of image effects available even in consumer-level image processing tools it is clear that the possible combinations are as good as infinite, with only little impact on the readability of the text. There are numerous other challenges that must be surmounted in order to recognize and thus block image spam. First, the email often looks, at a source-code level, identical to a legitimate email containing only an attached image. In fact, a large portion of the image spam we analyse seems to have been created by first composing the email with a dummy image attached in Outlook Express or other popular mail user agent, then simply replacing the attachment with a randomly altered image and providing a random subject line, each time the message is mailed. This means the headers, the MIMEstructure and the enclosed HTML are entirely consistent with legitimate emails, and so there are no spam signs upon which to base detection other than the image itself and the IP address from which it originated. A seemingly promising approach to the problem is, of course, employing optical character recognition to turn the rasterized text back into ASCII so it could then be scanned with existing text-based technologies. While theoretically appealing, this is unlikely to be a sustainable approach in practice. Though OCR technology has advanced a great deal in recent years the main focus of development has been on improving recognition of stable and reasonable inputs, such as printed material and handwriting. These inputs are designed to be readable (by humans, at least) and more or less consistent, and typeface designers have significant incentive to make their creations more accessible to OCR software. For spammers, on the other hand, the incentive is precisely the opposite. The moment anti-spam filters begin employing OCR to pre-process image spam (and a SpamAssassin plug-in already exists to do just that, though it's still in a fairly early stage of development at the time of writing), spammers will begin to manipulate their images in such a way as to make this harder to do, i.e. by further obfuscating the content. Given the myriad ways in which this is possible, and given the sensitivity of current OCR technology to unexpected input, it is difficult to envisage this approach being sufficiently reliable to justify the research and development investments required. Even if a full OCR-based analysis of an image proves impractical, there are a variety of other, less fragile approaches that should be considered. A great deal of information can be easily and quickly extracted from image headers, for example, that can provide valuable clues as to the 'spamminess' of the image in question. Perhaps the most valuable of these is the compression level of the image, which can be expressed as the number of bytes required to represent all the pixels present. Generally speaking, the more complex the image in terms of texture, the less compressible it is, whereas images with large areas of very similar colours tend to compress well. Since the great majority of the spam images currently consist of text on a plain background, they exhibit a significantly higher compression level than 'normal' images sent through email (Figure 9), which more often than not are texturally complex photographs or drawings. This can be a very good indicator of the spamminess of an image. If it is judged feasible to decompress the entire image (rather than just extracting the metadata) for further analysis, then another promising technique is to produce a histogram of the unique colours used within the image. Again, normal images tend to exhibit a large number of unique colours, and their frequency distribution is relatively smooth. Spam images consisting of text on a flat background, by contrast, contain few colours, one of which is seen far more frequently than any other, and thus their histograms are often dramatically different from normal images. Once the image is decompressed it becomes possible to perform some of the classic image processing manipulations, such as converting it from the spatial domain to the frequency domain with a Fourier transform. With such processing it may well be possible to differentiate between normal - especially photographic - images (with relatively little very-high-frequency information) and rasterized text images (with a predominance of very-high-frequency information due to the rapid contrast changes where text is present) with a reasonably high degree of accuracy. Converting to the frequency domain before analysis also makes the algorithm less sensitive to such obfuscations as random rotations and faint random speckles added to the background of the image. These and many more image processing techniques may prove valuable in anti-spammers' efforts to remain standing in the latest round of this decades-old competition.

About the Author:

Todo sobre Juegos Mario para gente que le gusta jugar Encontrar un Trabajo Empleo es fcil si sabe dnde buscar