Print
Discuss
Send to friend
RSS feedsAt the start of 2004, Bill Gates made a rash promise: with Microsoft’s might, the problem of spam could be elminated in two years.
We’re all used to Microsoft’s deadlines slipping, but a solution to the problem of spam seems further off than ever.
The number of junk messages has increased, filtering techniques that seemed to catch most of the rubbish a couple of years ago no longer work, and many of us spend more time than ever filtering the junk from our mailboxes.
Are there any new technologies we could adopt to help us win back control of our inboxes? Is the solution to take on the spammers in the courtroom? Or should we bite the bullet and admit that internet email just wasn’t designed to protect us from the chancers, scammers and crooks?
Some even say the open standards that underpin the internet’s email system should be replaced with a next-generation alternative that can keep the spammers at bay.
We’ll take a look at why there’s so much junk, the best ways you can keep on top of it, and explain some of the tactics you can use to help play a part in the battle against spam.
Why spam?
While you may never have met anyone who has been taken in by the claims in junk
email, they do exist. And with millions of copies of each mail sent at near zero
cost, it only needs a few people to fall for a scam to make it profitable.
Even legitimate companies sometimes believe bulk email is a reasonable marketing tactic: often ending up themselves the unwitting dupes of less scrupulous mailing companies. If you receive unsolicited email at a personal address from a company in the UK, call them on the phone and politely tell them you won’t be buying or recommending their products – as we’ve found out, it can make a difference.
Zombie hordes
Spam hasn’t suddenly become more profitable, however; one of the reasons there’s
so much more spam around now is the sheer number of users with broadband
connections and, on top of that, the number who are running systems that don’t
have adequate protection against security threats.
When spam first appeared, most mail servers on the internet would happily accept and pass on just about any email. SMTP (Simple Mail Transfer Protocol) was orginally designed for this specific purpose, to enable you to easily send and relay email via any convenient SMTP server – there is no built-in authentication mechanism in SMTP. As this convenience started to be abused, the majority of such ‘open relays’ were eventually closed.
So, nowadays a mail server typically receives email only for the addresses it actually manages, or for which it is a backup. And servers have other protection too, such as a maximum number of recipients or connections from one source. So, a spammer can no longer find an open SMTP relay and just fire millions of messages at it, leaving it to deliver them in its own time.
Instead, a lot of spam is sent directly to the receiving mail server for each address; that means connecting to many different servers around the world. If it all had to be done from one place, it would take time to do, not to mention eat up a fair bit of bandwidth – the sort of activity that can be easily spotted by an ISP monitoring its network.
Thanks to broadband, and the ropey security on many home computers, this problem is solved by so-called ‘bot nets’ – networks of compromised PCs (known as ‘zombie’ PCs) that can be remotely controlled, and used to send spam without the owner even realising. With thousands of machines sending messages, from all over the world, it’s harder to spot a pattern to the traffic, and the spammers can reach many recipients in a very short time.
All Hacking and Cyber-crimeTags: Spam
del.icio.us
Digg this
reddit!
