SPAM

What is spam?

Spam is excessive and unwanted multi-posting of messages. This spam is sent through Usenet via email, or using some other mechanism. Spam is commercial in nature e.g. offering goods or services for sale, or trying to get you to visit a pay-for-use website. The criterion of spam is quantity not quality or content.

It includes-

1. Advertisements
2. Pyramid schemes (MLM)
3. Giveaways
4. Chain letters
5. Political emails
6. Stock market advice
7. One-time notices

Other definitions of spam-

1. Excessive multi-posting (EMP): Posting the same message 40 times to one news group is spam.
2. Excessive cross-posting (ECP): Posting the same message to 40 related newsgroups is spam.
3. Unsolicited commercial email (UCE): It involves sending a single message to one or more recipients, who have not requested the information.
4. Trolling: Trolling is the act of posting a deliberately provocative message with the express intent of starting a flame war. The message is often cross-posted to several newsgroups in order to increase the confusion.

How is spam sent?

Spam is sent from-

1. Individual computers that have been infected with a virus. They connect to the internet and download lists of email addresses and start sending an out spam.
2. Misconfigured email servers (open relay). Some people setup or reconfigure mail servers incorrectly and receive mail from anyone and then redeliver it. Spammers like these type of servers. These servers are usually on high speed internet connections so the spammer can send more spam quickly.

Some ISP's are spammer-friendly. They are willing to take payment to setup servers and even offer to change IP addresses when those IP's get blacklisted. Spammers may also buy mail server services from ISP's using stolen credit card details.

According to the Federal Trade Commission (FTC), the United States's consumer protection agency, spammers can compromise computers in several ways depending on what kind of internet connection one has. All computers connected to the internet are potential targets, but those with broadband connection are especially attractive to spammers because they are always on. Spammers scan the internet, searching for points of entry and then install hidden software that allows remote access to data and programs. That, in turn, allows the spammer to send message from Remote access software also which can be installed by a virus: a spammer sends email with a virus in the attachment. If one opens the infected attachment, a virus is released that install the hidden software. The person who sends the virus now can access the data and programs on your computer, or take over many computers and use to send spam. It can be very difficult to tell if a spammer has installed hidden software on a specific computer, but there are some warning signs. For example, you may receive emails accessing you of sending spam; you may find email messages in your "outbox" that you didn't send; or your computer is using more power than it has in the past to run the programs you use.

How do spammers get victims' addresses?

To send spam mail to Usenet is very easy. A list of Usenet newsgroups is readily available, and all a spammer has to do is getting posting. Email spammers collect the list of email addresses from someone else who has already collected them.

Some of the ways that email addresses are harvest-

1. By examining the headers and the contents of messages posted to Usenet.
2. By examining the contents of pages on the World Wide Web.
3. By setting up one or more web sites and tricking visitors into revealing their e-mail addresses.

The negative consequences of spam-

1. It consumes Internet resources. A spam will block mail servers, making all emails slow and burdening the ISP.
2. It reduces the effectiveness of reasonable advertising.
3. It raises costs for everyone who uses the Internet.
4. It exposes children to inappropriate material.
5. It wastes people's time.
6. This costs the world's economy billions of dollars per year in lost productivity.
7. It threatens the utility of email as a form of communication.

How to avoid spam?

Although it is difficult to stop, there are a few things that one can do to minimize the amount of spam he receives.

1. Use an email client that supports "DNS Blacklisting".
2. Only supply your email address to a company if it is absolutely necessary.
3. Do not enter contests. The only prize you might win is a mailbox full of spam.
4. Use two email accounts. Use one account for all, purchasing, newsletters, marketing lists, chat rooms. The second account should be for all personal use.
5. Do not unsubscribe from spam. Spam often contains an unsubscribe link. This link is there to get you to verify your address and usually gets you even more spam.
6. Don't give out other people's email address. Sometimes web sites will ask you to refer others to them. Do not do this unless you have permission from the addressee.
7. Don't forward chain letters. Spammers collect email addresses from them.
8. Spammers can obtain addresses by patrolling forums, white page sites, chat ooms, and bulletin boards. Try to keep your email address off the Internet.
9. Don't use your real address when posting to Usenet.

The commonest types of spam-

1. Adult content:-This category of spam includes offers for products designed to increase or exchange sexual potency, links to porn sites & advertisements for pornography etc. Innocent students and teenage people are mentally disturbed by these type of spam mails. They are easily loose their attention on their studies and they are using their loneliness to read like these mails. So by these mails they would loose many things in their life.
2. Health and medicine:-This category includes advertisements for weight loss, skin care, posture improvement, cures for baldness, dietary supplements, non­ traditional medication etc. which can all be bought on-line.
3. Information Technology:-This category includes offers for low-priced hardware and as well as services for web site owners such as hosting, domain registration, web site optimization and so on.
4. Personal finance:-Spam which falls into this category offers insurance, debt reduction services, loans with low interest rates etc.
5. Education:-This category includes offers for seminars, training, and on-line degrees.
6. Political spam:- This category includes mudslinging or political threats from extremist and possible terrorists.

Types of spam filters-

We are flooded with information and too much of anything is useless. So, it is necessary to avoid it or filter it. The following are the some spam filters currently available.

1. False Positive:- False positive means the spam filter identifies a innocent message as spam.
2. False Negative:- False Negative means the spam filter fails to Identify a spam message as spam.
3. Ideal:- Ideal means the spam filter produces zero false positive and zero false negative. This is impossibility, but some filters set up correctly.

a. Content based filters-

It is a traditional type of filter. It simply analyses the message subject, headers, and content looking for kill words or phrase, or other indicators of spam. Over the years, spammers have been aware that their messages were being killed by these content filters and they creating more tricks to fool the content filters.

b. Bayesian filters-

Bayesian Filters are filters that are based on probability. Bayesian filters have to be trained from good and bad emails. During training they extract tokens and store them in a database when analyzing a new message is split into tokens and store them in a database when analyzing a new message, the message is split into tokens and each token is given a value according to the following criteria.

1. The frequency of the token in spam messages that the filter has been trained on.
2. The frequency of the token in good messages that the filter has been trained on.
3. The number of spam messages the filter has been trained on. The number of good messages the filter has been trained on.

Some current Bayesian based filters are returning very impressive detection rate with minimum false positive or false Negatives.

c. Whitelist / Blacklist filters-

These are very basic type of filters. But nowadays are rarely used, but are still used as part of an integrated filtering system. White list filters will not accept email from any address unless it is a list of known good email address. Blacklist filters will allow messages from any address unless the address is on a list of known bad sources. Blacklist can be stored and administered on a local system or referred via the internet. Blacklist available on the internet are referred to as real-time black hole list.

d. Challenge and Response filters-

Challenge and response filters are characterized by their ability to automatically send a response to an unknown sender asking them to take some further action to ensure their message will be received. This is often referred to as a Turing Test. Recent years have seen the appearance of some Internet services which automatically perform this Challenge and Response functions for the user and require the sender of an email to visit their website to facilitate the receipt of their message.

e. Community filters-

This type of filters work on the principal of communal knowledge of spam. These types of filters communicate with a central server. When a user receives a spam message, they simply mark it as spam. This information is posted to the central server where a finger print of the message is added to the database. When enough people have voted the message as spam, it will be blocked from user's inboxes in the future.

f. Server based filters-

These are usually only used in a corporate or business environment rather than in the home. All mails arrives at a center server where it is filtered by server based filter and Individual users collect their messages on their desktop from the central server.

Conclusion

It must be noted that the perfect spam filter has not been invented yet.

References-

http://www.stopspam.org/
http://www.mail-abuse.org/
http://www.spamcop.org/