- Nokia's new N97 vs. the iPhone
- 10 Microsoft research projects
- Hard to get justice in MySpace case
- Smartphone smackdown: Storm vs. iPhone
- Apple removes antivirus support page
Spam is a continually evolving threat. Randomized image spam is just the latest mutation in a long line of techniques used by spammers to thwart the defenses put in place by the antispam community. What's different about image spam is that most traditional antispam techniques have failed to offer an effective means to thwart it.
Consequently, the volume of image spam has increased. Because image-spam messages tend to be larger than traditional spam, more network and disk use must be devoted to them. Understandably, this is an alarming turn of events, but there is no reason to be overly concerned by the image-spam threat if you have the correct reactive solution in place at the edge of your network.
To combat image spam successfully, a product requires three capabilities. First, it must block unwanted messages as soon as possible. The blocking system must use IP address-based reputation and SMTP behavior to decide whom to block and whom to let through. The reputation system must understand how a particular sending IP address behaves in a global context and adapt in real time to changes in sending behavior. Using these connection-management techniques, as much as 80% of inbound spam can be stopped before it places a load on your network and e-mail systems.
Second, the product must identify suspected messages as spam. Systems that rely on lexical analysis of messages fall short, because there is no consistent text in image-based spam. Systems that rely on matching similar messages throughout a collection system also fall short, because no two image-spam messages are identical. In addition, some antispam mechanisms use optical character recognition techniques to try to extract text from image-spam messages.
Unfortunately, the overhead and accuracy required renders this solution ineffective for most companies. To be effective, an antispam solution must observe the behavior of message senders and the messages they send in a global context, identifying patterns of behaviors for these senders and separating legitimate senders and messages from spammers and spam.
Finally, the product needs controls that allow users to select what they believe to be legitimate messages and those that are spam. No solution, however sophisticated, can stop 100% of spam without eventually stopping a piece of legitimate mail. An edge e-mail hygiene solution should allow users to manage the messages that have been identified as potential spam.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (2)
Image SPAM removal in OutlookBy Anonymous on December 6, 2006, 2:03 amAlthough I know my solution is incomplete because it generates false positives, I've created a macro in Outlook which checks the HTMLbodypart for the string cid:...
Reply | Read entire comment
Image-based spam is not a nightmare facing enterprise networksBy Security on December 4, 2006, 9:32 amPatrick Peterson, IronPort Systems, says image spam is a major issue. John Veizades of Mirapoint disagrees. Read what they have to say, then jump in with your comments...
Reply | Read entire comment
View all comments