Defending your site against spam

Monday, 30 June 2003, 1:44 PM EST

Like so many other people out on the Internet, I get unsolicited commercial email or "spam". Until recently, I could handle spam by just deleting it or using email aliases. Unfortunately, my server was rendered useless by a spam attack launched by an unknown spammer. The experience forced me to improve my spam defenses. In two articles, I will share the research and results of my effort to implement an anti-spam system. In this first installment, I will briefly cover various anti-spam systems and the system I chose, a network level defense. In the next installment, I'll dig deeper into the details of an implementation with qmail. (The information is general enough that it could be applied to other email systems such as Postfix or Sendmail.)

Let's begin by covering the current state of the anti-spam world. Since spam is such a widespread problem, there have been an increasing number of anti-spam measures devised in the last four years. Some measures involve legislation, some techniques require large groups of people, and some are simple techniques that individuals can use. I will cover some of the more popular defenses that individuals or administrators can implement on their own as well as mention a few of the up-and-coming systems. None of these systems is perfect. I do not claim that any of these will work without a hitch.

[ Read more ]

Related items


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th