| |
| |
Acknowledgments | |
| |
| |
Introduction | |
| |
| |
Preparing for the Fight | |
| |
| |
Forming Your Plan Against Spam | |
| |
| |
A Brief History of Spam | |
| |
| |
Why the Word Spam? | |
| |
| |
The Basics of Fighting Spam | |
| |
| |
Traditional Methods--Filtering by Keyword | |
| |
| |
Open-Relays and Blacklists | |
| |
| |
Advanced Methods and Why They Work | |
| |
| |
Trends Forming Around Spam Legislation | |
| |
| |
Developing E-Mail Policies | |
| |
| |
Organizing Everything | |
| |
| |
Developing an E-Mail Policy | |
| |
| |
Establishing a Resource Plan (Identifying Systems) | |
| |
| |
Conduct Testing and Refinement | |
| |
| |
Spotting Problems Before They Happen | |
| |
| |
Advanced Topics and Cross-Pollination | |
| |
| |
Summary | |
| |
| |
Goals and Criteria for Evaluating Spam Control Solutions | |
| |
| |
The Mail Flow Architecture | |
| |
| |
The Digital You: Authentication and Repudiation | |
| |
| |
Goals of a Robust Mail Control System | |
| |
| |
Restrict Access to Your E-Mail Identities | |
| |
| |
Identify the Spammers | |
| |
| |
Identify the Spam | |
| |
| |
Select the Best Locations | |
| |
| |
Select the Best Tools | |
| |
| |
Select for Operational Ease | |
| |
| |
Bringing It All Together | |
| |
| |
Selecting Mail Control Components | |
| |
| |
Breadth (All Forms of Mail-borne Content Filtered) | |
| |
| |
Depth (Multiple Techniques Used at Multiple Points) | |
| |
| |
Impact | |
| |
| |
Operation | |
| |
| |
Specific Criteria in Selecting Anti-Spam Solutions | |
| |
| |
Summary | |
| |
| |
Methods for Mail Content Control | |
| |
| |
Building on a Historical Basis | |
| |
| |
RFC 2505--SMTP and MTA Best Practices | |
| |
| |
RFC 2635--An Explanation for Why Spam Is Harmful | |
| |
| |
RFC 3098--A Discussion of Responsible Internet Advertising | |
| |
| |
Analyzing Spam | |
| |
| |
Analysis That Targets the Content of the Message | |
| |
| |
Analysis That Targets the Sender or Intermediaries | |
| |
| |
Analysis That Targets the Benefactor | |
| |
| |
New Approaches to Circumvent Advanced Spam Filtering | |
| |
| |
Summary | |
| |
| |
Anti-Spam Implementation Strategies | |
| |
| |
Choosing the Right Solutions | |
| |
| |
Key Factors That Affect Your Decision | |
| |
| |
Recommendations on Solution Robustness | |
| |
| |
Policy Recommendations | |
| |
| |
Technical Recommendations | |
| |
| |
Spam Solutions Covered in this Book | |
| |
| |
Subscriptions to Network-Based Blacklists | |
| |
| |
Client-Based Spam Filtering | |
| |
| |
Server-Based Spam Systems | |
| |
| |
Gateway-Based Spam Systems | |
| |
| |
Provider-Based Spam Systems | |
| |
| |
Summary | |
| |
| |
Building Your Anti-Spam Arsenal | |
| |
| |
Blocking Spammers with DNS Blacklists | |
| |
| |
Understanding DNS Blacklists | |
| |
| |
Types of DNSBLs | |
| |
| |
Criteria for DNS Blacklists | |
| |
| |
Adding or Removing Entries from a DNS Blacklist | |
| |
| |
Choosing a DNS Blacklist | |
| |
| |
Mail Abuse Prevention System (MAPS) | |
| |
| |
How MAPS Works | |
| |
| |
Subscribing to MAPS | |
| |
| |
SpamCop | |
| |
| |
How SpamCop Works | |
| |
| |
Subscribing to SpamCop | |
| |
| |
Open Relay Database (ORDB) | |
| |
| |
How ORDB Works | |
| |
| |
Subscribing to ORDB | |
| |
| |
Distributed Server Boycott List (DSBL) | |
| |
| |
How DSBL Works | |
| |
| |
Subscribing to DSBL | |
| |
| |
Spamhaus | |
| |
| |
How Spamhaus Works | |
| |
| |
Subscribing to Spamhaus | |
| |
| |
Not Just Another Bogus List (NJABL) | |
| |
| |
How NJABL Works | |
| |
| |
Subscribing to NJABL | |
| |
| |
RFC Ignorant (RFCI) | |
| |
| |
What Makes Someone RFC Ignorant? | |
| |
| |
Subscribing to RFCI | |
| |
| |
Implementing DNSBLs Within Sendmail | |
| |
| |
Configuring Sendmail for IP-Based DNSBLs | |
| |
| |
Configuring Sendmail for Domain-Based RHSBLs | |
| |
| |
Implementing DNSBLs with Postfix | |
| |
| |
Configuring Postfix for IP-Based DNSBLs | |
| |
| |
Configuring Postfix for Domain-Based RHSBLs | |
| |
| |
Implementing DNSBLs with Microsoft Exchange | |
| |
| |
Exchange 2000 | |
| |
| |
Exchange 2003 | |
| |
| |
Summary | |
| |
| |
Filtering Spam with SpamAssassin | |
| |
| |
Dossier of a Spam Assassin | |
| |
| |
SpamAssassin = Spam Detective | |
| |
| |
SpamAssassin Rules! | |
| |
| |
SpamAssassin Scores! | |
| |
| |
Killer Features | |
| |
| |
SpamAssassin Gone Commercial | |
| |
| |
Installing SpamAssassin | |
| |
| |
Software and Hardware Requirements | |
| |
| |
Before You Start | |
| |
| |
Installing the Easy Way: From CPAN | |
| |
| |
Installing the Less Easy Way: From Tarball | |
| |
| |
Installing from the Edge: CVS | |
| |
| |
Other Ways to Install | |
| |
| |
Understanding SpamAssassin's Components | |
| |
| |
The spamassassin Utility | |
| |
| |
The Spamd Daemon | |
| |
| |
The Spamc Client | |
| |
| |
The local.cf Configuration File | |
| |
| |
The user_prefs Configuration File | |
| |
| |
Configuring SpamAssassin | |
| |
| |
Per-User Configuration | |
| |
| |
Site-Wide Configuration | |
| |
| |
Spamd Configuration | |
| |
| |
An Introduction to SpamAsssassin's Output | |
| |
| |
Looking at a Message | |
| |
| |
Is This the Only Option? | |
| |
| |
Summary | |
| |
| |
Catching Spam with SpamAssassin's Bayesian Classifier | |
| |
| |
Implementing SpamAssassin's Bayesian Classifier | |
| |
| |
Looking at SpamAssassin's Bayes-Related Files | |
| |
| |
SpamAssassin's Bayes Rules | |
| |
| |
Automated Learning | |
| |
| |
Training SpamAssassin's Bayesian Classifier | |
| |
| |
Giving sa-learn Input | |
| |
| |
Training with Ham | |
| |
| |
Training with Spam | |
| |
| |
Correcting Mistakes | |
| |
| |
Bayes Database Expiration | |
| |
| |
Getting Bayes Statistics | |
| |
| |
Implementing Bayes System-Wide | |
| |
| |
Bayesian Learning Caveats | |
| |
| |
Summary | |
| |
| |
Enhancing and Maintaining SpamAssassin | |
| |
| |
Creating Your Own Rules | |
| |
| |
Where to Create and Modify Rules | |
| |
| |
Components of a Rule | |
| |
| |
Building a Rule | |
| |
| |
Testing the Rule | |
| |
| |
Whitelisting and Blacklisting | |
| |
| |
trusted_networks | |
| |
| |
whitelist_to | |
| |
| |
more_spam_to | |
| |
| |
all_spam_to | |
| |
| |
Localizing | |
| |
| |
ok_locales | |
| |
| |
ok_languages | |
| |
| |
Using MIMEDefang with SpamAssassin | |
| |
| |
MIMEDefang and SpamAssassin | |
| |
| |
MIMEDefang Requirements | |
| |
| |
Using amavisd-new with SpamAssassin | |
| |
| |
amavisd-new and SpamAssassin | |
| |
| |
amavisd-new Requirements | |
| |
| |
Using SpamAssassin as a Gateway to Another Mail Server | |
| |
| |
Summary | |
| |
| |
Configuring Popular E-mail Clients for Spam Filtering | |
| |
| |
Configuring Spam Filters on Eudora | |
| |
| |
Watching for Spam with Eudora's SpamWatch | |
| |
| |
Turning On Eudora's SpamWatch | |
| |
| |
Tweaking Eudora's SpamWatch | |
| |
| |
Training Eudora's SpamWatch | |
| |
| |
Configuring Spam Filters on Mozilla Mail | |
| |
| |
Mozilla's Junk Mail Controls | |
| |
| |
Using Mozilla Message Filters with SpamAssassin | |
| |
| |
Configuring Spam Filters in Outlook Express | |
| |
| |
Blocking Senders in Outlook Express | |
| |
| |
Using OE Message Rules with SpamAssassin | |
| |
| |
Configuring Spam Filters on Outlook | |
| |
| |
Configuring Outlook's Junk and Adult Content E-mail Filters | |
| |
| |
Using Outlook Message Rules with SpamAssassin | |
| |
| |
Summary | |
| |
| |
Implementing Other Popular Anti-Spam Tools | |
| |
| |
Anti-Spam Clients for Windows | |
| |
| |
SpamBayes | |
| |
| |
How It Works | |
| |
| |
Installing SpamBayes | |
| |
| |
User Knowledge and Machine Learning | |
| |
| |
SpamPal | |
| |
| |
How It Works | |
| |
| |
Installing SpamPal | |
| |
| |
Controlling the World Through Lists | |
| |
| |
SpamCatcher | |
| |
| |
How It Works | |
| |
| |
Installing SpamCatcher | |
| |
| |
Making Contact with the SpamCatcher Network | |
| |
| |
Lyris MailShield Desktop | |
| |
| |
How It Works | |
| |
| |
Installing MailShield Desktop | |
| |
| |
Manipulating MailShield to Suit Your Needs | |
| |
| |
SPAMfighter | |
| |
| |
How It Works | |
| |
| |
Installing SPAMfighter | |
| |
| |
Configuring SPAMfighter | |
| |
| |
SpamButcher | |
| |
| |
How It Works | |
| |
| |
Installing SpamButcher | |
| |
| |
Butchering Spam | |
| |
| |
iHateSpam | |
| |
| |
How It Works | |
| |
| |
Installing iHateSpam | |
| |
| |
Turning iHate to Action | |
| |
| |
SpamNet | |
| |
| |
How It Works | |
| |
| |
Installing SpamNet | |
| |
| |
Netting Spam with SpamNet | |
| |
| |
KnockKnock | |
| |
| |
How It Works | |
| |
| |
Installing KnockKnock | |
| |
| |
Knocking on a Spammer's Door | |
| |
| |
Knocking KnockKnock | |
| |
| |
POPFile | |
| |
| |
How It Works | |
| |
| |
Installing POPFile | |
| |
| |
POP Goes the Spammers | |
| |
| |
Anti-Spam Servers for Windows | |
| |
| |
iHateSpam Server Edition | |
| |
| |
How It Works | |
| |
| |
Installing iHateSpam | |
| |
| |
Hating Spam in the Enterprise | |
| |
| |
GFI MailEssentials | |
| |
| |
How It Works | |
| |
| |
Installing GFI MailEssentials | |
| |
| |
Configuring the Essentials | |
| |
| |
Trend Micro Spam Prevention Service | |
| |
| |
How It Works | |
| |
| |
Installing SPS | |
| |
| |
Anti-Spam Tools for Macs | |
| |
| |
PostArmor | |
| |
| |
How It Works | |
| |
| |
Installing | |
| |
| |
Use Your Armor! | |
| |
| |
POPmonitor | |
| |
| |
How It Works | |
| |
| |
Installing | |
| |
| |
Operating POPmonitor | |
| |
| |
Spamfire | |
| |
| |
How It Works | |
| |
| |
Installing | |
| |
| |
Firing Up the Spammers | |
| |
| |
MailGoGoGo | |
| |
| |
How It Works | |
| |
| |
Installing | |
| |
| |
Getting Spam to Go Go Go... | |
| |
| |
Mail Gone, Gone, Gone | |
| |
| |
Summary | |
| |
| |
Anti-Spam Tools for Linux | |
| |
| |
Vipul's Razor | |
| |
| |
Examining the Razor | |
| |
| |
Downloading and Installing Razor | |
| |
| |
Using Razor | |
| |
| |
Distributed Checksum Clearinghouse | |
| |
| |
Welcome to the Clearinghouse | |
| |
| |
Downloading and Installing DCC | |
| |
| |
Running DCC | |
| |
| |
Bogofilter | |
| |
| |
Installing Bogofilter | |
| |
| |
Running Bogofilter | |
| |
| |
SpamBayes | |
| |
| |
Installing SpamBayes | |
| |
| |
Using SpamBayes | |
| |
| |
Quick Spam Filter | |
| |
| |
Downloading and Installing QSF | |
| |
| |
Running QSF | |
| |
| |
The SpamBouncer | |
| |
| |
Installing and Configuring the SpamBouncer | |
| |
| |
What You'll See | |
| |
| |
A Pleasant Surprise | |
| |
| |
Summary | |
| |
| |
Stopping Spam in the Long Term | |
| |
| |
Know Your Enemy | |
| |
| |
Profile of an "E-mail Direct Marketer" | |
| |
| |
Spam Tools | |
| |
| |
The Purveyors of Spam | |
| |
| |
Getting to Know the Product (Spam) | |
| |
| |
Anatomy of an E-mail Header | |
| |
| |
Spam Examples | |
| |
| |
Red Alert: Reporting Known Spammers | |
| |
| |
Direct E-mail | |
| |
| |
DNS Blacklists | |
| |
| |
Update Your Own Anti-Spam Tool | |
| |
| |
Summary | |
| |
| |
Advanced Topics and Fine Tuning | |
| |
| |
The Black, the White, and the Grey | |
| |
| |
Roll-Your-Own Blacklist | |
| |
| |
Blacklisting with a Bite | |
| |
| |
What in the World Is Greylisting | |
| |
| |
The Complete MX Relay Defense | |
| |
| |
Defense by Disguise | |
| |
| |
Use Graphics Instead of Text | |
| |
| |
Use the HTML ASCII Equivalence | |
| |
| |
Use a Scripting Language (JavaScript) | |
| |
| |
Spam-bots and How They Work | |
| |
| |
Harvesting with Our Perl Reaper | |
| |
| |
Spam-bots Patented: the End of the World Must Be Near... | |
| |
| |
What Is the Robots.txt File | |
| |
| |
Where Can I Get More Info on Robots? | |
| |
| |
Siphoning a 55-Gallon Drum of Spam | |
| |
| |
Reversing the Spam-bot Spigot | |
| |
| |
The Reverse Dictionary Defense | |
| |
| |
The DDoS Detection Defense | |
| |
| |
What to Send Once You've Identified Them | |
| |
| |
Summary | |
| |
| |
Fighting Spam Defensively | |
| |
| |
Win Before Fighting | |
| |
| |
E-mail Addresses | |
| |
| |
Challenge/Response: The Next Weird Thing | |
| |
| |
Future Spam-Fighting | |
| |
| |
Keeping Your Own House Clean | |
| |
| |
Open Relays | |
| |
| |
Securing Your Resources | |
| |
| |
Spyware: Another Spam Pathway | |
| |
| |
Pop-ups: The New Spam | |
| |
| |
True Spyware | |
| |
| |
Anti-Spyware Tools | |
| |
| |
Summary | |
| |
| |
Glossary: Definitions and Acronyms | |
| |
| |
Selected Anti-Spam Resources | |
| |
| |
E-mail and Spam-Related RFCs | |
| |
| |
Papers, Whitepapers, and Treatises | |
| |
| |
Spam and the Law | |
| |
| |
DNS Blacklists | |
| |
| |
SpamAssassin Resources | |
| |
| |
E-mail Clients | |
| |
| |
E-mail Servers | |
| |
| |
Anti-Spam Client Tools for Windows | |
| |
| |
Anti-Spam Servers for Windows | |
| |
| |
Anti-Spam Tools for the Macintosh | |
| |
| |
Anti-Spam Tools for Linux | |
| |
| |
Other Tactics and Tools | |
| |
| |
U.S. Government Sites Concerning Spam | |
| |
| |
About the CD-ROM | |
| |
| |
How to Use the CD-ROM | |
| |
| |
Anti-Spam Tools on the CD | |
| |
| |
Links to Additional Tools | |
| |
| |
Problems with the CD | |
| |
| |
Index | |