| |
| |
| Acknowledgments | |
| |
| |
| Introduction | |
| |
| |
| Preparing for the Fight | |
| |
| |
| Forming Your Plan Against Spam | |
| |
| |
| A Brief History of Spam | |
| |
| |
| Why the Word Spam? | |
| |
| |
| The Basics of Fighting Spam | |
| |
| |
| Traditional Methods--Filtering by Keyword | |
| |
| |
| Open-Relays and Blacklists | |
| |
| |
| Advanced Methods and Why They Work | |
| |
| |
| Trends Forming Around Spam Legislation | |
| |
| |
| Developing E-Mail Policies | |
| |
| |
| Organizing Everything | |
| |
| |
| Developing an E-Mail Policy | |
| |
| |
| Establishing a Resource Plan (Identifying Systems) | |
| |
| |
| Conduct Testing and Refinement | |
| |
| |
| Spotting Problems Before They Happen | |
| |
| |
| Advanced Topics and Cross-Pollination | |
| |
| |
| Summary | |
| |
| |
| Goals and Criteria for Evaluating Spam Control Solutions | |
| |
| |
| The Mail Flow Architecture | |
| |
| |
| The Digital You: Authentication and Repudiation | |
| |
| |
| Goals of a Robust Mail Control System | |
| |
| |
| Restrict Access to Your E-Mail Identities | |
| |
| |
| Identify the Spammers | |
| |
| |
| Identify the Spam | |
| |
| |
| Select the Best Locations | |
| |
| |
| Select the Best Tools | |
| |
| |
| Select for Operational Ease | |
| |
| |
| Bringing It All Together | |
| |
| |
| Selecting Mail Control Components | |
| |
| |
| Breadth (All Forms of Mail-borne Content Filtered) | |
| |
| |
| Depth (Multiple Techniques Used at Multiple Points) | |
| |
| |
| Impact | |
| |
| |
| Operation | |
| |
| |
| Specific Criteria in Selecting Anti-Spam Solutions | |
| |
| |
| Summary | |
| |
| |
| Methods for Mail Content Control | |
| |
| |
| Building on a Historical Basis | |
| |
| |
| RFC 2505--SMTP and MTA Best Practices | |
| |
| |
| RFC 2635--An Explanation for Why Spam Is Harmful | |
| |
| |
| RFC 3098--A Discussion of Responsible Internet Advertising | |
| |
| |
| Analyzing Spam | |
| |
| |
| Analysis That Targets the Content of the Message | |
| |
| |
| Analysis That Targets the Sender or Intermediaries | |
| |
| |
| Analysis That Targets the Benefactor | |
| |
| |
| New Approaches to Circumvent Advanced Spam Filtering | |
| |
| |
| Summary | |
| |
| |
| Anti-Spam Implementation Strategies | |
| |
| |
| Choosing the Right Solutions | |
| |
| |
| Key Factors That Affect Your Decision | |
| |
| |
| Recommendations on Solution Robustness | |
| |
| |
| Policy Recommendations | |
| |
| |
| Technical Recommendations | |
| |
| |
| Spam Solutions Covered in this Book | |
| |
| |
| Subscriptions to Network-Based Blacklists | |
| |
| |
| Client-Based Spam Filtering | |
| |
| |
| Server-Based Spam Systems | |
| |
| |
| Gateway-Based Spam Systems | |
| |
| |
| Provider-Based Spam Systems | |
| |
| |
| Summary | |
| |
| |
| Building Your Anti-Spam Arsenal | |
| |
| |
| Blocking Spammers with DNS Blacklists | |
| |
| |
| Understanding DNS Blacklists | |
| |
| |
| Types of DNSBLs | |
| |
| |
| Criteria for DNS Blacklists | |
| |
| |
| Adding or Removing Entries from a DNS Blacklist | |
| |
| |
| Choosing a DNS Blacklist | |
| |
| |
| Mail Abuse Prevention System (MAPS) | |
| |
| |
| How MAPS Works | |
| |
| |
| Subscribing to MAPS | |
| |
| |
| SpamCop | |
| |
| |
| How SpamCop Works | |
| |
| |
| Subscribing to SpamCop | |
| |
| |
| Open Relay Database (ORDB) | |
| |
| |
| How ORDB Works | |
| |
| |
| Subscribing to ORDB | |
| |
| |
| Distributed Server Boycott List (DSBL) | |
| |
| |
| How DSBL Works | |
| |
| |
| Subscribing to DSBL | |
| |
| |
| Spamhaus | |
| |
| |
| How Spamhaus Works | |
| |
| |
| Subscribing to Spamhaus | |
| |
| |
| Not Just Another Bogus List (NJABL) | |
| |
| |
| How NJABL Works | |
| |
| |
| Subscribing to NJABL | |
| |
| |
| RFC Ignorant (RFCI) | |
| |
| |
| What Makes Someone RFC Ignorant? | |
| |
| |
| Subscribing to RFCI | |
| |
| |
| Implementing DNSBLs Within Sendmail | |
| |
| |
| Configuring Sendmail for IP-Based DNSBLs | |
| |
| |
| Configuring Sendmail for Domain-Based RHSBLs | |
| |
| |
| Implementing DNSBLs with Postfix | |
| |
| |
| Configuring Postfix for IP-Based DNSBLs | |
| |
| |
| Configuring Postfix for Domain-Based RHSBLs | |
| |
| |
| Implementing DNSBLs with Microsoft Exchange | |
| |
| |
| Exchange 2000 | |
| |
| |
| Exchange 2003 | |
| |
| |
| Summary | |
| |
| |
| Filtering Spam with SpamAssassin | |
| |
| |
| Dossier of a Spam Assassin | |
| |
| |
| SpamAssassin = Spam Detective | |
| |
| |
| SpamAssassin Rules! | |
| |
| |
| SpamAssassin Scores! | |
| |
| |
| Killer Features | |
| |
| |
| SpamAssassin Gone Commercial | |
| |
| |
| Installing SpamAssassin | |
| |
| |
| Software and Hardware Requirements | |
| |
| |
| Before You Start | |
| |
| |
| Installing the Easy Way: From CPAN | |
| |
| |
| Installing the Less Easy Way: From Tarball | |
| |
| |
| Installing from the Edge: CVS | |
| |
| |
| Other Ways to Install | |
| |
| |
| Understanding SpamAssassin's Components | |
| |
| |
| The spamassassin Utility | |
| |
| |
| The Spamd Daemon | |
| |
| |
| The Spamc Client | |
| |
| |
| The local.cf Configuration File | |
| |
| |
| The user_prefs Configuration File | |
| |
| |
| Configuring SpamAssassin | |
| |
| |
| Per-User Configuration | |
| |
| |
| Site-Wide Configuration | |
| |
| |
| Spamd Configuration | |
| |
| |
| An Introduction to SpamAsssassin's Output | |
| |
| |
| Looking at a Message | |
| |
| |
| Is This the Only Option? | |
| |
| |
| Summary | |
| |
| |
| Catching Spam with SpamAssassin's Bayesian Classifier | |
| |
| |
| Implementing SpamAssassin's Bayesian Classifier | |
| |
| |
| Looking at SpamAssassin's Bayes-Related Files | |
| |
| |
| SpamAssassin's Bayes Rules | |
| |
| |
| Automated Learning | |
| |
| |
| Training SpamAssassin's Bayesian Classifier | |
| |
| |
| Giving sa-learn Input | |
| |
| |
| Training with Ham | |
| |
| |
| Training with Spam | |
| |
| |
| Correcting Mistakes | |
| |
| |
| Bayes Database Expiration | |
| |
| |
| Getting Bayes Statistics | |
| |
| |
| Implementing Bayes System-Wide | |
| |
| |
| Bayesian Learning Caveats | |
| |
| |
| Summary | |
| |
| |
| Enhancing and Maintaining SpamAssassin | |
| |
| |
| Creating Your Own Rules | |
| |
| |
| Where to Create and Modify Rules | |
| |
| |
| Components of a Rule | |
| |
| |
| Building a Rule | |
| |
| |
| Testing the Rule | |
| |
| |
| Whitelisting and Blacklisting | |
| |
| |
| trusted_networks | |
| |
| |
| whitelist_to | |
| |
| |
| more_spam_to | |
| |
| |
| all_spam_to | |
| |
| |
| Localizing | |
| |
| |
| ok_locales | |
| |
| |
| ok_languages | |
| |
| |
| Using MIMEDefang with SpamAssassin | |
| |
| |
| MIMEDefang and SpamAssassin | |
| |
| |
| MIMEDefang Requirements | |
| |
| |
| Using amavisd-new with SpamAssassin | |
| |
| |
| amavisd-new and SpamAssassin | |
| |
| |
| amavisd-new Requirements | |
| |
| |
| Using SpamAssassin as a Gateway to Another Mail Server | |
| |
| |
| Summary | |
| |
| |
| Configuring Popular E-mail Clients for Spam Filtering | |
| |
| |
| Configuring Spam Filters on Eudora | |
| |
| |
| Watching for Spam with Eudora's SpamWatch | |
| |
| |
| Turning On Eudora's SpamWatch | |
| |
| |
| Tweaking Eudora's SpamWatch | |
| |
| |
| Training Eudora's SpamWatch | |
| |
| |
| Configuring Spam Filters on Mozilla Mail | |
| |
| |
| Mozilla's Junk Mail Controls | |
| |
| |
| Using Mozilla Message Filters with SpamAssassin | |
| |
| |
| Configuring Spam Filters in Outlook Express | |
| |
| |
| Blocking Senders in Outlook Express | |
| |
| |
| Using OE Message Rules with SpamAssassin | |
| |
| |
| Configuring Spam Filters on Outlook | |
| |
| |
| Configuring Outlook's Junk and Adult Content E-mail Filters | |
| |
| |
| Using Outlook Message Rules with SpamAssassin | |
| |
| |
| Summary | |
| |
| |
| Implementing Other Popular Anti-Spam Tools | |
| |
| |
| Anti-Spam Clients for Windows | |
| |
| |
| SpamBayes | |
| |
| |
| How It Works | |
| |
| |
| Installing SpamBayes | |
| |
| |
| User Knowledge and Machine Learning | |
| |
| |
| SpamPal | |
| |
| |
| How It Works | |
| |
| |
| Installing SpamPal | |
| |
| |
| Controlling the World Through Lists | |
| |
| |
| SpamCatcher | |
| |
| |
| How It Works | |
| |
| |
| Installing SpamCatcher | |
| |
| |
| Making Contact with the SpamCatcher Network | |
| |
| |
| Lyris MailShield Desktop | |
| |
| |
| How It Works | |
| |
| |
| Installing MailShield Desktop | |
| |
| |
| Manipulating MailShield to Suit Your Needs | |
| |
| |
| SPAMfighter | |
| |
| |
| How It Works | |
| |
| |
| Installing SPAMfighter | |
| |
| |
| Configuring SPAMfighter | |
| |
| |
| SpamButcher | |
| |
| |
| How It Works | |
| |
| |
| Installing SpamButcher | |
| |
| |
| Butchering Spam | |
| |
| |
| iHateSpam | |
| |
| |
| How It Works | |
| |
| |
| Installing iHateSpam | |
| |
| |
| Turning iHate to Action | |
| |
| |
| SpamNet | |
| |
| |
| How It Works | |
| |
| |
| Installing SpamNet | |
| |
| |
| Netting Spam with SpamNet | |
| |
| |
| KnockKnock | |
| |
| |
| How It Works | |
| |
| |
| Installing KnockKnock | |
| |
| |
| Knocking on a Spammer's Door | |
| |
| |
| Knocking KnockKnock | |
| |
| |
| POPFile | |
| |
| |
| How It Works | |
| |
| |
| Installing POPFile | |
| |
| |
| POP Goes the Spammers | |
| |
| |
| Anti-Spam Servers for Windows | |
| |
| |
| iHateSpam Server Edition | |
| |
| |
| How It Works | |
| |
| |
| Installing iHateSpam | |
| |
| |
| Hating Spam in the Enterprise | |
| |
| |
| GFI MailEssentials | |
| |
| |
| How It Works | |
| |
| |
| Installing GFI MailEssentials | |
| |
| |
| Configuring the Essentials | |
| |
| |
| Trend Micro Spam Prevention Service | |
| |
| |
| How It Works | |
| |
| |
| Installing SPS | |
| |
| |
| Anti-Spam Tools for Macs | |
| |
| |
| PostArmor | |
| |
| |
| How It Works | |
| |
| |
| Installing | |
| |
| |
| Use Your Armor! | |
| |
| |
| POPmonitor | |
| |
| |
| How It Works | |
| |
| |
| Installing | |
| |
| |
| Operating POPmonitor | |
| |
| |
| Spamfire | |
| |
| |
| How It Works | |
| |
| |
| Installing | |
| |
| |
| Firing Up the Spammers | |
| |
| |
| MailGoGoGo | |
| |
| |
| How It Works | |
| |
| |
| Installing | |
| |
| |
| Getting Spam to Go Go Go... | |
| |
| |
| Mail Gone, Gone, Gone | |
| |
| |
| Summary | |
| |
| |
| Anti-Spam Tools for Linux | |
| |
| |
| Vipul's Razor | |
| |
| |
| Examining the Razor | |
| |
| |
| Downloading and Installing Razor | |
| |
| |
| Using Razor | |
| |
| |
| Distributed Checksum Clearinghouse | |
| |
| |
| Welcome to the Clearinghouse | |
| |
| |
| Downloading and Installing DCC | |
| |
| |
| Running DCC | |
| |
| |
| Bogofilter | |
| |
| |
| Installing Bogofilter | |
| |
| |
| Running Bogofilter | |
| |
| |
| SpamBayes | |
| |
| |
| Installing SpamBayes | |
| |
| |
| Using SpamBayes | |
| |
| |
| Quick Spam Filter | |
| |
| |
| Downloading and Installing QSF | |
| |
| |
| Running QSF | |
| |
| |
| The SpamBouncer | |
| |
| |
| Installing and Configuring the SpamBouncer | |
| |
| |
| What You'll See | |
| |
| |
| A Pleasant Surprise | |
| |
| |
| Summary | |
| |
| |
| Stopping Spam in the Long Term | |
| |
| |
| Know Your Enemy | |
| |
| |
| Profile of an "E-mail Direct Marketer" | |
| |
| |
| Spam Tools | |
| |
| |
| The Purveyors of Spam | |
| |
| |
| Getting to Know the Product (Spam) | |
| |
| |
| Anatomy of an E-mail Header | |
| |
| |
| Spam Examples | |
| |
| |
| Red Alert: Reporting Known Spammers | |
| |
| |
| Direct E-mail | |
| |
| |
| DNS Blacklists | |
| |
| |
| Update Your Own Anti-Spam Tool | |
| |
| |
| Summary | |
| |
| |
| Advanced Topics and Fine Tuning | |
| |
| |
| The Black, the White, and the Grey | |
| |
| |
| Roll-Your-Own Blacklist | |
| |
| |
| Blacklisting with a Bite | |
| |
| |
| What in the World Is Greylisting | |
| |
| |
| The Complete MX Relay Defense | |
| |
| |
| Defense by Disguise | |
| |
| |
| Use Graphics Instead of Text | |
| |
| |
| Use the HTML ASCII Equivalence | |
| |
| |
| Use a Scripting Language (JavaScript) | |
| |
| |
| Spam-bots and How They Work | |
| |
| |
| Harvesting with Our Perl Reaper | |
| |
| |
| Spam-bots Patented: the End of the World Must Be Near... | |
| |
| |
| What Is the Robots.txt File | |
| |
| |
| Where Can I Get More Info on Robots? | |
| |
| |
| Siphoning a 55-Gallon Drum of Spam | |
| |
| |
| Reversing the Spam-bot Spigot | |
| |
| |
| The Reverse Dictionary Defense | |
| |
| |
| The DDoS Detection Defense | |
| |
| |
| What to Send Once You've Identified Them | |
| |
| |
| Summary | |
| |
| |
| Fighting Spam Defensively | |
| |
| |
| Win Before Fighting | |
| |
| |
| E-mail Addresses | |
| |
| |
| Challenge/Response: The Next Weird Thing | |
| |
| |
| Future Spam-Fighting | |
| |
| |
| Keeping Your Own House Clean | |
| |
| |
| Open Relays | |
| |
| |
| Securing Your Resources | |
| |
| |
| Spyware: Another Spam Pathway | |
| |
| |
| Pop-ups: The New Spam | |
| |
| |
| True Spyware | |
| |
| |
| Anti-Spyware Tools | |
| |
| |
| Summary | |
| |
| |
| Glossary: Definitions and Acronyms | |
| |
| |
| Selected Anti-Spam Resources | |
| |
| |
| E-mail and Spam-Related RFCs | |
| |
| |
| Papers, Whitepapers, and Treatises | |
| |
| |
| Spam and the Law | |
| |
| |
| DNS Blacklists | |
| |
| |
| SpamAssassin Resources | |
| |
| |
| E-mail Clients | |
| |
| |
| E-mail Servers | |
| |
| |
| Anti-Spam Client Tools for Windows | |
| |
| |
| Anti-Spam Servers for Windows | |
| |
| |
| Anti-Spam Tools for the Macintosh | |
| |
| |
| Anti-Spam Tools for Linux | |
| |
| |
| Other Tactics and Tools | |
| |
| |
| U.S. Government Sites Concerning Spam | |
| |
| |
| About the CD-ROM | |
| |
| |
| How to Use the CD-ROM | |
| |
| |
| Anti-Spam Tools on the CD | |
| |
| |
| Links to Additional Tools | |
| |
| |
| Problems with the CD | |
| |
| |
| Index | |