Add to collection(s) Add to saved
  1. Arts & Humanities
  2. Communications

Spam of Email LECTURE NOTES ON By

advertisement 
Department of Software
The University of Babylon
LECTURE NOTES ON Spam of Email
By
Dr. Samaher Hussein Ali
College of Information Technology, University of Babylon, Iraq
Samaher@inet.uobabylon.edu.iq
14 December 2013
Def. of Spam
Spam messages are the misuse of electronic messaging systems
(including most of the media , and digital communication systems )
to send a huge amount of unwanted messages randomly . Although
the figure known for messages spam is e-mail (which is what I will
talk about in this article ) , but this term is present in other media
such as letters of mobile phones , spam blogs, spamming wikis,
spam online forums , fax spam . Known spam messages to e-mail
other names : write propaganda unwanted ((unsolicited bulk Email
(UBE) or junk mail)), or commercial electronic messages unwanted
(unsolicited commercial email (UCE).
Note 1:
One of the biggest problems facing the technology e-mail is spam
known as "spam" , which constitute 70 to 80% of the total e-mails
sent .
14 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 12
The Problem of Spam
Spamming is the scourge of electronic-mail and newsgroups on the
Internet. It can seriously interfere with the operation of public
services, to say nothing of the effect it may have on any individual's
e-mail mail system. ... Spammers are, in effect, taking resources
away from users and service suppliers without compensation and
without authorization.“
Why All the Fuss?
 Loss of Productivity.
 Discouraged Users.
 Loss of Efficiency.
 Legal Issues.
 Communications Quality.
 Business Continuity.
 Company Reputation.
14 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 12
Types of Spam
Note 2:
the fact that most senders of spam infiltrate the computers of Internet
users and malicious programs they download it (zombies) and use
them to send their messages annoying in huge quantitie.
The main Types of Spam:
1.
2.
Propaganda :- More types of SPAM e-mails are propaganda, experience has
shown that the senders of spam targeting certain goods and services to
promote them. Some goods were chosen because computer users might be
interested in them, but most of these goods will be on the black market (such
as prescription drugs are unauthorized). Spam is considered illegal not only
because its goals propaganda but because the goods and services offered by a
legal violation in itself.
Fraudulent :- such as messages, which claims the owner that the recipient
can get a share of the funds was not able to sender obtained by himself for
reasons of judicial versus assist the recipient in the legislation of these funds,
and asks the recipient to provide details of his account banking, and of course
if offered the recipient of this details will be stealing his own account, called
this type of message to scam)).
14 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 12
Types of Spam
3.
4.
5.
6.
7.
Health and medicine: This category includes advertisements for weight loss,
skin care, and treatment of baldness, dietary supplements and drugs that may
be unauthorized, and so on, which can be purchased via the Internet.
Technology(IT): This category includes offers hardware and software at
discounted prices, as well as services to the owners of sites on the Internet
such as web hosting, domain registration, and improve the sites, and so on.
Personal finance: This type of insurance offers, and services to reduce debt,
and loans with low interest rates, and so on.
Education and training: This category includes offers for seminars, training,
and access to educational certificates via the Internet and this may be a false
certification
Political spam : This category includes mudslinging or political threats from
extremists and possible terrorists. Though these are merely nuisance messages
to end users, security and law enforcement officials need to be aware of such
mailings, since they can provide clues to genuine potential threats, or may be
actual communication between terrorists.
14 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 12
Rate each Type of Spam Messages
To produce
13%
Trade
22%
Fraud
7%
Health
10%
Net
9%
Entertainment
6%
Religious
5%
The other
25%
Second Def. of spam (n): Unsolicited e-mail, often of a commercial nature, sent
indiscriminately to multiple mailing lists, individuals, or newsgroups; junk email.
14 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 12
The Spam Threat
• Users don’t want spam
 Lost productivity
 Offensive, Embarrassing
 Legitimate messages get lost in the sea of spam
• Spam isn’t going away
 People buy from spammers
 Legislation has not been effective
 The SMTP protocol is inadequate
 It allows spammers to forge message information
• Spam is difficult to detect
 Spammers learn how to get past filters
 Legitimate messages WILL be lost
• Anti-Spam is difficult to support
 Users don’t like misclassifications
 Client based anti-spam solutions interfere
 Authorized mass-mailers want special treatment
• Spammers use malware
 Viruses “spam” themselves in mass quantities
 Compromised computers DoS attack Anti-Spam services (RBLs)
 Compromised computers send spam from inside the network
14 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 12
The Disadvantages of Spam
1.
According to a study conducted by Nucleus Research in 2009 , cost
management process spam messages American companies more than 71 billion
dollars a year because of the cost of lost production hours at a rate of $ 712 per
employee . physical damage to the annoying messages can be summarized in
the following points:
2.
causing wasted staff time , because users who do not have protection against
spam messages Sédron a lot of time to check their messages and delete spam
messages from them.
3.
the possibility that the user accidentally deletes an important message because
of the mixing of spam messages with important messages .
4.
spam messages cause the waste of network resources , particularly e-mail
server , such as viruses causing it to fill in the database.
5.
senders of spam usually infiltrate the computers of users and spam messages
they
send
14 December 2013
them
without
their
permission
Dr. Samaher Hussein Ali
(Session
hijacking).
Notes of Lecture 12
How can we avoid the Spam Message?
1.
Two email addresses. You should use your private address for personal
correspondence only. The public address should be the one you use to register on
public forums, in chat rooms, to subscribe to mailing lists etc.
2.
Never publish your private address on publicly accessible resources.
3.
Your private address should be difficult to spoof. Spammers use combinations of
obvious names, words and numbers to build possible addresses. Your private
address should not simply be your first and last name. Be creative and
personalize your email address
4.
If you have to publish your private address electronically, mask it to avoid
having it harvested by spammers. Joe.Smith@yahoo.com is easy to harvest, as is
Joe.Smith at yahoo.com. Try writing Joe-dot-Smith-at-yahoo-dot-com instead. If you
need to publish your private address on a website, do this as a graphics file rather
than as a link.
14 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 12
How can we avoid the Spam Message?
5.
Treat your public address as a temporary one. Chances are high that spammers
will harvest your public address fairly quickly. Don't be afraid to change it often.
6.
Always use your public address to register in forums and chatrooms and to
subscribe to mailing lists and promotions. You might even consider using a
number of public addresses in order to trace which services are selling addresses
to spammers.
7. Never respond to spam. Most spammers verify receipt and log responses. The
more you respond, the more spam you will receive
8.
If your private address is discovered by spammers - change it. This can be
inconvenient, but changing your email address does help you to avoid spam - at
least for a while!.
9.
Do not click on ‘unsubscribe’ links from questionable sources. Spammers send
fake unsubscribe letters in an attempt to collect active addresses. You certainly
don't want to have your address tagged as ‘active’ as it will just increase the
amount of spam that you receive.
14 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 12
How can we Reduce the Spam Message?
Spammers are very resourceful and will find a way to get their messages to you. The
only way to really eliminate spam is to use expensive custom anti-spam services like
the ones used in large corporate spam firewalls. Given the ingenuity of spammers
that may not last for long either.
Here, the main significant methods to reduce spam.
1. Remove all clear text email addresses from your website.
2. Make sure your computer is secure
3. Mark all junk emails as junk.
4. Secure all web forms with captcha. Captcha is that wierd box with those hard
to read letters. It is there because computers can't make sense of that image and
people can. This stops robots from filling out online forms and clogging your
inbox. Some industrious spammers will actually pay people to manually fill out
online forms but it is a very small percentage of the total spam.
5. Don't forward chain letters.
6. Don't reply to spam
7. Watch out for check boxes that are already selected.
8. Turn off read and delivery receipts and automatic processing of meeting
requests
9. Block pictures in HTML messages that spammers use as Web beacons
14 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 12
As a result,
Third def. of Spam is flooding the Internet with many copies of the same message,
in an attempt to force the message on people who would not otherwise choose to
receive it. Most spam is commercial advertising, often for dubious products, get-richquick schemes, or quasi-legal services. Spam costs the sender very little to send -most of the costs are paid for by the recipient or the carriers rather than by the sender
Spam filter is a program that is used to detect unsolicited and unwanted email and
prevent those messages from getting to a user's inbox.
The Anti-Spam SMTP Proxy (ASSP) server project is an Open Source, Perl
based, platform-independent transparent SMTP proxy server available at
SourceForge.net that leverages numerous methodologies and technologies to both
rigidly and adaptively identify e-mail spam. ASSP is easy to set up because it
requires only minor changes to the configuration of your Mail Transfer Agent
14 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 12
Anti-Spam Technologies
Although some spam will inevitably get through, a spam slammer -- otherwise known
as a spam blocker or anti-spam, etc -- saves an enormous amount of time that we
would otherwise spend in sifting out the junk by doing this manually.
Generally, anti-spam techniques fall into four categories:
1.
Filters
2.
Sender Policy Framework (SPF)/Reverse Lookup
3.
Challenge/Response
4.
Cryptography
Note 3:
In this lecture, we discuss the main steps of Filtering Process:
14 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 12
Filtering Process
Emails are processed in five phases:
1. Initialization
Email client receives email, forwards it to Spamato, and waits for check result.
msg


isSpam(msg)
2. Pre-Check
Veto against further processing
(Configuration, Sender-whitelist)
Spamato Base
Gain information for other plugins (URL extractor)
msg
msg
msg
Filter 1
Filter 2
Filter N
PreCheck(msg)
PreCheck(msg)
veto1(msg) veto2(msg)
.....
PreCheck(msg)
vetoN(msg)
veto(msg) == true
ignore this msg
Checkpoint PreCheck
veto(msg) = veto1(msg) || veto2(msg) || … || vetoN(msg)
msg
msg
14 December 2013
Filter 1
Filter 2
isSpam(msg)
msg
Dr. Samaher Hussein Ali
Filter N
Notes of Lecture 12
Filtering Process
3. Check
Each filter calculates the spam probability
4. Decision
The overall spam probability is calculated and returned to the email client
14 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 12
Filtering Process
5. Post-Check
 Learn from global decision
 Collect statistics
Note 4:
In general, we can split the types of spam filtering into three groups:
1. First group, filter related to list base
 Black list
 White list
 Gray list
 Black wholly list
2. Second group, filter related to contain base
 Word base filter
 Heuristic filter
 Bayesian Filter
3. Third group, other filter
 Respon spam
14 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 12
Filtering Process
14 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 12
Related documents
STAT 503X Assignment 3 Email and SPAM
STAT 503X Assignment 3 Email and SPAM
We`re sorry - Massachusetts Department of Education
We`re sorry - Massachusetts Department of Education
Document10540768 10540768
Document10540768 10540768
We`re sorry - Massachusetts Department of Elementary and
We`re sorry - Massachusetts Department of Elementary and
Download
advertisement