Taxonomy of spamming techniques: Difference between revisions
Tony-hansen (talk | contribs) (New page: this is a place holder until some real content can be added) |
Ianeiloart (talk | contribs) (Some spam techniques.) |
||
Line 1: | Line 1: | ||
this is a place holder until some real content can be added | this is a place holder until some real content can be added | ||
This page doesn't discuss types of spam, or reasons for spamming. It discusses the mechanisms that are used for spamming. If you operate a computer, or a computer network, you should be aware of these techniques in order that you can avoid becoming a source of spam. | |||
==Spambots== | |||
Domestic, broadband connected computers often have poor security policies, and reasonable bandwidth. Crucially, they're available in huge numbers. Most email spam is emitted by spambots - networks of compromised home computers with broadband connection, for example. Internet Service Providers can mitigate harm by blocking outbound port 25, or listing IP addresses in public Policy Blocklists. Email service providers can help by providing MSA services on port 587, and checking Policy Blocklists. An early example was the MAPS Dial-Up List (remember dial-up?). Providers of Policy Block Lists include SpamHaus | |||
==Abuse of free email accounts== | |||
Creation of email accounts at some email service providers can be automated. Such accounts are cheap and easy to register and use until they're shut down. Captcha tests are now in quite wide use, which makes this a slower and less profitable process. Email service providers can also limit the harm by rate limiting outbound mail for new accounts. | |||
==Hijacking of other email accounts== | |||
For example, through phishing. There was a spate of phishing incidents at academic institutions worldwide in early 2009, which may be ongoing. Account authentication details were obtained by phishing, and then used either for further phishing, or for sending fraudulent offers. Particularly vulnerable were webmail accounts, perhaps because you don't need any configuration information to use them, and because webmail servers are easy to find. Some institutions have mitigated the harm by rate-limiting outbound email from webmail accounts, and from off-campus mail submissions. | |||
==Compromise of corporate servers== | |||
Corporate servers often have high bandwidth network connection, and good reputation. They typically have a method of emailing status reports to system administrators. This makes them good targets for spammers. Harm can be limited by blocking outbound port 25, and restricting email deliveries to local addresses. | |||
==Abuse of web forms== | |||
If a web form allows the user to specify a recipient address, and to determine the content of the email sent, then it can be used for spamming purposes. Harm can be mitigated by rate-limiting, by fixing the content or allowing very limited modification of content, or by fixing the recipient list. | |||
==Overenthusiastic marketing== | |||
Some honest and otherwise reputable businesses emit spam (Unsolicited Commercial Email, for example) because they're careless about how they obtain or maintain their mailing lists, or how they use them. |
Revision as of 07:31, 3 July 2009
this is a place holder until some real content can be added
This page doesn't discuss types of spam, or reasons for spamming. It discusses the mechanisms that are used for spamming. If you operate a computer, or a computer network, you should be aware of these techniques in order that you can avoid becoming a source of spam.
Spambots
Domestic, broadband connected computers often have poor security policies, and reasonable bandwidth. Crucially, they're available in huge numbers. Most email spam is emitted by spambots - networks of compromised home computers with broadband connection, for example. Internet Service Providers can mitigate harm by blocking outbound port 25, or listing IP addresses in public Policy Blocklists. Email service providers can help by providing MSA services on port 587, and checking Policy Blocklists. An early example was the MAPS Dial-Up List (remember dial-up?). Providers of Policy Block Lists include SpamHaus
Abuse of free email accounts
Creation of email accounts at some email service providers can be automated. Such accounts are cheap and easy to register and use until they're shut down. Captcha tests are now in quite wide use, which makes this a slower and less profitable process. Email service providers can also limit the harm by rate limiting outbound mail for new accounts.
Hijacking of other email accounts
For example, through phishing. There was a spate of phishing incidents at academic institutions worldwide in early 2009, which may be ongoing. Account authentication details were obtained by phishing, and then used either for further phishing, or for sending fraudulent offers. Particularly vulnerable were webmail accounts, perhaps because you don't need any configuration information to use them, and because webmail servers are easy to find. Some institutions have mitigated the harm by rate-limiting outbound email from webmail accounts, and from off-campus mail submissions.
Compromise of corporate servers
Corporate servers often have high bandwidth network connection, and good reputation. They typically have a method of emailing status reports to system administrators. This makes them good targets for spammers. Harm can be limited by blocking outbound port 25, and restricting email deliveries to local addresses.
Abuse of web forms
If a web form allows the user to specify a recipient address, and to determine the content of the email sent, then it can be used for spamming purposes. Harm can be mitigated by rate-limiting, by fixing the content or allowing very limited modification of content, or by fixing the recipient list.
Overenthusiastic marketing
Some honest and otherwise reputable businesses emit spam (Unsolicited Commercial Email, for example) because they're careless about how they obtain or maintain their mailing lists, or how they use them.