What is spam

Since the Internet has become a standard way to communicate, it began circulating a large amount of information began to circulate which people have collected and used improperly.
Commonly it is called spamming sending unsolicited e-mail (usually advertisements) to a large number of recipients without their consent to the service.
The name Spam originated from a comedy sketch where a restaurant waitress kept on bringing the customers a menu based on this "Spam", which was the name of a canned meat.

The main purpose of spam is in fact to advertise massively with a low cost and today spam is a household word. Approximately 50-60% of all email traffic is spam. It means that active correspondence via email is impossible without spam protection.

One of the first goals of an Email hosting services for businesses is to fight spam.

WHY SENDING SPAM EMAIL

Many companies use email marketing tools to communicate with their current and prospective customers. In some cases such advertising is legitimate, as many users may be interested in receiving commercial information about some products.

However, many companies send unsolicited bulk commercial messages. In these cases, email advertising crosses the line and becomes spam.

A recent frontier of the spammers is named phishing.
The word phishing defines a criminal activity which uses techniques of social engineering (cheating users in order to get confidential information).

The aim is to gain access to private and critical data such as bank account numbers, P.I.N. codes, etc. Access is usually achieved by sending email disguised as a trustworthy person or business (financial institution, insurance company).

The email seems genuine, and will contain graphics and content which may have originally come from the source that it is impersonating.

Usually you will be asked to enter, under for reasons (data verification, financial operations), some of your personal data – bank account numbers or usernames and passwords. All such data, if submitted, can easily be stolen and misused.

Even if it should be noted that banks, insurance companies, and other legitimate companies will never request usernames and passwords in an unsolicited email

One of the last trends about spam has been sending emails promoting political issues.
Costs which a Spammer has to face to carry on operations and to retrieve e-mail addresses are significantly reduced.
Who really suffers these costs is the mailbox owner.
The Spammer, by sending junk emails, is able to carry advertising in the world at low costs or pursue illegal purposes. There are several techniques used by spammers to retrieve e-mail addresses.
Among these are:

  • WEB Bug
  • Dictionary Attack
  • Spambot
  • Spyware


HOW TO PROTECT YOUR EMAIL

Our email is almost always required for subscriptions to sites and services.
At the same time we are often asked to authorize the sending of messages, promos and doing so, we are subjected to receive emails we do not want to receive.
So before granting it, let’s consider whether or not what we are choosing is really helpful (how many useless subscriptions are daily made?).
It's a good idea whenever you receive an email as spam to see if you can remove it from the list that generated it and, if not possible, mark it and filter it.
But these small steps are only preparatory to work better across a range of tools (both client side and server side) to counter spamming which, we must not forget, is approximately the 50-60% of all email traffic.
That means it is impossible to get an active correspondence via email without spam protection.

TOOLS TO LIMIT SPAM

he aims of this section is to show how to eliminate spam at the mail server level, with block lists (Black List) and Spam Assassins.
At user level there are multiple solutions, compatible and side by side to existing server-side, but for which we will dedicate a specific article shortly.

BLACK LIST

Some very useful tools on which we are going to dwell on are the block lists, also called Black Lists.
The block lists are a tool not available in e-mail client level, but used at the server level.
The main task of block lists is to block spam before it can reach the end user and therefore his inbox.
The block lists are composed of IP addresses, which are detected as Spam when they violate certain rules, which are critical in the network Although there are no problems in term of violation of privacy, email full of Spam among the rules mentioned above there will be: rules of conduct (breach of privacy), safety standards (proxy or open relay).
The block lists are maintained over time, and are subject to changes and updates, such as adding or deleting IP addresses, identified as a source of spam; also they are available and in some cases updatable by anyone willing to do it..
In some cases, however, there may be lists of IP addresses that are not entirely reliable, Bastard Admin calls.
These are created by not following the standards mentioned before, but by following arbitrary criteria.
So for those who want some real care and want to halt those emails considered spam by these block lists, they will have to consider that the lists need to meet certain standards to be trustworthy.

SPAMASSASSIN

Among the software on the network, useful to defend themselves from Spam, we find Spam Assassin.

This is an open source program distributed by the Apache Software Foundation, at www.spamassassin.org and it’s one of the favorite email hosting services solution to face the spam.
Spam Assassin, for every single e-mail message received, obtains information (such as text and headers) that are processed, compared and expressed an opinion on the analyzed e-mails.
Spam Assassin is an email filter, so it is an applicable filter in your email client, capable of treating the coming e-mail to avoid the arrival of spam.
In order to increase these controls, make sure to use the various block lists in the network and the various SpamTracking database (such as Razor, DCC).
Now we analyze controls in more details:

• Razor is a collaborative network and distributed for spam detection that is based on user input.
Razor is very simple and is useful for Spam Assassin: in case an unwanted mail is sent to many people and it is the same for everyone, the user who first receives the Spam message inserts it into the Razor database, so if there are any subsequent sendings it will be recognized and immediately blocked.
When Spam Assassin compares the arriving e-mails, if they are already present in its database, Spam Assassin will assign them a score, otherwise it will check in Razor database.
Same thing happens with DCC, in fact this is also a collaborative network like Razor.
In few words, Razor and DCC collaborate with Spam Assassin, provided that they can keep up to date on the presence of new spam on the network.

• Black List: Spam Assassin uses the various black lists in the network, which are very useful because they are always up to date, so they're a great tool you can use to check whether the email can be considered spam or not.

• Text analysis: Spam Assassin is able to analyze the e-mail text, since this in spam messages has special characteristics that the software is able to detect (e.g. presence of special characters, code blocks).

• Header Analysis: Spam Assassin, when analyzing an e-mail header, can detect inconsistencies in mail messages automatically generated.

An important feature of Spam Assassin is the low percentage of false positives (0.1%) and it also has the ability to block more than 99% of junk mail.
The method used by Spam Assassin to evaluate and then consider that an email is spam or not, is a heuristic method. The operation is as follows: e-mail tests are carried out taking into account the different elements; for each item checked a score is assigned to the analyzed e-mail, which can be negative or positive. It is, therefore, useful for considering a spam email or not.
Spam Assassin performs several tests in order to prevent spammers from bypassing the check.
Each test has its own assessment, obtained by checking a sample e-mail ( considered Spam) which will highlight the characteristic qualities of an unwanted e-mail.
In addition to performing several tests on e-mail, even the Spam Assassin database is continually updated when new found are considered spam messages, and this makes it reliable and secure software.
The tests take into account three main elements: technical properties, the e-mail content and information from external sources.
The technical data and properties provide more accurate information, in fact, Spam Assassin is able to identify if a mail is automatically generated.
However, when Spam Assassin analyzes the text of the mail message, conduct audits on the sender, and if there are words or key phrases in the e-mail considered spam.
Finally Spam Assassin analyzes information from external sources, namely, the known sites as a source of spam.
Once the software has evaluated the three elements mentioned above, for each analyzed email it will assign scores which will be compared with the sum of the tests: if the scores should exceed a threshold, an e-mail will, therefore, ,be considered as Spam.
Some features can be set by every single user according to email hosting provider's policies. Servermx.com (https://www.servermx.com/en/help/howto/antispam.html) for instance allows, via roundcube, to set a large variety of parameters to better match the end-user need.
Servermx spam filtering service allows facing junk email with customizations via client and via server too using custom spam filter algorithm.

BEST ANTISPAM SOLUTION

The best antispam solution probably doesn’t exist because it’s really hard to balance the two main tasks that must be provided by an antispam solution:

  1. Detect Spam Email
  2. Let in the proper emails

Every user might have his/her specific requirements.
That’s why servermx.com allows the customization of some of the spam assassin’s parameters since it provides custom solutions for specific business needs.