SPAM

INFORMATION PELICAN BAY HOME COMPUTING HOME OFFICE SMALL OFFICE COOKIES POP-UPS SCAMS SPYWARE SPAM PREVENT. MAINT. TECHNICAL

 

Vulnerabilities

(Spam)

In addition to viruses and worms, there are some other annoying programs and files out there that

you need to protect your home network from. This chapter focuses on spam, cookies, spyware, and

scamsówhat they are, how they work, and how to get rid of or at least control them. For the most

part, these types of files are not as dangerous as the others we discussed in Chapter 15, "Viruses and

Other Malicious Software"ónone of them will remove or destroy data for exampleóbut they are still

common, extremely annoying, and in some cases, they can do things without you knowing about it.

Spam

Spam is the common name for unsolicited commercial e-mail and it is a problem that is rampant on

the Internet today. Because of spam, a whole sub-industry of spam blockers has cropped up and is a

major concern of Internet service providers (ISPs). Major service providers claim that they block on

the order of 2 billion (yes, billion) unsolicited e-mails every day and have put the effort to stop spam

at the top of their priority lists. One of the reasons that spam is so widespread is that it is extremely

easy to send out millions and millions of e-mails with little cost.

How Spam Works

Spammers do their dirty work by purchasing or creating giant e-mail lists and automated mailing

tools called spambots. The lists are usually compiled from web pages where people provide their email

address as part of a registration process. Usually, there is a box that is checked "yes" by default

saying something along the lines of "Yes, please share my e-mail with your sponsors for related

offers." If you agree, by leaving the box checked, you have just given the site permission to sell and

resell your e-mail address to spammers. Although most spam gets caught by filters or deleted by the

recipient, some of it is answered and that is why the spammers keep at it. It is really a matter of odds.

Even if the response rate is 0.5%, it cost next to nothing to send spam to upward of 10 million e-mail

addresses. At that rate, the spammer just pulled in 50,000 new customers.

 

How to Block Spam

There is a good chance that your ISP has some sort of spam-blocking feature available and, if spam

is a problem for you, we suggest starting there. Your ISP probably uses some basic filters such as

looking for keywords or multiple (100,000+) instances of an e-mail from the same source IP address.

Unfortunately, spammers (those who create and send spam) are pretty good at staying ahead of the ISPs

by using random or misspelled words or by constantly changing IP addresses as they send e-mails.

(There is also talk of anti-spam legislation, but spammers can easily set up shop in countries with looser

laws.) If the ISP filters are not blocking enough spam, you can purchase or download software that will

provide a second layer of protection on your system. Typically, these programs use advanced algorithms

to recognize and block spam but they are not perfect because sometimes spam gets through the filter,

and sometimes legitimate e-mail gets blocked (essentially a false positive). You can modify the options in

this program so that the blocking rules are customized. Be sure to check the folder that the spam blocker

drops trash e-mail into every once in a while to make sure you donít miss "real" e-mail.

We recommend that in addition to using the ISP and commercial blockers that you set up a dirty e-mail

address. What we mean by dirty e-mail address is an e-mail address that is only used for the purpose

of registering on web pages. Given that most ISPs will allow several e-mail aliases with a standard

account, you can reserve one for this purpose and still have plenty for the legitimate users in the home.

After you do this, only give your "real" e-mail out to people you know and use the dirty one for everything

else. If you find that you do want some of the e-mail that comes into the dirty account, you can

notify the sender to use your real e-mail address. Keep in mind that most legitimate commercial sites

will not resell or share your e-mail address without your permission, but itís up to you to make sure that

you read the fine print and uncheck any boxes that were pre-populated. This is always a red flag.

 

Turn on Spam Blocking at Your Service Provider

How to enable spam blocking with your service provider will vary highly and depend entirely on

how the ISP has chosen to set up its services.

Enabling the protection is very easy. Just follow these steps (in this example, EarthLink is the ISP):

Step 1 Log in to the EarthLink My Account page using your account user ID and password.

Step 2 Click Spam Blocker. Choose the blocking setting that is appropriate (see Figure 16-3).

There are three possible setting levels that we will take a moment to explain as they will also apply

to spam blocking on home computers (which we will set up next). The three settings and how they

operate are

Ā° OffóAll e-mail is forwarded; no spam checking is performed.

Ā° MediumóE-mail is checked against known spammer lists, and matches are discarded.

Ā° HighóIn addition to checks against known spammer lists, you create a list of e-mail senders that

are in your address book. Matches against the known spammer list are discarded. Matches from your

address book are forwarded to your inbox. If the sender is unknown (in neither list), the e-mail is

held as "suspected" spam. You then have to go in periodically and sort out acceptable e-mail from

spam.

If you receive e-mail from only a few known e-mail addresses (friends and relatives), put them in the

address book and turn the spam blocker on High. If you receive considerable e-mail from new

sources, you probably need to go with the Medium setting.

If your kids have e-mail accounts, we would highly recommend the High setting (no pun intended).

Kids should never receive e-mail from sources that you donít go in and specifically authorize.

Set Up Spam Blocking on Your Home Computers

If possible, set up a first line of spam defense in the service provider network. This may be enough,

so we recommend trying the ISP route first, and then see if you need additional protection.

If you need to enable blocking on each of the computers in your home network, as mentioned earlier,

most security bundles contain a spam blocking component. This section shows the steps to enable

this service.

First, itís helpful to understand a bit about how a spam blocker works. Spam-blocker vendors maintain

lists of known spammers, which can be automatically updated on your home computers by the

security bundle software. Figure 16-4 shows the components of a typical spam blocker.

 

The spam blocker works much like the description in the previous section on service provider spam

blockers. There is typically a setting (like Medium) that discards e-mail matching known spammer

lists, and a higher setting (like High) that additionally compares against a personal address book that

you provide and maintain.

It is assumed that you already installed the security product bundle you have selected. Table 16-1

shows the process for enabling spam blocking on both the Symantec and McAfee products.

With the spam blocker enabled, you should see considerably less spam e-mail. We suggest starting

off with a Medium setting, and moving up to a higher setting if you are not satisfied with the reduction

in spam.

Back Next