Spam is a growing problem where the net is concerned. Some 40 trillion spam messages are expected to be sent in 2008. However, we've rounded up 8 tips that will help your combat spam more effectively, ensuring you get the message you want, not the ones you don't.
Blacklisting, whitelisting and reputation listing
With these techniques, the filter evaluates not the message, but the characteristics of the sender, in particular the sender's previous record concerning spam.
Blacklists are databases that collect the IP addresses of known spammers from around the world. The spam filter checks incoming messages against the blacklist and refuses to accept email from these addresses. Depending on the specific spam filter product used, the blacklist it checks could be local (maintained at a company's own network), remote (maintained centrally, independent of a specific company) or a combination. Some centrally maintained blacklists are publicly available, while others are fee-based services.
Whitelists collect the IP addresses of trusted email sources on a 'good sender' list, and the filter automatically accepts email from those addresses. As with blacklists, a spam filter product could check a local whitelist, a centrally maintained one or both. Many spam filters make use of both blacklists and whitelists.
The term reputation service (or reputation list) is sometimes used to refer to a technique that makes use of blacklists and whitelists but broadens them by considering not only the sending IP address, but the entire domain. However, the terminology is used inconsistently in the industry, with the terms 'blacklist' and 'reputation list' often used interchangeably.
In some cases, vendors use 'reputation service' or 'reputation list' to differentiate their lists from the community heritage of blacklists and whitelists. But Jennings cautions against buying into the idea that reputation lists are all run professionally, while all blacklists are "cesspools of false positives". He says he has yet to see a reputation list that's truly different from traditional blacklists or whitelists.
A recipient email system temporarily rejects email from an unknown IP address (one that's on neither a whitelist nor a blacklist). The recipient system sends an automated response to the sending system that informs the latter of the temporary failure. Theoretically, a 'real' sender will simply resend the message, while a spammer will lack the patience to do so.
A service on the mail server slows down incoming connections as long as possible; the delay is meant to discourage spammers by forcing them to spend longer amounts of time to send their spam. The technique is named after real-life tarpits, into which animals get bogged down, eventually sinking and suffocating. (The original tarpitting program was called LaBrea, after the Los Angeles tarpit.) The disadvantage of this approach, of course, is that legitimate email also takes longer.
NEXT PAGE: Tips for combating false positives