Low-tech edition (About)
Cleverness of bulk e-mailers in outwitting filters requires ever-evolving software
January 14, 2004
By BOB NORBERG
THE PRESS DEMOCRAT
|
|||||||||||
Internet service providers are beefing up their e-mail filtering programs to combat the flood of spam that is still overwhelming e-mail servers and the Internet, despite a new federal law that took effect Jan. 1.
"At this point we are still seeing the percentage of spam going up," said Ken Schneider, chief technical officer for Brightmail, a San Francisco company that blocks spam for ISPs and companies. "It was 58 percent of all e-mail for December. We have been seeing it now in the 60 percent range."
Anti-spam software tries to block spam by identifying known spammers and their Internet addresses. It focuses on such things as specific words and phrases, subject lines and even how similar e-mail messages are.
Newer software now being integrated uses mathematical algorithms, called Bayesian analysis, which is continually taught what spam is. It refines its methods of identifying spam even as spammers change their techniques.
Sonic.net, Santa Rosa's largest Internet service provider with 33,000 customers, is adding Bayesian analysis on top of its existing software, called Spam Assassin, that already rejects 80 percent of all e-mail as spam.
"It learns what spam is as spam evolves," said Sonic.net co-founder and President Dane Jasper. "You can look at the received e-mail and certify what is and isn't spam. The more you teach the Bayesian interface, the more spam it captures."
Still, most in the industry believe spammers are clever enough to outwit some of the defenses, evade detection and move their operations offshore and out of the jurisdiction of the new federal law.
"I would love to see spam go away, but it is a part of our world, like junk mail is part of our world, and telemarketing is part of our world," said Chris Miller, product manager for Symantec's business e-mail security division. "We can, however, hold it in check."
Spam is any unsolicited e-mail sent out in bulk, often reaching millions of computers and touting such things as low-interest mortgages, sexual aids, pornography, get-rich-quick schemes and fraudulent businesses.
Spammers can buy e-mail databases, use programs that search the Internet for e-mail addresses, or send out "dictionary" attacks that try thousands of combinations of words, letters, and numbers until they get a hit.
Spammers also often hide their identities and location by hijacking unprotected servers on other computer networks.
The new federal law, called the Can Spam Act, makes it illegal to mask the originating address, use misleading subject lines, and harvest e-mails from other sites, and requires a way for recipients to opt out of receiving further e-mail.
But it is considered weaker than laws California and other states had adopted, which it supersedes, and laws in effect in Europe that require recipients to give marketers permission to contact them, much like the nationwide "do-not-call list" for telemarketing.
"Having the law is better than not having the law, and the Federal Trade Commission will probably find some spammers, and there will be some test cases," said Andrew Lochart, product manager for Postini, a Redwood City company that screens e-mail for 2,100 companies and Internet service providers.
"But hard-core spammers know what they are doing and how to obscure their identities and take advantage of how the Internet works. They will feel a sense that they will not be at risk," Lochart said.
In its first week, the new federal law hasn't had a noticeable affect.
Postini last week reported that spam made up 78 percent of the 1 billion e-mails it screened, a rate unchanged from before the law took effect.
To combat spam, PC users are advised to use an Internet service provider that uses some anti-spam measures.
Measures taken by Postini and Brightmail for their clients and what internet service providers themselves are doing on their e-mail servers can keep 90 percent to 98 percent of all spam from reaching desktop users, while rejecting less than 1 percent of legitimate e-mail as spam.
Pacific Internet in Ukiah uses Postini to screen e-mail for its 4,000 customers, and technician Eleanor Cayler says it catches 98 percent of the spam.
"It works well. Every once in a while we see a little glitch, but it has been really great," Cayler said.
In-Site Communications in Petaluma uses server software called Spam Cop and augments it with 3,000 lines of its own hand-written program code to catch spam, said owner Jody McAlister.
NetEase in Santa Rosa uses server software from a Montreal company, which it updates every few months, said network admnistrator Steve Degard.
Sonic.net had two full-time employees installing the new anti-spam software and servers, and has one full-time worker devoted to spam, Jasper said.
It is expensive, Jasper said. The cost of the hardware alone is about $100,000.
There are also some 100 desktop programs that consumers can buy, some by major companies, such as Symantec and McAfee, in the $30 to $40 range, and others by programmers that are inexpensive or free and available on Internet sites.
Most use similar Bayesian technology, requiring the user to mark messages as spam or legitimate e-mail, which over time teches the software to identify spam.
McAfee also pushes weekly filter updates to purchasers of its SpamKiller software.
"In general, they are built on a similar principle," said Symantec's Miller. "It is the natural solution to this problem. Because you have spammers trying t odeke out the defenses of the anti-spammers, it is kind of an arms race."
|
Email story | Print story | Subscribe to paper
|
Get home delivery of The Press Democrat -- the North Bay's news source.
