Spammers and hackers are constantly shifting strategies and tactics to get around spam filters. As new tactics evolve, anti-spam vendors must layer their new technology on top of the old. The following are the four major types of anti-spam technologies:
Content filtering
Early solutions relied primarily on word lists, email signatures, and lexical analysis. For instance, “Viagra” is a word that’s often tagged by content filters. To adapt, spammers started spelling it with “1”s instead of “I”s, and added spaces. Later, they began to include HTML graphics instead of putting in text. Recently, spammers began to put their content in embedded PDFs; some email security vendors can filter the content of PDFs as well.
Behavioral analysis
This type of anti-spam technology used Bayesian analysis, statistical analysis and heuristics in order to predict spam. The onus for this type of technology often fell on administrators, who had to do extensive tuning and trial and error before getting satisfactory results. Bayesian filters also increased the likelihood of false positives.
Identity analysis
This looks at the identity of known spammers often referred to as “reputation analysis”. This is a promising technology, but may require email authentication to become more widespread. Also, zombie attacks can get around this type of defense.
Pattern detection
By analyzing patterns of traffic, as much as 80% of traffic can be thrown out as invalid. This reduces the load on email servers and downstream email filters. This type of detection also does not add to the rate of false positives. All these technologies can layer on top of one another to create an effective anti-spam filter. However, organizations need to implement a secure messaging solution that takes the encryption burden of the end users and intelligently does the right thing.
Labels: Spam