Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Email filtering: Damned if you do… and damned if you don’t!

  • 27 February, 2007 13:49

<p>By Peter Stewart, Chairman, TotalBlock Pty Ltd</p>
<p>Who on earth would cheerfully volunteer to become a network administrator, charged with responsibility for tuning the filters of today’s anti-spam solutions? It’s a thankless task.</p>
<p>All too often the administrator becomes an unfortunate piggy-in-the-middle, damned if he (or she) tightens the filters to keep out the daily avalanche of spam, and damned if he relaxes them when staff complain that their emails are being held up.</p>
<p>Here’s what can happen when filters are screwed down too tightly:</p>
<p>An infotech magazine Editor’s anti-spam solution quarantines all incoming news releases from the high profile multinational vendor of that particular solution! Result? The Editor either fails to receive the releases or wastes time searching for them. The arbitrary nature of filtering is to blame. Filters look for words commonly used in spam, like ‘Viagra’, or ‘medicine’ or ‘financial’. In the Editor’s case, the data security vendor’s news releases most likely used trigger words such as ‘spam’, ‘virus’, or ‘spyware’ ensuring that nothing gets through to the in-box.</p>
<p>On the other hand, horror stories abound that describe shoals of spam eluding filters. Upon returning to his desk after a weekend, a metropolitan newspaper journalist regularly spent up to two hours on a Monday morning hunting for useful emails amid a flood of spam. Clearly the newspaper group’s filters were set too loosely.</p>
<p>Following are more examples of the same problem:</p>
<p>Brisbane-based educational software vendor Alpha School System Pty Ltd (TASS) had an anti-spam application that Managing Director Ken Reid described as “an all or nothing solution.” If the filters were opened wide enough to receive wanted emails, it “let in heaps of rubbish through the door.”</p>
<p>The Managing Director of B&amp;C Mailing, Australia’s oldest and most trusted mailing house, was receiving 60 spam emails in a single day despite using a security management solution from CA.</p>
<p>Scott Smith, who created the Northern Illawarra Online web portal (http://www.nio.net.au/), advises people using the site how to avoid receiving annoying levels of spam. Scott became aware of the spam problem when Helensburgh businessman Quentin Field, of Interphase Security &amp; Electrical (http://www.interphase.com.au/), disclosed that it took him up to two hours a day to cull junk emails.</p>
<p>Clearly business people waste time and suffer high levels of frustration in dealing with the email balance each working day. Productivity and profitability are diminished across the full spectrum of private enterprise and Government organisations. The accumulated lost time would certainly cost Australian enterprises tens of millions of dollars each year.</p>
<p>At TotalBlock, we believe there is a far more effective solution for countering spam. Smaller anti-spam vendors around the world have begun to use challenge-response technology, although the large multinational vendors are sticking by the filtering solutions in which they have invested substantial time and money.</p>
<p>Although users of challenge-response, or blocking, solutions universally report excellent results, general acceptance of the technology is a trickle rather than a flood.</p>
<p>When TASS implemented TotalBlock, Ken Reid reported: “We have been able to stop the flow of rubbish, while allowing through all emails from legitimate senders.”</p>
<p>Instead of starting his day dealing with unwanted emails for anything between half an hour to a full hour, he receives email only from bona fide senders. In an eight-hour working day, that equates to a productivity saving of up to 12.5%, which is reflected across TASS’s staff of 25.</p>
<p>After B &amp; C Mailing’s IT Manager David Bowers decided it was time to look for alternatives, and selected TotalBlock, the company’s management and staff received no unwanted emails, and had no legitimate emails blocked. “Fantastic result,” said David.</p>
<p>Challenge-response solutions work by blocking ALL machine-generated unwanted email, using a challenge-response technique rather than commonly used filtering. They build a list of acceptable incoming email senders, using a customer’s address book as well as replying automatically to any emailers who are not on the allowed list, and no further emails are challenged. The reply contains a simple action that, when followed, adds the sender to the allowed list. The action can be as simple as replying to the challenge. Since this authorisation process requires human intervention, it bypasses drone machines that spew out huge volumes of spam.</p>
<p>The Australian-developed TotalBlock anti-spam solution also guards against network overloads caused by storming, harvesting and denial-of-service (DoS) attacks. And by eliminating a high percentage of spam, challenge-response also reduces dramatically the email-borne viruses, trojans, worms, spyware and other malware that plague today’s computer users.</p>
<p>Challenge-response also catches the increasing volumes of spam emails that include images to fool spam filters. Data security vendors estimate that 25 per cent of all spam now includes images. While filters are good at analysing plain text to spot spam, they struggle if the text is represented as an image.</p>
<p>In another ploy to fool spam filters, spammers are also creating more variants of their messages. They have found that tweaking the text slightly can help to fool the filters and get their messages through. Challenge-response blocks these variants too.</p>
<p>The user of botnets to send mass-mailings of spam can also be curbed by challenge-response. Botnets are large networks of PCs that spammers hijack to send out mass-mailings, unknown to the PCs’ users. According to industry sources, attackers are getting better at recruiting PCs to botnets and stopping their owners finding out that their machine has been compromised.</p>
<p>The most popular way of hijacking a PC to a botnet is by getting its owner to click on the booby-trapped attachment in an e-mail. In a bid to catch more people out, virus writers are turning out more variants of their creations. This has led to an explosion in the number of viruses and variants in circulation.</p>
<p>However, users of challenge-response spam-blocking solutions are not affected, as the infected emails never reach their in-boxes.</p>
<p>Gradually, too gradually, the world is catching on to the effectiveness of challenge-response. As more email users adopt this solution, we will see the rampant spam problem begin to diminish.</p>
<p>For more information:</p>
<p>Peter Stewart
TotalBlock Pty Ltd
+612-9437 9800
pstewart@totalblock.net</p>

Most Popular

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release