Prevention Is the Best Medicine: Creating an Anti-spam Strategy Page 3

By Carl Weinschenk (Send Email)
Posted Jan 9, 2003

Another filtering methodology is the checksum approach. The checksum approach focuses on the ASCII values of the characters that comprise a message. Totaling the specific combination of characters in a message is virtually guaranteed to create a unique number. So if two messages have the same total ASCII value -- i.e., the same checksum -- they are almost certain to be identical and, thus, are likely to be spam.

The downside to this approach is that spammers can program subtle changes, for example the insertion of a random character string in each message, that render the checksums different.

While it is unclear which approach will dominate, it is clear that none will be effective if not backed by large human or automated networks. Brightmail's Probe Network is one example. Another example is Cloudmark-owned SpamNet (formerly Razor), which is a peer-to-peer network of more than 250,000 participants who identify, collect, and deliver spam to a central location for analysis, says Tricia Fahey, the company's vice president of communications. The analysis includes thousands of characteristics focused on headers, message lines, and message bodies.

Yet another mass approach is one advocated by Vircom that links almost 60 ISPs writing sieve rules used by them with between 200 and 300 other ISPs representing as many as 35 million e-mail boxes, marketing product manager Daniel Roy said.

Before we conclude, we must note that there seems to be a fundamental difference between spammers and "crackers" -- those who write and circulate viruses, Trojans, and other debilitating software. A cracker's primary objective is the act of disrupting electronic communications, with no obvious financial motive, whereas a spammer (from his or her point of view) is an entrepreneur taking advantage of an unbelievably inexpensive and huge distribution network. As IT managers, the key is to make their return on investment unacceptable.

Unfortunately, that's something not likely to happen soon. "Spam is an ongoing war," says Sendmail spokesman Todd Blaschka. "The latest surge in spam and vendor response represents the latest battle."

Page 3 of 3

Thanks for your registration, follow us on our social networks to keep up-to-date