What is SPAM - Spam is the colloquial term for unsolicited bulk email. It is named in homage to a Monty Python sketch in which a cafĂ© menu contains only SPAM. In this sketch, a group of Vikings sang a chorus of “spam, spam, spam . . . ” in an increasing crescendo, drowning out other conversation. Hence, the analogy applied because unsolicited bulk email was drowning out normal discourse on the Internet.
Address Harvester: A program that searches web pages and filters newsgroup postings looking for valid email addresses to be used for spam purposes. (See also harvesting.)
Bayesian Filtering: A statistical approach to determining whether an email is spam, based on probability inference techniques pioneered by English mathematician Thomas Bayes.
DNS Black List (dnsBL): Same as RBL (see below).
Blacklist: A feature of anti-spam software that allows users to designate IP addresses, domain names, and individual email addresses from which no mail will be accepted. This is sometimes called a “Static Black List” because the user defines the list.
Complex Dictionary Checking: A feature of anti-spam software that screens text for rude words and isn’t fooled by various spam tricks, such as the replacement of letters with look-alike numerals or characters (such as 1nterestr@te).
CSS Spam: Exploits Cascading Style Sheets (CSS), which are used to control the display of web pages, in order to conceal messages in spam. Spammers can also use CSS to recycle old HTML-based tricks that fool spam filters who don’t understand CSS.
Denial of Service (DoS) Attack: Where a hacker sends attachments or other unusual or excessive traffic in an attempt to bring down email systems.
Dictionary Attack: A program that bombards a mail server with millions of alphabetically generated email addresses in the hope that some addresses will be guessed correctly. This technique is also used to crack passwords.
Directory Harvest Attack (DHA): When a spammer bombards a domain with thousands of generated email addresses in an attempt to collect valid email addresses from an organization. (See also harvesting.) In order for this to be a harvest, there must be a way to trick the system into telling the spammer which email addresses are valid and which are not. This exploits flaws in the mail systems to tell the spammer this information.
False Negative: When anti-spam software fails to identify a spam message as spam.
False Positive: When anti-spam software wrongly identifies a legitimate message as spam.
Greylist: Senders who are not blacklisted (excluded) or whitelisted (accepted) can be placed on a greylist. Some anti-spam software can send greylisted addresses an automated response, challenging the sender to confirm their legitimacy. …or items that are greylisted might be dealt with more cautiously.
Ham: All email that a recipient does not consider to be spam. (See also spam.)
Harvesting: The process of scanning the internet to identify email addresses in order to create lists for spamming.
Honeypot: A computer system on the internet set up to attract and trap spammers and hackers. Sometimes this is a mailserver set up to appear to be an open relay. We use honeypots in the form of email addresses that don’t belong to real people, and then spammers are encouraged to spam these boxes.
Joe Job: Circa 1996, a Joe Job is spam run forged to appear as though it came from an innocent party, who is then generally flooded by the bounces; or, the act of performing such a run. Modern Joe Jobs involve forged email headers and other nasty tricks to make it really convincing. And with the advent of dnsBLs like SPEWS (The Spam Prevention Early Warning System) and peoples’ personal lists, a successful Joe Job can really hurt the victim.
Listwashing: The process of removing email addresses from a mailing list at the request of the recipient.
Stay tuned for part 2.
If you have any IT questions you can contact me at.
LPhelps@Solbrekk.com
Take care,
Larry
