a whitelist. Anyone on your blacklist you will never receive e-mail from. If spammers had even the pretension of being a legitimate business this would be a great idea. When you got a spam email you could blacklist the sender and you would never get spam from them again. Unfortunately, spammers know you don't want their mail and have gone past the point of caring whether you want it or not. Their only goal is to get the message into your inbox. As such they long ago gave up sending from one static e-mail address. They will generate false e-mail addresses, use other addresses from their spam list and a hosLet me tell you how an invasion progresses. Usually one side is the aggressor. For a while they will have things their way as the defender realises they are under attack and works to rally their defenses. If all goes well for the defender they will stop the advance of the invasion through one form or another. The invader can then either retreat if there is no profit in pressing the attack, or if there is gain in prolonging the conflict, they can look for new tactics to defeat the defender. The defender must then counter these new tactics or be over-run, and the invader must then come up with another set of new tactics, perhaps something new, or perhaps a different spin on something that has worked in the past. The problem for the defender is in identifying the invasion, accessing why the new tactics work and then countering them before the damage is too great.

The fight against spam e-mailers has been described as a war, and the above analogy holds true for it. The gain has not been removed for the spammers, so the invasion will continue. We are the defenders, and with limited resources we must counter the ever changing tactics of spammers.

One weapon at our disposal is whitelisting our friends. The whitelist concept is simple. If you want email from someone you add their name to your list of trusted sources. If their email is not on that list, you don't receive mail from them. With a well formed whitelist you can turn every other form of spam protection off. Only mail sent from your trusted friends will ever get through. Nearly. Unfortunately it is easy to fake the sender address in an e-mail, and spammers do it as a matter of course. If they have your friends email on their list it is possible you will get faked e-mails from them, but it's not very likely, and as the spammer constantly rotates their addresses it won't happen very often. More of a problem is the very nature of the whitelist. You have to put in every possible address of anyone you want e-mail from. Now if you just want email to stay intouch with a few family members this will work fine, but for a broader use it is quite frustrating and will result in the highest rate of false positives possible. Then there is the possibility of one of your contacts changing e-mail address and sending you a mail from their new address, telling you their new address. With a whitelist only defense you never see that e-mail.

You can also blacklist, which is basically the opposite of a whitelist. Anyone on your blacklist you will never receive e-mail from. If spammers had even the pretension of being a legitimate business this would be a great idea. When you got a spam email you could blacklist the sender and you would never get spam from them again. Unfortunately, spammers know you don't want their mail and have gone past the point of caring whether you want it or not. Their only goal is to get the message into your inbox. As such they long ago gave up sending from one static e-mail address. They will generate false e-mail addresses, use other addresses from their spam list and a host

ics, perhaps something new, or perhaps a different spin on something that has worked in the past. The problem for the defender is in identifying the invasion, accessing why the new tactics work and then countering them before the damage is too great.

The fight against spam e-mailers has been described as a war, and the above analogy holds true for it. The gain has not been removed for the spammers, so the invasion will continue. We are the defenders, and with limited resources we must counter the ever changing tactics of spammers.

One weapon at our disposal is whitelisting our friends. The whitelist concept is simple. If you want email from someone you add their name to your list of trusted sources. If their email is not on that list, you don't receive mail from them. With a well formed whitelist you can turn every other form of spam protection off. Only mail sent from your trusted friends will ever get through. Nearly. Unfortunately it is easy to fake the sender address in an e-mail, and spammers do it as a matter of course. If they have your friends email on their list it is possible you will get faked e-mails from them, but it's not very likely, and as the spammer constantly rotates their addresses it won't happen very often. More of a problem is the very nature of the whitelist. You have to put in every possible address of anyone you want e-mail from. Now if you just want email to stay intouch with a few family members this will work fine, but for a broader use it is quite frustrating and will result in the highest rate of false positives possible. Then there is the possibility of one of your contacts changing e-mail address and sending you a mail from their new address, telling you their new address. With a whitelist only defense you never see that e-mail.

You can also blacklist, which is basically the opposite of a whitelist. Anyone on your blacklist you will never receive e-mail from. If spammers had even the pretension of being a legitimate business this would be a great idea. When you got a spam email you could blacklist the sender and you would never get spam from them again. Unfortunately, spammers know you don't want their mail and have gone past the point of caring whether you want it or not. Their only goal is to get the message into your inbox. As such they long ago gave up sending from one static e-mail address. They will generate false e-mail addresses, use other addresses from their spam list and a hos

pt is simple. If you want email from someone you add their name to your list of trusted sources. If their email is not on that list, you don't receive mail from them. With a well formed whitelist you can turn every other form of spam protection off. Only mail sent from your trusted friends will ever get through. Nearly. Unfortunately it is easy to fake the sender address in an e-mail, and spammers do it as a matter of course. If they have your friends email on their list it is possible you will get faked e-mails from them, but it's not very likely, and as the spammer constantly rotates their addresses it won't happen very often. More of a problem is the very nature of the whitelist. You have to put in every possible address of anyone you want e-mail from. Now if you just want email to stay intouch with a few family members this will work fine, but for a broader use it is quite frustrating and will result in the highest rate of false positives possible. Then there is the possibility of one of your contacts changing e-mail address and sending you a mail from their new address, telling you their new address. With a whitelist only defense you never see that e-mail.

You can also blacklist, which is basically the opposite of a whitelist. Anyone on your blacklist you will never receive e-mail from. If spammers had even the pretension of being a legitimate business this would be a great idea. When you got a spam email you could blacklist the sender and you would never get spam from them again. Unfortunately, spammers know you don't want their mail and have gone past the point of caring whether you want it or not. Their only goal is to get the message into your inbox. As such they long ago gave up sending from one static e-mail address. They will generate false e-mail addresses, use other addresses from their spam list and a hos

pen very often. More of a problem is the very nature of the whitelist. You have to put in every possible address of anyone you want e-mail from. Now if you just want email to stay intouch with a few family members this will work fine, but for a broader use it is quite frustrating and will result in the highest rate of false positives possible. Then there is the possibility of one of your contacts changing e-mail address and sending you a mail from their new address, telling you their new address. With a whitelist only defense you never see that e-mail.

You can also blacklist, which is basically the opposite of a whitelist. Anyone on your blacklist you will never receive e-mail from. If spammers had even the pretension of being a legitimate business this would be a great idea. When you got a spam email you could blacklist the sender and you would never get spam from them again. Unfortunately, spammers know you don't want their mail and have gone past the point of caring whether you want it or not. Their only goal is to get the message into your inbox. As such they long ago gave up sending from one static e-mail address. They will generate false e-mail addresses, use other addresses from their spam list and a hos

a whitelist. Anyone on your blacklist you will never receive e-mail from. If spammers had even the pretension of being a legitimate business this would be a great idea. When you got a spam email you could blacklist the sender and you would never get spam from them again. Unfortunately, spammers know you don't want their mail and have gone past the point of caring whether you want it or not. Their only goal is to get the message into your inbox. As such they long ago gave up sending from one static e-mail address. They will generate false e-mail addresses, use other addresses from their spam list and a host of tricks to hide the real sender. If you get repeated e-mails from one address, blacklisting is a good possibility. If you are dealing with a determined spammer, then it is hardly even going to slow them down.

You can filter against certain words that regularly appear in e-mails from spammers, but this has the unfortunate side effect of causing an awful lot of 'false positives'. Because it is possible, however unlikely, that an email from a legitimate source contains this word, it results in messages you wanted to receive ending up in the junk mail folder.

The decendent of the simple filter is the Bayesian filter, which is probably the most effective single tool we have to fight spam today. The Bayesian filter assigns 'spam scores' to words based on how often they appear in e-mails we send to the spam folder. This personalises our spam filters to what 'we' consider spam. For instance someone that receives a lot of internet marketing emails would normally be blocked much of the time on the principal of the simple filter, whereas the Bayesian filter will give a lower score to the words that appear in marketing emails, allowing them through. The longer you 'train' a Bayesian filter, the more efficient it becomes in recognizing what is spam and what isn't. Unfortunately spammers realize the power of the Bayesian filter and have made moves to disable it. The process of "Bayesian poisoning" involves sending out blocks of legitimate text or nonsense emails containing low 'spam score' words. The average user, recognising these as rubbish marks them as spam, and the Bayesian filter increases the 'spam score' of the words included as a result. The spammer hopes that by doing this the bayesian filter will start providing false positives due to the high 'spam score' of the innocent words, and either abandon their Bayesian filter, or lower it's sensitivity, thus allowed the spammers next round of sales spam through.

This gives you an idea of the changing tactics in the ongoing struggle against spam. Spammers are prepared to go to extraordinary lengths to get their spam into your inbox. It is an invasion. They are sending in attacks pretending to be allies, they are sending in attacks that they try not to make look like attacks, they are sending in attacks to soften up your defense for future attacks. How can we defend against this? Must we second guess the spammer at every turn? Is it ever possible to win this game?

Despite all I have sa