Protecting Against Spam

 < Day Day Up > 

If you have ever had an email account, odds are you have also been a victim of at least one spam message. If you have only had a few spam messages, you are one of the lucky ones. Unfortunately, having an email account somewhere is going to put you at risk of receiving unsolicited and often pornographic email messages.

NOTE

It has been estimated by many organizations that billions upon billions of spam messages will be sent in less than a year's time. In fact, some estimates predict that out of all of the Internet email messages, roughly 70% will be spam. Whatever the numbers turn out to be, it is definitely too high.


Spam does not just affect your patience and productivity. It affects companies, Internet service providers, and anyone else who is hosting messaging services. The battle against spam is just beginning, and legal battles are well underway against both known spammers and companies that host the messaging services. In some cases, employees are suing employers on grounds that the employer is not implementing strong enough measures to keep spam from entering someone's mailbox. In any scenario, spam and its effects cost the computer industry billions of dollars, which ultimately affects everyone relying on messaging.

Spam and Antispam Tools

Spam is not new to the Internet community. It has been around for many years and probably for many more to come. It has become more prevalent over the last several years because of the increasing number of people using the Internetmany of whom are using it for the first time. With more people and larger target audiences for spammers, spam has proven to be a corrupt but effective way of making profits.

NOTE

Spammers are becoming increasingly more creative and cunning. For instance, spammers frequently change email addresses, domain names , content, and more to get past a company's protective measures and into someone's mailbox. Some message content (for example, a word or phrase) that is not legitimate in one message may be legitimate in another.


Microsoft has provided at least some basic form of antispam technologies in Exchange since version 5.5 and Outlook 98. For example, junk mail filters were provided to help identify messages that had either offensive material or other keywords indicating the message was spam. This form of spam prevention placed most, if not all, of the responsibility on the end- user to block unwanted email messages.

Other methods of antispam technology relied on reverse DNS lookups and IP blocking features that helped verify who the sender was and determine whether the spam was coming from a legitimate source. These techniques are still employed with Exchange Server 2003, but they are also complemented by a host of other techniques to provide the most comprehensive coverage against spam as possible.

Protecting Against Web Beaconing

A common and very popular format for email messages is HTML. This is primarily because of the rich content that can be presented, including graphics, images, font formatting, and more. A less-known fact, however, is that HTML-based messages can also present security problems and annoyances because of the various code and hidden images that the message can contain.

Web beaconing is a term used to describe the method of retrieving valid email addresses and information on whether a recipient has opened a message. Advertisers, spammers, and the like thrive on Web beaconing to help them become more profitable and improve audience targeting. For instance, when an unsuspecting user opens an email message that contains a Web beacon , the user's email address and possibly other information is sent to the solicitor. The user is oblivious that personal information has been given.

Outlook 2003 can be used to block Web beacons and consequently prevent the user's email address from ending up in the wrong hands. By default, if Outlook 2003 suspects that the content of a message could be used as a Web beacon, it presents a pop-up window warning users that to help protect their privacy, links to images, multimedia, or other external content have been blocked. The text content of the email message is viewable by the user, and the user is then presented with an option to unblock the content. This enables the user to make a conscious decision of whether to display all the contents of the message.

Although the default setting is recommended because it is an excellent way to protect end-users from a barrage of unwanted emails and it helps minimize unsolicited emails, it is possible to disable this option. To change the default settings, do the following:

  1. In Outlook 2003, select Options from the Tools menu.

  2. Click on the Security tab and then click Change Automatic Download Settings.

  3. In the Automatic Picture Download Settings window, choose whether to download pictures or other content automatically. Outlook 2003 can also be customized to automatically download content from safe lists or from Web sites listed in the trusted IE security zones, as illustrated in Figure 11.7.

    Figure 11.7. Configuring Automatic Picture Download Settings.

    graphics/11fig07.gif

Filtering Junk Mail

As mentioned earlier, junk mail filtering has been available in earlier versions of Exchange and Outlook. This feature has been improved from earlier versions and minimizes the responsibility of end-users to configure junk mail filtering options. In fact, junk mail filtering is primarily controlled by Exchange Server 2003 administrators, but options can be set by the users. Most junk mail or spam is filtered before it reaches the user's mailbox.

TIP

Despite the fact that Exchange Server 2003 and Outlook 2003 have sound, practical spam fighting techniques and features built in, organizations should evaluate third-party antispam tools. Third-party tools provide advanced features and customizations that offer stronger protection against spam.


Outlook 2003 presents four levels of junk mail protection:

  • No Protection The only filtering that occurs is when email originates from the manually configured blocked senders list. This is fairly ineffective , considering that spammers change source email addresses constantly.

  • Low Safe and block lists are consulted with this level of protection, but Outlook 2003 also searches for key words and phrases in the message's subject and body.

  • High This uses the features of the low setting plus it is more aggressive with filtering. Users should not permanently delete suspected spam and should check the junk email folder more frequently to find possible false positives.

  • Safe Lists Only This setting is the most restrictive because it allows only messages from preapproved senders to be delivered to the inbox. Although this is a good option to have, it probably will not be one that is chosen very often. You might get a legitimate message from someone you do not know, or in many cases there might be a spam message from a trusted domain.

TIP

With any filtering level that you use, send mail to the Junk E-mail folder, at least initially, rather than deleting it. Use the high level to ensure that most, if not all, spam is filtered. Most of the false positives are likely to come from mailing lists and newsletters. If this is the case, it is easier to use this setting and unblock those mailing lists that are legitimate. Testing has shown that the high level setting cuts as much as 90% of spam out of a user's mailbox.


As illustrated in Figure 11.8, Outlook 2003 by default is set to Low to keep only the most obvious spam out. Any filtered messages are placed in the Junk E-mail folder unless the delete all junk email option is checked.

Figure 11.8. Outlook 2003 Junk E-mail filtering options.

graphics/11fig08.gif

Filtering with Safe and Block Lists

Outlook 2003 enables users to create and manage their own safe and block lists. A safe list is a list of email addresses or domains that are trustworthy; a block list contains those email addresses or domains that are always considered spam or junk mail.

There are actually two safe lists that Outlook 2003 users can create and manage: Safe Senders and Safe Recipients. The Safe Senders list is intended to store email addresses or domains of individual users, and the Safe Recipients list covers members of email lists or groups. An example of when the latter should be used is when you are a member of a discussion group where many members pass emails back and forth through the mailing list.

As the name implies, block lists can contain known spamming email addresses or domains. Depending on how your organization is taking a stance on spam, there might be only a few entries in this list.

Outlook 2003 also gives users the ability to import whitelists and blacklists , which are similar to safe lists and block lists, respectively. These lists may be quite large though and have been known to cause performance problems, because each message had to be checked and verified against the potentially large list that was imported.

NOTE

Outlook 2003 trusts the user's contacts by default. This keeps messages from those contacts away from the Junk E-mail folder.


Blocking Read Receipts

Most email applications, such as Outlook, enable users to request read receipts for the messages that they send. Read receipts tell the sender that the intended recipient has at least opened the email.

Outlook 2003 prompts a user by default on whether the user wants to send a read receipt if a message requests one. To ensure that users do not accidentally send read receipts, it is recommended to turn off sending read receipts and consequently turn off the prompting. To do so, use the following steps:

  1. In Outlook 2003, select Options from the Tools menu.

  2. Click the E-mail Options button to display the E-mail Options window.

  3. Click the Tracking Options button to display the Tracking Options window and then select Never send a response.

  4. Click OK three times to close all the options windows .

Information Rights Management in Office 2003

Information Rights Management (IRM) also known as Rights Management (RM) is an unprecedented new feature that enables users to create and control information. More specifically , it gives the creator of the specific information control over the following:

  • What can be done with the information

  • Who can perform actions or tasks with the information (for example, who can forward a specific message, print a document, or copy a file)

  • The lifetime of the information (that is, the message expiration on a specific date)

IRM granularizes security for Microsoft Office 2003 Professional applications such as Word, Excel, PowerPoint, Outlook, and any other IRM-aware application. IRM is intended to complement other security technologies, such as S/MIME and PGP. It secures the contents of information (for example, documents and messages), but it does not provide authentication to the information. In addition, it is important to keep the appropriate access controls on the information as an added layer of security.

There is an IRM server component that resides on Windows Server 2003, and support is built into Office 2003 Professional. When implemented, Outlook 2003 users can use a toolbar icon to manage and secure their outgoing messages. For instance, user1 can send a message intended only for user2. Depending on the IRM settings for that message, user2 might be able to only read the message and not be able to forward it, copy it, or print it. This keeps the message's contents from falling into the wrong hands and is particularly useful for sensitive or confidential information.

 < Day Day Up > 


Microsoft Exchange Server 2003 Unleashed
Microsoft Exchange Server 2003 Unleashed (2nd Edition)
ISBN: 0672328070
EAN: 2147483647
Year: 2003
Pages: 393
Authors: Rand Morimoto

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net