Free antivirus and antispam

Kaspersky Antivirus and Internet Security 2010

2009-07-06T18:43:00.000-07:00

The new updated suites carry a lot of updates and new features to keep you safe from the bad guys. Kaspersky’s software has a very good reputation of spotting and killing viruses. So you need not worry, the cops are with you.

The new version 2010 products incorporate the advantages of advanced Host-based Intrusion Prevention System (HIPS) technology in the Application Control module that assigns a security rating to previously unknown malware; unique Sandbox technology embodying virtualization technologies and providing a dedicated secure runtime environment; and the innovative Kaspersky Security Network that uses information from millions of users to dramatically reduce response times to new threats and replenish reputation databases with the most up-to-date information about clean and infected files.

Download :

Part 1

Part 2

zonealarm antispyware 6

2009-06-11T20:08:00.000-07:00

The good: ZoneAlarm Anti-Spyware 6 finds and deletes most spyware, offers an easy and intuitive interface, and performs very fast system scans.

The bad: Expensive; doesn't find as much spyware as some popular free programs; requires a lot of user intervention; offers poor support options.

The bottom line: ZoneAlarm Anti-Spyware 6 catches most spyware and provides a deep level of protection but requires more user intervention than its competitors.

Specifications: License type: Complete package ; Min processor type: 450 MHz Intel Pentium III ; Min processor type: 450 MHz Intel Pentium III See full specs

Download

Avast Antivirus & Antispyware 2008

2009-06-11T20:04:00.000-07:00

 avast! antivirus Antispyware 2008 represents the best FREE antivirus protection currently available on the market. This edition is FREE OF CHARGE for non-commercial & home use only. Both of these conditions should be met! If you are not a home user or if you use your computer for business purposes, we offer a wide range of more suitable products providing higher data security, starting with avast! Professional Edition.  

ALWIL Software offers a special discount program for all avast! antivirus products for non-profit, charity, educational, health and government institutions. Please apply for any special discounts using this form.

Download

Intelinet Internet Security Suite v3

2009-06-11T19:47:00.000-07:00

Intelinet is global internet security leader. Winner of multiple awards from security experts throughout the world! Used by more than 9 million people worldwide, Intelinet is the most comprehensive destination for those looking for complete protection of their PC. All-in-one security solution, Intelinet Internet Security will prevent and remove Adware, Spyware, fix PC errors, Optimize computer and make your system run faster and error free.

Intelinet continues to stay on top with it's powerful smart internet security for personal and corporate usage. Most effective and most proactive antispyware software solution to eliminate, adware, spyware, trojans, worms, rootkits and other malware before they attack your system. Nobody does proactive protection better than Intelinet!

If you use Intelinet Internet Security you get PC Security, Anti-Virus, Anti-Spyware, Maintenance & Privacy in one box. Download Intelinet Internet Security now to make your PC safe and run fast.
Download

Spyware Terminator 2.3

2009-06-11T19:37:00.000-07:00

Bring your computer protection to the next level! Get a unique combination of real-time antispyware protection and alerts that help prevent you from entering potentially dangerous websites

Efective Spyware Protection
Spyware Terminator prevents spyware from infecting your computer.
Free 100% Real-Time Protection
Guards your system and ensures spyware is intercepted before it installs.
Antivirus Protection Included
Extended detection of malware during scans and within the Real-Time Shield.
Safe Internet Browsing and Search
Web Security Guard is one of many useful Crawler Toolbar’s features that displays website reviews and threat level to help prevent users from entering potentially dangerous websites.

Download

Cobra Security 2010

2009-06-11T19:30:00.001-07:00

GSA Security Includes Anti-Virus, Anti-Spyware, Internet Protection, Firewall, Anti-Spam, Anti-Malware & System Protection.

Also GSA Security Includes 14 stand-alone virus scanners, 2 Rootkit Scanners, PC TuneUp, File Recovery, Boot Scan, Strong Encryption, PC Diagnostic, Online Backup, Web Browsers & Online Virus Scanners.

With GSA Security you can detect & remove: Mass mailing worms, E-mail viruses, Peer-to-peer viruses, Internet worms, File viruses, Trojans, Stealth viruses, Polymorphic viruses, Bodiless viruses, Macro viruses, MS Office viruses, Script viruses, Spyware, Spybots, Password stealers, Keyloggers, Paid Dialers, Adware, Riskware, Hacktools, Backdoors, Joke programs, Malicious scripts & Other malware.

GSA Security Anti-Virus component can scan your entire computer in 2 minutes.

Download

Kaspersky Antivirus 2009

2009-06-01T15:33:00.000-07:00

Kaspersky AV provides all types of anti-virus protection:anti-virus scanners, monitors, behavior blockers and integrity checkers
The Kaspersky Anti-Virus 2009 application was designed to be the backbone of your PC’s security system, offering protection from a range of IT threats.

Kaspersky Anti-Virus 2009 provides the basic tools needed to protect your PC.

Requirements:

· Intel Pentium 800 MHz 32 bit (x86) / 64 bit (x64) or higher (or equivalent)
· 512 MB available RAM
· 50 MB free space on the hard drive
· CD-ROM (for installation of the program from CD)
· computer mouse
· Internet connection (for product activation)
· Internet Explorer 5.5 or higher (for downloading updates)

· Windows Installer 2.0

download

McAfee VirusScan Plus 2008

2009-05-26T21:26:00.000-07:00

McAfee VirusScan Plus 2008
McAfee VirusScan Plus powerful integrated technologies work together to combat and defeat even the most sophisticated multi-pronged attacks. McAfee's trusted PC protection blocks and removes threats automatically, and identifies spyware and adware before they can run on your PC.. Plus, to keep things extra simple, the new McAfee SecurityCenter gives you at-a-glance control over all your McAfee applications. Get the confidence you need to surf the Web, knowing McAfee is always on, always updating and always protecting you. Essential PC Protection # Offers 3 in 1 PC Protection from viruses, hackers and spyware so you can surf the Web safely. # Prevents multi-pronged attacks by integrating anti-virus, firewall, and anti-spyware technologies. # Simplifies security with the new and improved McAfee SecurityCenter. # Warns you about sites which send spam, install adware, or attempt online scams. # Shields your PC around the clock: always on, always updating, always protecting. With the wide variety of viruses, hackers and blended threats lurking on the Internet today, you need more than a simple anti-virus program to keep your PC and files secure. McAfee VirusScan Plus AntiVirus, Firewall & AntiSpyware provides the essential protection you need to surf the Web and download files safely.

Download

Avg Anti virus v8

2009-05-26T21:22:00.000-07:00

AVG Anti-Virus Free Edition - trusted by 70 millions of users

Basic antivirus and antispyware protection for Windows available to download for free. Limited features, no support, for private and non-commercial use only.
The most downloaded software on CNET's Download.com
Quality proven by 70 millions of users
Easy to download, install and use
Protection against viruses and spyware

Compatible with Windows Vista and Windows XP

Download

Spyware Doctor 6

2009-05-26T21:19:00.001-07:00

Spyware Doctor has been downloaded over 125 million times with millions more downloads every week. People worldwide use and trust Spyware Doctor to protect their PCs from spyware, adware and other online threats.
Spyware Doctor has consistently been awarded Editors' Choice, by leading PC magazines and testing laboratories around the world, including United States, United Kingdom, Sweden, Germany and Australia. In addition, after leading the market in 2005, Spyware Doctor was awarded the prestigious Best of the Year at the end of 2005 and again in 2006.
Spyware Doctor continues to be awarded the highest honors by many of the world's leading PC publications such as PC World, PC Magazine, PC Pro, PC Plus, PC Authority, PC Utilities, PC Advisor, PC Choice, Microdatorn, Computer Bild and PC Answers Magazine.
Note: If you are choosing Anti-Spyware make sure you choose one that is proven and has genuine awards from one or more world leading research labs such a PC Magazine, PC World, CNET, PC Pro Magazine, PC Authority, PC Answers and other trusted labs. More importantly do not use ratings from unknown review websites, as often these are designed to mislead you into purchase of affiliated, inferior or rogue product.

Detects, removes and blocks all types of Spyware.

Did you know that numerous programs tested against Spyware Doctor detected only small fraction of Spyware and completely removed an even smaller amount? Also most of them were unable to effectively block Spyware in real time from being installed on users PC in the first place.
Spyware Doctor has the most advanced update feature that continually improves its Spyware fighting capabilities on daily basis. As Spyware gets more complex to avoid detection by AntiSpyware programs Spyware Doctor responds with new technology to stay one step ahead.

Download

BitDefender AntiVirus 2009

2009-05-26T21:14:00.000-07:00

BitDefender AntiVirus 2009 - Superior Proactive Protection from Viruses, Spyware, and other e-Threats…that won’t slow you down!
BitDefender provides security solutions to satisfy the protection requirements of today's computing environment, delivering effective threat management to home and corporate users. BitDefender Antivirus is a powerful antivirus and antispyware tool with features that best meet your security needs. Ease of use and automatic updates make BitDefender Antivirus an ‘install and forget’ product.

BitDefende[/Center]r®, a global provider of award-winning antivirus software and data security solutions, has launched BitDefender 2009 its new line of security solutions providing state-of-the-art proactive protection from today’s most damaging viruses, spyware, hackers, spam, phishing attacks, and other common Internet security threats.

BitDefender Antivirus 2009 provides advanced proactive protection against viruses, spyware, phishing attacks and identity theft, without slowing down your PC.

Confidently download, share and open files from friends, family, co-workers – and even total strangers!

Improved: Scans all web, e-mail and instant messaging traffic for viruses and spyware, in real-time
Proactively protects against new virus outbreaks using advanced heuristics

Download

Windows Live One Care

2009-05-26T21:10:00.000-07:00

Members! OneCare helps keep your PC safe and secure while making your life easier. From virus scanning and file backups, to automatic printer sharing of all the PCs in your household, OneCare helps manage all of this. Delivered to you in a smooth, hassle-free package.
Windows Live OneCare has received the following industry certifications.
Quote:
Windows Live OneCare earns ICSA Labs Antivirus certification

Microsoft is pleased to announce that Windows Live OneCare has received ICSA Antivirus Certification.

For over a decade, ISCA Labs, an independent division of Cybertrust, Inc., has been the security industry's central authority for research, intelligence, and certification testing of products. ICSA Labs sets standards for information security products and certifies over 95% of the installed base of antivirus, firewall, IPSec VPN, cryptography, SSL VPN, network IPS, and antispyware products commonly deployed in the world today.

It contains antivirus, antispyware, online ID protection, firewall, backup and restore, multi pc management, and lots more. Most importantly, its a microsoft product, which means you can trust it and must have it. It has a beautiful interface too.

Download

Portable AVG AntiSpyware Plus

2009-05-26T21:06:00.000-07:00

Anti-Virus programs offer insufficient protection against urgently growing threats like Trojans, Worms, Dialers, Hijackers, Spyware and Keyloggers. That's where the protection of ewido anti-spyware begins and supplements existing security applications to create a complete security system - because only a complete security system works effectively.

* NEW Completely renewed user interface
* NEW Possibility to create exceptions
* NEW Shredder for secure file deletion
* NEW XP Antispy
* NEW BHO Viewer
* NEW LSP Viewer
* Heuristics to detect unknown threats
* Scanning and cleaning of the Windows registry
* Support for NTFS-ADS scanning
* Daily database updates
* Patch proof by using strong signatures
* Analysis tools (startup, connections and processes)
* Intelligent online-update
* Scan inside archives
* Secure detection and deletion of DLL-Trojans
* Generic crypter detection through emulation
* Generic binder detection
* Free E-Mail Support
* Automatic Clean Engine
* Quarantine for suspicious files
* Multilingual User Interface
Additional features of the Plus-Version
* NEW Scheduled scans
* Real-time monitoring of the entire system
* Memory Scan detects active threats
* Self-protection at kernel layer guarantees gapless monitoring
* Automatic online-update

Download

Symantec Antivirus Corp

2009-05-08T21:36:00.000-07:00

Advanced behavior blocking prevents client systems from being used for malicious outbound activities, such as sending worms via email. LiveUpdate technology provides a s ingle update to protect the enterprise from viruses, malware, and spyware. Client compliancy technology allows the administrator to ensure that mobile and remote systems connecting to corporate resources via VPN are compliant with security policies.

Features:

» Advanced, enterprise-wide virus protection and monitoring from a single management console
» Integrated Web-based graphical reporting
» Support for Symantec AntiVirus Client on Microsoft Windows Vista and Windows Server 2008

Benefits:

» Effective protection from spyware and adware.
» Symantec tamper protection guards against unauthorized antivirus access and attacks, protecting users from viruses that attempt to disable security measures.

» Backed by Symantec Security Response, the world’s leading Internet security research and support organization

download

antivirus info komputer

2009-05-08T21:33:00.000-07:00

Various local virus attacks such as Brontok, Kangen, Cabir, Alman, and others can be destroyed using AVI. Currently, there is an approximately 300-virus signatures that can be recognized AVI. Well, what if the virus appears to the front of the new? do not worry because the future is the signature update can be done online or through the update through a regular DVD InfoKomputer provided if you use a PC that has no Internet connection.

download

SMADAV ANTIVIRUS Rev. 3

2009-05-08T21:27:00.000-07:00

Smadav main mission is to create locally extinct virus that is classified as a virus is weak and easy to be liquidated with the general nature of almost all the same. And also to import the virus, Smadav does not lose quality with imports to prevent anti-virus to your computer. Smadav 2009 at this time is to identify more than 2000 virus. 700 virus already in the database and most of the other known techniques heuristik through ingenuity and Smadav detect all programs that have a character similar to the virus.

download

Norton antivirus and internet security

2009-05-08T21:23:00.000-07:00

Before installing Norton 2009, make sure that you are disconnected from the internet. Reconnect to the internet when you are ready to update Norton 2009.

Installation Method 1 (Recommended):

1. Remove the Norton 2009 by installing it again and restart your system.
2. Use the Norton Removal Tool to remove all Norton products. (It stills leaves traces behind.)
3. Delete and [PURGE] your Recycle Bin of all the known Trial Reset by BOX prior to this version.
4. Install the Norton Internet Security or AntiVirus 2009 {v16.5.0.134}, update until there is no more update (restart if required), and run a Full System Scan to remove all traces of the Trial Reset. If Norton 2009 is still expired after you have removed and reinstalled it, then install the NTR2.6A (in Safe Mode [F8], as necessary).
5. If Norton finds a Trial Reset, then repeat Step 1 - 4 again to remove all the Trial Reset. If Norton 2009 finds any Trial Reset on your system, it will blacklist your computer later on. You will need to make sure that your system has no trace of any Trial Reset.
6. If your system is free of prior Trial Reset, then install the NTR2.6A and follow the instructions.
7. To remove NTR2.6A, just click the Uninstall.
8. After you use the NTR2.6A, delete the installer and encrypted the zip file again so Norton cannot scan it and blacklist your computer in the future.

Installation Method 2 (If you cannot use the Norton Removal Tool.):

1. Remove the Norton 2009 by installing it again and restart your system.
2. Delete and [PURGE] your Recycle Bin of all the known Trial Reset by BOX prior to this version.
3. Install the Norton Internet Security or AntiVirus 2009 {v16.5.0.134}, update until there is no more update (restart if required), and run a Full System Scan to remove all traces of the Trial Reset. If Norton 2009 is still expired after you have removed and reinstalled it, then install the NTR2.6A (in Safe Mode [F8], as necessary).
4. If Norton 2009 finds any Trial Reset on your system, it will blacklist your computer later on. You will need to make sure that your system has no trace of any Trial Reset. Repeat Step 1 - 3 again until your system is cleaned.
5. If not already, install the NTR2.6A and follow the instructions.
6. To remove the NTR2.6A, just click the Uninstall.

7. After you use the NTR2.6A, delete the installer and encrypted the zip file again so Norton cannot scan it and blacklist your computer in the future.

Download

Pcmav antivirus

2009-05-08T21:16:00.000-07:00

Computers infected with the virus Yuyun.vbs, if the date 1 value of the modulus and 3 months of the system is 1 (January, April, July, and October), then in each folder that it will be infected with the name of the file "Read AQ.rtf" and "My name is Yuyun.rtf". More details, please refer to your rubric virus that thoroughly discuss the virus Yuyun.vbs, in the magazine PC Media edition 06/2009 which was published.

In the edition, you can also get Linux for Windows, such as openSUSE, MandrivaOne, and Linux Mint. Suitable for you who want to enjoy fast in Linux with Windows, without the installation process. And many other free software which of course is very interesting.

At the time this latest release, PCMAV 2.0b and is able to recognize the 2720 virus with that many variannya reported wide spread in Indonesia, including 3 main variants of the virus and the virus Conficker local Yuyun.vbs that now many dikeluhkan. Engine main RTP also experienced improvement siginifikan to be more compatible with Windows XP / Vista. Repairs are also many other small done, for example, the "Scan with PCMAV" that does not appear in Windows Vista, has now improved.

Please also inform us that, the latest library ClamAV version 0.95 just released after the PC Magazine Media 06/2009 has finished printing. And due to structure changes occur ClamAV library, then PCMAV 2.0b was not adjusted for compatible with this version 0.95. Please be advised.
download please

501 Web Site Secrets

2009-04-13T20:11:00.001-07:00

501 Web Site Secrets: Unleash the Power of Google, Amazon etc.
* Shows Internet users how to get the most out of Internet searches, portals, and commerce sites
* Covers using Google to solve mathematical equations, making search engines safe for kids, harnessing the full power of Yahoo!, and getting the best bargains on shopping sites
* Explains how to search for street addresses and phone numbers, stock quotes and other financial information, MP3s and other digital music, computer programs and utilities, medical information, legal information, genealogical information, job listings, and more
* Reveals the secrets behind directory sites, indexing, and search result rankings

CONTENTS
Acknowledgments.
Introduction.

Part I: Secrets of the Internet Portals.
Chapter 1: Yahoo! Secrets.
Chapter 2: MSN Secrets.
Chapter 3: AOL.com Secrets.
Chapter 4: Excite Secrets.
Chapter 5: Lycos Secrets.

Part II: Secrets of the Internet Search Engines.
Chapter 6: Google Secrets.
Chapter 7: AllTheWeb Secrets.
Chapter 8: Ask Jeeves Secrets.
Chapter 9: AltaVista Secrets.
Chapter 10: HotBot Secrets.

Part III: Secrets of the Online News and Information Sites.
Chapter 11: CNN.com Secrets.
Chapter 12: ESPN.com Secrets.
Chapter 13: CBS MarketWatch Secrets.
Chapter 14: Weather.com Secrets.
Chapter 15: Microsoft.com Secrets.

Part IV: Secrets of Online Shopping and Services.
Chapter 16: eBay Secrets.
Chapter 17: Amazon.com Secrets.
Chapter 18: Napster 2.0 Secrets.
Chapter 19: Expedia Secrets.

Chapter 20: MapQuest Secrets.

Download

Security risks of pre-IMS AKA access security solutions

2009-04-13T20:11:00.000-07:00

IMS may be exposed to attack by different types of
attackers. First type are script kiddies, curious but
inexperienced crackers who lack the ability to write
sophisticated hacking programs on their own and who
have fun initiating simple attacks for published security
problems and their exploits. Unlike the script kiddies the
second type are well-educated attackers and their frauds
are driven towards financial goals. Third type also
possesses good knowledge and economical motivation but
their activities are not frauds but industrial espionage. IMS
operator employees are potentially dangerous attackers
since they have excellent knowledge of the system.
more.........

Cara Efektif sebar Malware

2009-04-05T20:12:00.000-07:00

Spam
Cara Efektif Sebar malware
E-mail secara luas telah digunakan oleh orang banyak, mengirim surat pakai pos biasa, paling cepat, pagi kirim, sore sampai. Lah kalau pakai E-mail tidak demikian. Pagi kirim pagi itu juga sampai. Sebetulnya, pakai pos biasa juga bias kalau surat dikirm pagi kirim, sampai juga pagi esok hari, tapinya.
Situasi banyak yang menggunakan e-mail dan demikian cepat waktu penyampaiannya, membuat orang “iseng” membuat sesuatu yang bisa mengisengi. Hoaks, iklan, malware, dan barang-barang yang bisa mengganggu lainnya dikirm dengan e-mail semacam itu. Spam, sebutannya.
Kenapa orang mengirim Spam? Logikannya begini, misalnya seseorang memiliki sebuah resep masakan yang hendak dijual sebesar Rp. 10.000. dari pada menawarkan resep itu ke orang satu per satu yang waktu dan tempatnya terbatas, dia mengirim resep itu ke 100 kawanya menggunakan e-mail. Dan di dalam email itu terdapat link ke halaman situs tempat mengunduh resep setelah dibayar.
Tak disangka 10 dari 100 orang itu membeli resep. Artinya uang 10 kali Rp. 10.000,00 yakni Rp. 100.000,-. Betapa senangnya dia. Modal yang kelaura myaris nol. Cuma bayar koneksi internet saja untuk mengirim e-mail.

Nah makannya banyak orang yang mengirim spam banyak-banyak yang berulang kali dengan harapan, siapa tahu dari ribuan email yang dikirm ada yang tertarik. Modal nyaris nol, pendapatan bias besar. Sungguh memenuhi huku ekonomi.

1. Cara Pertama

Menggunakan layanan webmail seperti hotmail untuk mengirim sekaligus menerima e-mail respons. karena biasanya kapasitas setia kali pengiriman e-mail lewat webmail dibatas, spammer memiliki beberapa akun dan agar tak repot-repot membuat akun e-mail yang jumlahnya bisa banyak tak terkira, spammer juga menciptakan bot untuk menciptakan aku-akun.

2. Cara Kedua

menggunakan komputer orang lain. soalnya kalau spammer mengirim e-mail dengan akun email nya sendiri apalagi kalu email yang berasal dari penyedia jasa internet (ISP), akunya bisa ditutup oleh penyedia jasa.

makanya agar email tetap bisa digunakan spammer menggunakan komputer orang lain untuk mengirim spam. dengan kata lain, spam dikirim menggunakan alamat email orang lain. pada sekitar tahun 1990, cara yang paling umum yang digunakan spammer untuk membuat orang lain mengirimkan spam untuknya adalah menggunakan open mail relay, yakni suatu server email yang dikirm kepadanya dari lokasi manapun, E-mail yang masuk bisa dikirm ke mana pula, tergantung si pengirim.

spammer bisa mengirim suatu batch ke open mail relay, dan membiarkan batch itu bekerja disana. sehingga ribuan email bisa terkirim.

Anti-spam techniques

2009-04-03T21:17:00.000-07:00

To prevent e-mail spam, both end users and administrators of e-mail systems use various anti-spam techniques. Some of these techniques have been embedded in products, services and software to ease the burden on users and administrators. No one technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate e-mail vs. not rejecting all spam, and the associated costs in time and effort.

Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by e-mail administrators, those that can be automated by e-mail senders and those employed by researchers and law enforcement officials.

[edit]
Detecting spam

People tend to be much less bothered by spam slipping through filters into their mail box (false negatives), than having desired e-mail ("ham") blocked (false positives). Trying to balance false negatives (missed spams) vs false positives (rejecting good e-mail) is critical for a successful anti-spam system. Some systems let individual users have some control over this balance by setting "spam score" limits, etc. Most techniques have both kinds of errors, to varying degrees. So, for example, anti-spam systems may use techniques that have a high false negative rate (miss a lot of spam), in order to reduce the number of false positives (rejecting good e-mail),

Detecting spam based on the content of the e-mail, either by detecting keywords such as "viagra" or by statistical means, is very popular. Such methods can be very accurate when they are correctly tuned to the types of legitimate email that an individual gets, but they can also make mistakes such as detecting the keyword "cialis" in the word "specialist"; see also Internet censorship#"By-catch". The content also doesn't determine whether the email was either unsolicited or bulk, the two key features of spam. So, if a friend sends you a joke that mentions "viagra", content filters can easily mark it as being spam even though it is neither unsolicited nor sent in bulk.

The most popular DNSBLs (DNS Blacklists) are lists of IP addresses of known spammers, open relays, zombie spammers etc.

Spamtraps are often email addresses that were never valid or have been invalid for a long time that are used to collect spam. An effective spamtrap is not announced and is only found by dictionary attacks or by pulling addresses off hidden webpages. For a spamtrap to remain effective the address must never be given to anyone. Some black lists, such as spamcop, use spamtraps to catch spammers and blacklist them.

Enforcing technical requirements of the Simple Mail Transfer Protocol (SMTP) can be used to block mail coming from systems that are not compliant with the RFC standards. A lot of spammers use poorly written software or are unable to comply with the standards because they do not have legitimate control of the computer sending spam (zombie computer). So by setting restrictions on the mail transfer agent (MTA) a mail administrator can reduce spam significantly, such as by enforcing the correct fall back of Mail eXchange (MX) records in the Domain Name System, or the correct handling of delays (Teergrube).

[edit]
End-user techniques

There are a number of techniques that individuals can use to restrict the availability of their e-mail addresses, reducing or preventing their attractiveness to spam.

[edit]
Address munging
Main article: Address munging

Posting anonymously, or with a fake name and address, is one way to avoid e-mail address harvesting, but users should ensure that the fake address is not valid. Users who want to receive legitimate email regarding their posts or Web sites can alter their addresses so humans can figure out but spammers cannot. For instance, joe@example.net might post as joeNOS@PAM.example.net.invalid. Address munging, however, can cause legitimate replies to be lost. If it's not the user's valid address, it has to be truly invalid, otherwise someone or some server will still get the spam for it.[1] Other ways use transparent address munging to avoid this by allowing users to see the actual address but obfuscate it from automated email harvesters with methods such as displaying all or part of the e-mail address on a web page as an image, a text logo shrunken to normal size using in-line CSS, or as jumbled text with the order of characters restored using CSS.

[edit]
Avoid responding to spam
See also: Boulder Pledge

Spammers often regard responses to their messages—even responses like "Don't spam me"—as confirmation that an email address is valid. Likewise, many spam messages contain Web links or addresses which the user is directed to follow to be removed from the spammer's mailing list. In several cases, spam-fighters have tested these links, confirming they do not lead to the recipient address's removal—if anything, they lead to more spam.[citation needed]

Sender addresses are often forged in spam messages, including using the recipient's own address as the forged sender address, so that responding to spam may result in failed deliveries or may reach innocent e-mail users whose addresses have been abused.

In Usenet, it is widely considered even more important to avoid responding to spam. Many ISPs have software that seek and destroy duplicate messages. Someone may see a spam and respond to it before it is cancelled by their server, which can have the effect of reposting the spam for them; since it is not a duplicate, the reposted copy will last longer.

[edit]
Contact forms

Contact forms allow users to send email by filling out forms in a web browser. The web server takes the form data, forwarding it to an email address. The user never sees the email address. Contact forms have the drawback that they require a website that supports server side scripts. They are also inconvenient to the message sender as they are not able to use their preferred e-mail client. Finally if the software used to run the contact forms is badly designed they can become spam tools in their own right. Additionally many spammers have taken to using contact forms to send spam to the intended recipient.

[edit]
Disable HTML in e-mail
Main article: HTML e-mail

Many modern mail programs incorporate Web browser functionality, such as the display of HTML, URLs, and images. This can easily expose the user to offensive images in spam. In addition, spam written in HTML can contain web bugs which allows spammers to see that the e-mail address is valid and that the message has not been caught in spam filters. JavaScript programs can be used to direct the user's Web browser to an advertised page, or to make the spam message difficult to close or delete. Spam messages have contained attacks upon security vulnerabilities in the HTML renderer, using these holes to install spyware. (Some computer viruses are borne by the same mechanisms.)

Mail clients which do not automatically download and display HTML, images or attachments, have fewer risks, as do clients who have been configured to not display these by default.

[edit]
Disposable e-mail addresses
Main article: Disposable e-mail address

Many email users sometimes need to give an address to a site without complete assurance that the site will not send out spam. One way to mitigate the risk is to provide a disposable email address—a temporary address which forwards email to a real account, which the user can disable or abandon. A number of services provide disposable address forwarding. Addresses can be manually disabled, can expire after a given time interval, or can expire after a certain number of messages have been forwarded. Sites that fail to treat such addresses appropriately have found themselves in legal jeopardy.[2]

[edit]
Ham passwords

Systems that use ham passwords ask unrecognised senders to include in their email a password that demonstrates that the email message is a "ham" (not spam) message. Typically the email address and ham password would be described on a web page, and the ham password would be included in the "subject" line of an email address. Ham passwords are often combined with filtering systems, to counter the risk that a filtering system will accidentally identify a ham message as a spam message.

The "plus addressing" technique appends a password to the "username" part of the email address.

[edit]
Reporting spam

Tracking down a spammer's ISP and reporting the offense can lead to the spammer's service being terminated. Unfortunately, it can be difficult to track down the spammer—and while there are some online tools to assist, they are not always accurate. Occasionally, spammers employ their own netblocks. In this case, the abuse contact for the netblock can be the spammer itself and can confirm your address.

Examples of these online tools are SpamCop and Network Abuse Clearinghouse. They provide automated or semi-automated means to report spam to ISPs. Some spam-fighters regard them as inaccurate compared to what an expert in the email system can do; however, most email users are not experts.

A useful free tool that may be used in the reporting of spam is also available (Complainterator). The Complainterator will send an automatically-generated complaint to the registrar of the spamming domain and the registrar of its name servers.

Historically, reporting spam in this way has not seriously abated spam, since the spammers simply move their operation to another URL, ISP or network of IP addresses.

Consumers may also forward "unwanted or deceptive spam" to an email address (spam@uce.gov) maintained by the FTC. The database collected is used to prosecute perpetrators of scam or deceptive advertising.

An alternative to contacting ISPs is to contact the registrar of a domain name that has used in spam e-mail. Registrars, as ICANN-accredited administrative organizations, are obliged to uphold certain rules and regulations, and have the resources necessary for dealing with abuse complaints.

[edit]
Responding to spam This article's tone or style may not be appropriate for Wikipedia. Specific concerns may be found on the talk page. See Wikipedia's guide to writing better articles for suggestions. (March 2009)

Some advocate responding aggressively to spam—in other words, "spamming the spammer".

The basic idea is to make spamming less attractive to the spammer, by increasing the spammer's overhead. There are several ways to reach a spammer, but besides the caveats mentioned above, it may lead to retaliations by the spammer.
Replying directly to the spammer's email address. [1] Just clicking "reply" will not work in the vast majority of cases, since most of the sender addresses are forged or made up. In some cases, however, spammers do provide valid addresses, as in the case of Nigerian scams. [2]
Targeting the computers used to send out spam. In 2005, IBM announced a service to bounce spam directly to the computers that send out spam. [3] Because the IP addresses are identified in the headers of every message, it would be possible to target those computers directly, sidestepping the problem of forged email addresses. In most cases, however, those computers do not belong to the real spammer, but to unsuspecting users with unsecured or outdated systems, hijacked through malware and controlled at distance by the spammer; these are known as zombie computers.
Leaving messages on the spamvertised site. Spammers selling their wares need a tangible point of contact so that customers can reach them. Sometimes it is a telephone number, but most often is a web site containing web forms through which customers can fill out orders or inquiries, or even "unsubscribe" requests. Since positive response to spam is probably much less than 1/10,000,[original research?] if just a tiny percentage of users visit spam sites just to leave negative messages, the negative messages could easily outnumber positive ones, incurring costs for spammers to sort them out, not mentioning the cost in bandwidth.

[edit]
Automated techniques for e-mail administrators

There are a number of appliances, services and software systems that e-mail administrators can use to reduce the load of spam on their systems and mailboxes. Some of these depend upon rejecting email from Internet sites known or likely to send spam. Others rely on automatically analyzing the content of email messages and weeding out those which resemble spam. These two approaches are sometimes termed blocking and filtering.

There is an increasing trend of integration of anti-spam techniques into MTAs whereby the mail systems themselves also perform various measures that are generally referred to as filtering, ultimately resulting in spam messages being rejected before delivery (or blocked).

Many filtering systems take advantage of machine learning techniques, which improve their accuracy over manual methods. However, some people find filtering intrusive to privacy, and many e-mail administrators prefer blocking to deny access to their systems from sites tolerant of spammers.

[edit]
Authentication and Reputation
Further information: E-mail authentication, DomainKeys, and Sender Policy Framework

A number of systems have been proposed to allow acceptance of email from servers which have authenticated in some fashion as senders of only legitimate email. Many of these systems use the DNS, as do DNSBLs; but rather than being used to list nonconformant sites, the DNS is used to list sites authorized to send email, and (sometimes) to determine the reputation of those sites. Other methods of identifying ham (non-spam email) and spam are still used.

Authentication systems cannot detect whether a message is spam. Rather, they allow a site to express trust that an authenticated site will not send spam. Thus, a recipient site may choose to skip expensive spam-filtering methods for messages from authenticated sites.

[edit]
Challenge/response systems
Main article: Challenge-response spam filtering

Another method which may be used by internet service providers, by specialized services or enterprises to combat spam is to require unknown senders to pass various tests before their messages are delivered. These strategies are termed challenge/response systems or C/R. Some view their use as being as bad as spam since they place the burden of spam fighting on legitimate email senders -- who it should be noted will often indeed give up at the slightest hindrance.

[edit]
Checksum-based filtering

Checksum-based filter exploits the fact that the messages are sent in bulk, that is that they will be identical with small variations. Checksum-based filters strip out everything that might vary between messages, reduce what remains to a checksum, and look that checksum up in a database which collects the checksums of messages that email recipients consider to be spam (some people have a button on their email client which they can click to nominate a message as being spam); if the checksum is in the database, the message is likely to be spam.

The advantage of this type of filtering is that it lets ordinary users help identify spam, and not just administrators, thus vastly increasing the pool of spam fighters. The disadvantage is that spammers can insert unique invisible gibberish—known as hashbusters—into the middle of each of their messages, thus making each message unique and having a different checksum. This leads to an arms race between the developers of the checksum software and the developers of the spam-generating software.

Checksum based filtering methods include:
Distributed Checksum Clearinghouse
Recurrent Pattern Detection
Vipul's Razor

[edit]
Country-based filtering

Some e-mail servers expect to never communicate with particular countries from which they receive a great deal of spam. Therefore, they use country-based filtering - a technique that blocks e-mail from certain countries. This technique is based on country of origin determined by the sender's IP address rather than any trait of the sender.

[edit]
DNS-based Blacklists
Main article: DNSBL

DNS-based Blacklists, or DNSBLs, are used for heuristic filtering and blocking. A site publishes lists (typically of IP addresses) via the DNS, in such a way that mail servers can easily be set to reject mail from those sources. There are literally scores of DNSBLs, each of which reflects different policies: some list sites known to emit spam; others list open mail relays or proxies; others list ISPs known to support spam.

Other DNS-based anti-spam systems list known good ("white") or bad ("black") IPs domains or URLs, including RHSBLs and URIBLs.

[edit]
Enforcing RFC standards
Further information: SMTP RFC standards

Enforcing technical requirements of the Simple Mail Transfer Protocol (SMTP) can be used to block mail coming from systems that do not comply with the RFC standards. A lot of spammers use poorly written software or are unable to comply with the standards because they do not have legitimate control of the computer sending spam (zombie computer). By setting restrictions on the MTA a mail administrator can reduce spam significantly.

[edit]
Greeting delay

A greeting delay is a deliberate pause introduced by an SMTP server before it sends the SMTP greeting banner to the client. The client is required to wait until it has received this banner before it sends any data to the server. (per RFC 5321 3.1). Many spam-sending applications do not wait to receive this banner, and instead start sending data as soon as the TCP connection is established. The server can detect this, and drop the connection.

There are some legitimate sites that play "fast and loose" with the SMTP specifications, and may be caught by this mechanism. It also has a tendency to interact badly with sites that perform callback verification, as common callback verification systems have timeouts that are much shorter than those mandated by RFC 5321 4.5.3.2.

[edit]
Greylisting
Main article: Greylisting

The SMTP protocol allows for temporary rejection of incoming messages. Greylisting is the technique to temporarily reject messages from unknown sender mail servers. A temporary rejection is designated with a 4xx error code that is recognized by all normal MTAs, which then proceed to retry delivery later.

Greylisting is based on the premise that spammers and spambots will not re-try their messages. Instead, they will move on to the next message and next address. This is effective since a re-try attempt means the message and state of the process must be stored inherently increasing the cost incurred by the spammer, but it is a standard component of any legitimate sender's server.

[edit]
HELO/EHLO checking

For example, some spamware can be detected by a number of simple checks confirming compliance with standard addressing and MTA operation. RFC 5321 section 4.1.4 says that "An SMTP server MAY verify that the domain name argument in the EHLO command actually corresponds to the IP address of the client. However, if the verification fails, the server MUST NOT refuse to accept a message on that basis.", so to be in compliance with the RFCs, rejecting connections must be based on additional information/policies.
Refusing connections from hosts that give an invalid HELO - for example, a HELO that is not an FQDN or is an IP address not surrounded by square brackets
Invalid HELO localhost
Invalid HELO 127.0.0.1
Valid HELO domain.tld
Valid HELO [127.0.0.1]
Refusing connections from hosts that give an obviously fraudulent HELO - for example, issuing a HELO using the FQDN or an IP address that doesn't match the IP address of the connecting host
Fraudulent HELO friend
Fraudulent HELO -232975332
Refusing to accept email claiming to be from a hosted domain when the sending host has not authenticated
Refusing to accept email whose HELO/EHLO argument does not resolve in DNS. Unfortunately, some email system administrators ignore section 2.3.5 of RFC 5321 and administer the MTA to use a nonresolvable argument to the HELO/EHLO command.

[edit]
Invalid pipelining

The SMTP protocol can allow several SMTP commands to be placed in one network packet and "pipelined". For example, if an e-mail is sent with a CC: header, several SMTP "RCPT TO" commands might be placed in a single packet instead of one packet per "RCPT TO" command. The SMTP protocol, however, requires that errors be checked and everything is synchronized at certain points. Many spammers will send everything in a single packet since they do not care about errors and it is more efficient. Some MTAs will detect this invalid pipelining and reject e-mail sent this way.

[edit]
Nolisting
Main article: Nolisting

The SMTP protocol requires that email servers for any given domain be provided in a prioritized list (namely, MX records), and further specifies mandatory error-handling behavior when servers in that list cannot be contacted. Nolisting is a technique of purposely creating unreachable MX records, so that only senders who have implemented this error-handling behavior can successfully deliver mail.

[edit]
Quit detection

The SMTP protocol requires connections to be closed with a QUIT command. (RFC 5321 section 4.1.4) Many spammers skip this step because their spam has already been sent and taking the time to properly close the connection takes time and bandwidth. Some MTAs like Exim are capable of detecting the use or not use of the quit command and can track patterns of use for the purpose of building DNSBLs.

[edit]
Honeypots
Main article: Honeypot (computing)

Another approach is simply an imitation MTA which gives the appearance of being an open mail relay, or an imitation TCP/IP proxy server which gives the appearance of being an open proxy. Spammers who probe systems for open relays/proxies will find such a host and attempt to send mail through it, wasting their time and potentially revealing information about themselves and the source of spam to the unexpected alert entity (in comparison to the anticipated careless or unskilled operator typically in charge of open relay MTA systems) that operates the honeypot. Such a system may simply discard the spam attempts, submit them to DNSBLs, or store them for analysis.

[edit]
Hybrid filtering

Hybrid filtering, such as is implemented in the open source programs SpamAssassin and Policyd-weight uses some or all of the various tests for spam, and assigns a numerical score to each test. Each message is scanned for these patterns, and the applicable scores tallied up. If the total is above a fixed value, the message is rejected or flagged as spam. By ensuring that no single spam test by itself can flag a message as spam, the false positive rate can be greatly reduced.

[edit]
PTR/Reverse DNS checks
Further information: Reverse DNS lookup and Forward Confirmed reverse DNS

The PTR DNS records in the reverse DNS can be used for a number of things, including:
Most e-mail Mail Transfer Agents (server software) use a FCrDNS verification and if there is a valid domain name, put it into the "Received:" trace header field.
Some e-mail Mail Transfer Agents will perform FCrDNS verification on the domain name given on the SMTP HELO and EHLO commands. See #HELO/EHLO checking.
To check the domain names in the rDNS to see if they are likely from dial-up users, dynamically assigned addresses, or home-based broadband customers. Since the vast majority, but by no means all, of e-mail that originates from these computers is spam, many mail servers also refuse e-mail with missing or "generic" rDNS names. [4] [5]
A Forward Confirmed reverse DNS (FCrDNS) verification can create a form of authentication that there is a valid relationship between the owner of a domain name and the owner of the network that has been given an IP address. While reliant on the DNS infrastructure, which has known vulnerabilities, this authentication is strong enough that it can be used for whitelisting purposes because spammers and phishers cannot usually bypass this verification when they use zombie computers to forge the domains.

[edit]
Rule-based filtering
Further information: E-mail filtering

Content filtering techniques relied on the specification of lists of words or regular expressions disallowed in mail messages. Thus, if a site receives spam advertising "herbal Viagra", the administrator might place these words in the filter configuration. The mail server would thence reject any message containing the phrase.

Header filtering is the means of inspecting the header of the email, the part of the message that contains information about the message. Spammers will often spoof fields in the header in order to hide their identities, or to try to make the email look more legitimate than it is; many of these spoofing methods can be detected. Also, headers that violate the RFC 5322 standard on how the email header is to be formed are frequently rejected.

Disadvantages of filtering are threefold: First, it can be time-consuming to maintain. Second, it is prone to false positives. Third, these false positives are not equally distributed: since content filtering is prone to reject legitimate messages on topics related to products frequently advertised in spam. A system administrator who attempts to reject spam messages which advertise mortgage refinancing, credit or debt may inadvertently block legitimate e-mail on the same subject.

Spammers frequently change the phrases and spellings they use. This can mean more work for the administrator. However, it also has some advantages for the spam fighter. If the spammer starts spelling "Viagra" as "V1agra" (see leet) or "Via_gra", it makes it harder for the spammer's intended audience to read their messages. If they try to trip up the phrase detector, by, for example, inserting an invisible-to-the-user HTML comment in the middle of a word ("Viagra"), this sleight of hand is itself easily detectable, and is a good indication that the message is spam. And if they send spam that consists entirely of images, so that anti-spam software can't analyze the words and phrases in the message, the fact that there is no readable text in the body can be detected, making that message a higher risk of being spam.

Content filtering can also be implemented to examine the URLs present (i.e. spamvertising) in an email message. This form of content filtering is much harder to disguise as the URLs must resolve to a valid domain name. Extracting a list of such links and comparing them to published sources of spamvertised domains is a simple and reliable way to eliminate a large percentage of spam via content analysis.

[edit]
Sender-supported whitelists and tags

There are a small number of organizations which offer IP whitelisting and/or licensed tags that can be placed in email (for a fee) to assure recipients' systems that the messages thus tagged are not spam. This system relies on legal enforcement of the tag. The intent is for email administrators to whitelist messages bearing the licensed tag.
Return Path's Sender Score Certified

A potential difficulty with such systems is that the licensing organization makes its money by licensing more senders to use the tag—not by strictly enforcing the rules upon licensees. A concern exists that senders whose messages are more likely to be considered spam would accrue a greater benefit by using such a tag. The concern is that these factors form a perverse incentive for licensing organizations to be lenient with licensees who have offended. However, the value of a license would drop if it was not strictly enforced, and financial gains due to enforcement of a license itself can provide an additional incentive for strict enforcement. The Habeas mail classing system attempts to further address this issue by classing email according to origin, purpose, and permission. The purpose is to describe why the email is not likely spam, but permission based email.

[edit]
SMTP callback verification
Main article: callback verification

Since a large percentage of spam has forged and invalid sender ("from") addresses, some spam can be detected by checking that this "from" address is valid. A mail server can try to verify the sender address by making an SMTP connection back to the mail exchanger for the address, as if it was creating a bounce, but stopping just before any e-mail is sent.

Callback verification can be compliant with SMTP RFCs, but it has various drawbacks. Since nearly all spam has forged return addresses, nearly all callbacks are to innocent third party mail servers that are unrelated to the spam. At the same time, there will be numerous false negatives due to spammers abusing real addresses and some false positives.

[edit]
SMTP proxy
Main article: SMTP proxy

SMTP proxies allow combating spam in real time, combining sender's behavior controls, providing legitimate users immediate feedback, eliminating a need for quarantine.

[edit]
Spamtrapping
Main article: Spamtrap

Spamtrapping is the seeding of an email address so that spammers can find it, but normal users can not. If the email address is used then the sender must be a spammer and they are black listed.

Let's use the email address "spamtrap@your_domain.org" as an example. If we took this email and put it in the source HTML of our web site normal humans would not see it. Spammers on the other hand use web page scrapers and bots to harvest email address; so they would find this address.

When the spammer sends mail with the destination address of "spamtrap@your_domain.org" the SpamTrap knows this is a spammer and flags them.

[edit]
Statistical content filtering
Main article: Bayesian spam filtering

Statistical filtering, once set up, requires no maintenance per se: instead, users mark messages as spam or nonspam and the filtering software learns from these judgements. Thus, a statistical filter does not reflect the software author's or administrator's biases as to content, but it does reflect the user's biases as to content; a biochemist who is researching Viagra won't have messages containing the word "Viagra" flagged as spam, because "Viagra" will show up often in his or her legitimate messages. Spam emails containing the word "Viagra", however, do get filtered because of their unique content compared to legitimate messages. A statistical filter can also respond quickly to changes in spam content, without administrative intervention. Statistical filters should also look at message headers [6], thereby considering not just the content but also peculiarities of the transport mechanism of the email.

Typical statistical filtering uses single words in the calculations to decide if a message should be classified as spam or not. A more powerful calculation can be made using groups of two or more words taken together. The random "noise" words can not be used as successfully to fool the filter.

Software programs that implement statistical filtering include Bogofilter, DSPAM, SpamBayes the e-mail programs Mozilla and Mozilla Thunderbird, Mailwasher, and later revisions of SpamAssassin. Another interesting project is CRM114 which hashes phrases and does bayesian classification on the phrases.

There is also the free mail filter POPFile [7] which sorts mail in as many categories as you want (family, friends, co-worker, spam, whatever) with bayesian filtering.

[edit]
Tarpits
Main article: Tarpit (networking)

A tarpit is any server software which intentionally responds pathologically slowly to client commands. By running a tarpit which treats acceptable mail normally and known spam slowly or which appears to be an open mail relay, a site can slow down the rate at which spammers can inject messages into the mail facility. Many systems will simply disconnect if the server doesn't respond quickly, which will eliminate the spam. However, a few legitimate e-mail systems will also not deal correctly with these delays.

[edit]
Automated techniques for e-mail senders

There are a variety of techniques that e-mail senders use to try to make sure that they do not send spam. Failure to control the amount of spam sent, as judged by e-mail receivers, can often cause even legitimate email to be blocked and for the sender to be put on DNSBLs.

[edit]
Background checks on new users and customers

Since spammers are frequently kicked off the network, they are constantly trying to create new accounts. Many spammers are able to make even a few hours profitable for them and can cause many days of damage to reputation of the services they abused. As a result, many ISPs and web -email providers use CAPTCHAs on new accounts and try to verify the credit cards are not stolen before accepting new customers, check the Spamhaus Project ROKSO list and do other background checks.

[edit]
Confirmed opt-in for mailing lists
Main article: Opt in e-mail

One difficulty occurs in implementing opt-in mailing lists: many means of gathering user e-mail addresses remain susceptible to forgery. For instance, if a company puts up a Web form to allow users to subscribe to a mailing list about its products, a malicious person can enter other people's e-mail addresses — to harass them, or to make the company appear to be spamming. (To most anti-spammers, if the company sends e-mail to these forgery victims, it is spamming, albeit inadvertently.)

To prevent this abuse, MAPS and other anti-spam organizations encourage that all mailing lists use confirmed opt-in (also known as verified opt-in and (by spammers themselves) as double opt-in). That is, whenever an address is presented for subscription to the list, the list software should send a confirmation message to that address. The confirmation message contains no advertising content, so it is not construed to be spam itself — and the address is not added to the list unless the recipient responds to the confirmation message. See also the Spamhaus Mailing Lists vs. Spam Lists page.

All modern mailing list management programs (such as GNU Mailman, LISTSERV, Majordomo, and qmail's ezmlm) support confirmed opt-in by default.

[edit]
Egress spam filtering
Main article: Egress filtering

E-mail senders can do the same type of anti-spam checks on e-mail coming from their users and customers as can be done for e-mail coming from the rest of the Internet.

[edit]
Limit e-mail backscatter
Main article: Backscatter (e-mail)

If any sort of bounce message or anti-virus warning gets sent to a forged email address, the result will be backscatter.

Problems with sending challenges to forged e-mail addresses can be greatly reduced by not creating a new message that contains the challenge. Instead, the challenge can be placed in the Bounce message when the receiving mail system gives a rejection-code during the SMTP session. When the receiving mail system rejects an e-mail this way, it is the sending system that actually creates the bounce message. As a result, the bounce message will almost always be sent to the real sender, and it will be in a format and language that the sender will usually recognize.

[edit]
Port 25 blocking

Firewalls and routers can be programmed to not allow SMTP traffic (TCP port 25) from machines that are not supposed to run Mail Transfer Agents or send e-mail.[3] This practice is somewhat controversial when ISPs block home users, especially if the ISPs do not allow the blocking to be turned off upon request. E-mail can still be sent from these computers to designated smart hosts via port 25 and to other smart hosts via the e-mail submission port 587.

[edit]
Port 25 interception

Network address translation can be used intercept all port 25 (SMTP) traffic and direct it to a mail server that enforces rate limiting and egress spam filtering. This is commonly done in hotels[4], but it can cause e-mail privacy problems, as well making it impossible to use STARTTLS and SMTP-AUTH if the port 587 submission port isn't used.

[edit]
Rate limiting

Machines that suddenly start sending lots of e-mail may well have become zombie computers. By limiting the rate that e-mail can be sent around what is typical for the computer in question, legitimate e-mail can still be sent, but large spam runs can be slowed down until manual investigation can be done.[5]

[edit]
Spam report feedback loops
Main article: Feedback Loop (email)

By monitoring spam reports from places such as spamcop, AOL's feedback loop, and Network Abuse Clearinghouse, the domains abuse@ mailbox, etc., ISPs can often learn of problems before they seriously damage the ISP's reputation and have their mail servers blacklisted.

[edit]
Strong AUP and TOS agreements

Most ISPs and web e-mail providers have either an Acceptable use policy (AUP) or a Terms of Service (TOS) agreement that discourages spammers from using their system and allows the spammer to be terminated quickly.

[edit]
Techniques for researchers & law enforcement
See also: E-mail spam legislation by country

Increasingly, anti-spam efforts have required co-ordination between law enforcement, researchers, major consumer financial service companies and Internet service providers who need e-mail spam, identity theft and phishing evidence to track and monitor the risks and activities.[6]

[edit]
Legislation and Enforcement

Appropriate legislation and enforcement has a significant impact.

The penalty provisions of the Australian Spam Act 2003 dropped Australia's ranking in the list of spam-relaying countries for e-mail spam from tenth to twenty-eighth.[7]

Legislation that provides mandates that bulk emailers must follow makes compliant spam easier to identify and filter out.

[edit]
Analysis of Spamvertisements

Checking out what site is being spamvertised by a given piece of spam, often leads to questionable registrations of Internet domain names. Since registrars are required to maintain trustworthy WHOIS databases, digging into the registration details and complaining at the proper locations often results in site shutdowns. Uncoordinated activity may not be effective, given today's volumes of spam and the rate at which those criminal organizations register new domains. However, a coordinated effort, implemented with adequate infrastructure, can obtain good results[8].

[edit]
New Solutions and Ongoing research

Several approaches have been proposed to improve the e-mail system.

[edit]
Cost-based systems
Main article: Cost-based anti-spam systems

Since spam occurs primarily because it is so cheap to send, a proposed set of solutions require that senders pay some cost in order to send spam, making it prohibitively expensive for spammers.

[edit]
Other techniques

There are a number of proposals for sideband protocols that will assist SMTP operation. The Anti-Spam Research Group (ASRG) of the Internet Research Task Force (IRTF) is working on a number of E-mail authentication and other proposals for providing simple source authentication that is flexible, lightweight, and scalable. Recent Internet Engineering Task Force (IETF) activities include MARID (2004) leading to two approved IETF experiments in 2005, and DomainKeys Identified Mail in 2006.

[edit]
Research Conferences

Spam is the subject of several research conferences, including:
Messaging Anti-Abuse Working Group
TREC via the TREC 2007 Spam (and Email) Track July 2007
Conference on Email and Anti-Spam August 2007
FTC Spam Summit July 2007
MIT Spam Conference March 2007
Reference from : http://en.wikipedia.org/wiki/Anti-spam_techniques_(e-mail)

ANti SpAm

2009-04-03T21:13:00.000-07:00

Anti spam fights spam bots

The purpose of this page is to make it so spammers who attempt to collect email addresses off the web, via programs, will not have real email addresses in their database. Anti-Spam causes problems because they will have to clean out their list. It also makes their database worthless for reselling purposes because the company purchasing their spam database will have worthless email address.
How ANTI-SPAM works

This page has fifty randomly generated email addresses (refresh and new ones will appear). At the bottom of the page is a link to this page again, essentially reloading it for programs to collect more fake email addresses. Email collecting programs (spam bots) will be sent into an infinite loop by following the link at the bottom of the page and will get more and more fake email addresses stuck in their databases.

Spam is the electronic world's biggest problem. A fool proof method of filtering out spam does not yet exist, but we don't have to sit back and take it. Anti-Spam pages like this one make spamming less profitable and is our way to help FIGHT SPAM.
Help out and join the fight again Spam!

Want to help with the Anti-Spam effort? When a spammer's program visits your web page, they will check all the pages that you link to for email addresses. So, all you have to do is link to this page and whenever a spammer's program scans your page, they will be sucked into this one. To link to this page use this simple code:

Anti Spam

A litle gift for SPAM bots

Everything below is for spammer's and their SPAM bots, it's called Antispam and we hope they take it all in!

spam bot food

Anti Spam can make a difference in the fight against spam!

Reference from : http://www.auditmypc.com/freescan/antispam.html