Blacklisting, whitelisting and reputation listing
With these techniques, the filter evaluates not the message, but the characteristics of the sender, in particular the sender's previous record concerning spam.
- Blacklists are databases that collect the IP addresses of known spammers from around the world. The spam filter checks incoming messages against the blacklist and refuses to accept e-mail from these addresses. Depending on the specific spam filter product used, the blacklist it checks could be local (i.e., maintained at a company's own network), remote (maintained centrally, independent of a specific company) or a combination. Some centrally maintained blacklists are publicly available, while others are fee-based services.
- Whitelists collect the IP addresses of trusted e-mail sources on a "good sender" list, and the filter automatically accepts e-mail from those addresses. As with blacklists, a spam filter product could check a local whitelist, a centrally maintained one or both. Many spam filters make use of both blacklists and whitelists.
- The term reputation service (or reputation list ) is sometimes used to refer to a technique that makes use of blacklists and whitelists but broadens them by considering not only the sending IP address, but the entire domain. However, the terminology is used inconsistently in the industry, with the terms "blacklist" and "reputation list" often used interchangeably.
- In some cases, vendors use "reputation service" or "reputation list" to differentiate their lists from the community heritage of blacklists and whitelists. But Jennings cautions against buying into the idea that reputation lists are all run professionally, while all blacklists are "cesspools of false positives." He says he has yet to see a reputation list that's truly different from traditional blacklists or whitelists.
Graylisting
A recipient e-mail system temporarily rejects e-mail from an unknown IP address (one that's on neither a whitelist nor a blacklist). The recipient system sends an automated response to the sending system that informs the latter of the temporary failure. Theoretically, a "real" sender will simply resend the message, while a spammer will lack the patience to do so.
Tarpitting
A service on the mail server slows down incoming connections as long as possible; the delay is meant to discourage spammers by forcing them to spend longer amounts of time to send their spam. The technique is named after real-life tarpits, into which animals get bogged down, eventually sinking and suffocating. (The original tarpitting program was called LaBrea, after the Los Angeles tarpit.) The disadvantage of this approach, of course, is that legitimate e-mail also takes longer.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Business Intelligence and Enterprise Performance Management: Trends for Emerging Businesses
Mimosa™ NearPoint™ for Microsoft® Exchange Server: Email Archiving 101
Refresh your AUP: Top tips to ensure your acceptable use policy is fit for purpose
Strategies for Eliminating .PST Files
Security Inside Out
Data grids and service-oriented architecture
Cutting printer costs
Solve Exchange Mailbox Storage Issues Once and for All
Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Vignette Announces 2008 Excellence Awards 2008-11-21 10:50:00+11
PGP and Ponemon Institute Unveil Inaugural Australian Data Breach Study 2008 2008-11-20 17:34:00+11
Symantec Cloud Services Transform Data Centre Operations Through Proactive Management 2008-11-20 12:06:00+11
Verizon Business Offers Tips to Building a Successful Unified Communications and Collaboration Plan 2008-11-20 12:04:00+11
AARNet Brings 4K Digital Cinema to Australia: First 4K HD Video Signal delivered into Australia by AARNet 2008-11-20 12:02:00+11
Data grids and service-oriented architecture
When choosing an SOA strategy, corporations must ensure data availability, reliability, performance and scalability. A data grid infrastructure, built with clustered caching provides a framework for improved data access that can create a competitive edge and sustain customer loyalty. Read on to discover how this can be created within your organisation.
Buying Guides
Latest Products
