spam, has been in the specifications “spam the Internet Society of China” provides a definition Ming Yi Buzu Quede and Dan Shi Ta allow us to understand the spam Chansheng send jiqi 背后 correctly embedded. As users a network administrator or by e-mail, spam is the implicit understanding that secrecy, especially used by spammers to bypass spam filtering technology, spam prevention will know the details they are.
First, the flow of spam and interests behind
spam is not something out of nothing, and the purely commercial nature of spam, it is by some want to sell or promote certain products offered by e-mail vendors, which is a provider spam.Toutefois , providers of spam and not by themselves send, but send a task to certain e-mail addresses of professionals with large junk e-mail sent or tuanti Zhe, according Mouzhongxieyi paid to the sender for frais.La remaining task is how the sender’s request by providing a number of reasons the junk e-mail sent at the end of the mailbox of spam utilisateur.fournisseur to see this approach introduced by low cost and high performance, the sender can see the benefits of sending spam, and this interest will be sent with the last increase and more More.l continuing use them, is spam now fundamental reason.
However, the final order to recover spam messages from a large number of users, and it is not as simple as people pensent.Tout First, the sender must be a lot of e-mail address valid to send the money to meet the fournisseur.L sender is usually started when organizations or individuals to buy or research resources on the Internet are also familiar environments in the future, but also through mutual interaction between other how the sender of the e-expanding mailbibliothèque.Maintenant, many sites are given in the e-mail address is “@” symbol to the “#” sign is prevent, by “@” symbol to search for email address keyword software collection.
other hand, is how to ensure that spam that may eventually reach the user, otherwise in vain.La key to solving this problem is how to avoid the various anti-spam filter. Now, some superb technique sender has used a number of very effective ways to avoid being filtered and fazhan faster than the anti-technology message, so the message can not be completely filtered Laji the main reason .
Finally, it is necessary to solve the problems being monitored, it is spammers trying to punish legal means to entreprendre.En rule by the following means to achieve the goal of one or more
1, modify the header spammer and all areas related to the content, so that these elements do not have their contact.
2, can be anonymous third-party server sending mail to send spam
3, mail server self-constructed, and the use of a proxy server for network connectivity
4, checking the mail server to send mails normally hidden by Rootkit service marks
5, controlling the host network to send spam zombie
6, can also be their own mail server, set up by a certain time interval, only one site to send ten to twenty pieces of spam, so that acts of anti-spam methods product testing can not be judged as a host mail server indésirable.Après some time, also received a considerable amount of spam.
meet the three conditions above, spammers and the relationship between the interests of suppliers can be truly realized.
spam Second, the preparation of regular technical keys
already mentioned above, the key to the success of spam is sent to break the blockade of many anti-spam products, the means used to prepare a variety of spamming techniques.
1, modifying the message header IP address or name, to escape the way black and white liste.Trempé spam filtering in the header of the message content of some key fields, using software called Advanced Direct Remailer can be easily atteints.Toutefois, some use reverse DNS query using the signature verification technology and products to filter spam sent over this way.
2, junk mail in the letter of each word or character by a space or special characters (such as “-” or “+” sign) separated, so you can easily escape the keywords and Technology content analysis based on textefiltre, and its anti-filtering for the present is always very efficient, and requires no tools can easily achieve tâche.Cependant now some anti-spam providers in their products to enhance the characters and words Shibieteshu Zhongzu functions to be able to identify Zhezhong Tigao way to send messages Laji.
3, replace by a number of English words in spam in some letters, such as the use of “1” digital replacement of “i”, “0” replaces the “o” and so on, it can escape the text of its filtering contenu.Mais in this way can not be used to send spam in English, and revised E-mail users may not always understand its original meaning, therefore, will not give rise to ambiguity in some places.
4 with ASCII code instead of letters such as the letter B instead of using the ASCII code 66, while in email client, but may appear as words and form complete sentences . Could use to escape the statistical probability based on the content and filter détection.Mais now there are many anti-spam products, and to a recognition code ACCII, which is not commonly used in this way.
5, there is a way is also very easy to apply and use more frequently, is to write the first few paragraphs of a normal message content, the content and then set the font color and the same background color, such as white text on a white background, then include the normal content of these messages in the content of emails, but the font color and the background color is different, for example, black text on a background blanc.De this way, can not escape the statistical probability based on the content and methods of filtering, and email client, it will only display the content of spam.
6 text spam images embedded in them, and reducing image noise, but does not affect the reading of the bottom line, then sent jointe.Il room is mainly used to avoid content based filtering and filtering based on probabilities statistiques.De reducing image noise is small by increasing the number of pixels of the picture frame as image noise and then write a script for rotating all the image area you want to show the main content of the image frame is displayed longer under other low PixelThe photos show time is short, we can achieve this is able to properly display content of spam, but also increased the difficulty of filtering spam purposes test.Est now a leading anti-spam e-mail has improved image recognition input, and joined the behavior detection technology has been able to identify the image of how good spam.Et so pictures of the preparation of their course too much trouble, and now the spam has been significantly reduced.
7, will be performed on the PDF spam, and then send parts jointes.C is the effect spammers following image spam is not high after using the preparation of similar technology but in this case, the spam filtering is much better than the old, and now, although some of the allegations utilisationtendances detection technology behavior, anti-spam products can filter some messages related, but success rate through the filter is obtained much more élevé.Ainsi, PDF spam, the ratio will continue to rise.
8, the contents of mails to MP3 files or video, then as an attachment, it is only recently emerged in the mail indésirable.Bien no filtering technology in this way, but because, in to reduce the volume of spam, spammers have to reduce the bit rate audio and video pixels, in this way, the mailbox when the user opens the audio entenduet see the video is not clear, it n ‘would not achieve the goal of sending spam.Par Therefore, this approach will not be very high utilization.
Yes, the spam messages in the mail, do not use the above list of Bianxiefangfa in, but some methods Hui Shi Tong different combine the use of this rate may Tigao send Chenggong . In addition, spammers continue to develop new technology preparedness to cope also continues to introduce new spam filtering technology.
Third, the authentication methods of penetration spam
Although anti-spam products use to avoid detection method, but that does not mean that the sending of spam will definitely be able to pass through eux.C is because each spam filter products and the performance of the methods used are not the same, and its setting is not même.Par Therefore, to avoid the technology used to verify the validity, you have a variety of spam filtering environment expérimental.L experimental approach can build their own such an environment, which some spammers do not support financier.Toutefois, some spammers conditions, such as in a corporate environment, you can use e-mail filtering products of this company to make tests . Another way is to register free and Yi Xie box mailbox Bianxielaji Youjianfasong Ji Zijihuozhe Dangzhong friend, Lai check Shipikeyi be Zhengchangjieshou, it is fast and provincial Ji Erjushiyan the product fully.
Fourth, the negative effects of spam
the damage caused by spam is large enough, it will not only take a lot of people deal with time mail and limited effectiveness, will be valuable resources of network bandwidth, and user impede the normal functioning of essential services network, and e-mail spam is àd’arrêter more, had to spam filtering additional hardware or software to handle, it takes the user a lot of money and administrative overhead, and increase the already very complicated in the IT security infrastructure and security strategy for companies prévenircomplexité.Pour e-mail users, the number of its employees, the cost per employee cost of spam filters will continue to increase, it is a huge amount of spending.
Fifth, you can eliminate the spam
Spam was passed from there three whole years, 30 of them in this regard, although the anti-spam technology has made great progress, but now the Internet data traffic, a significant portion of spam is always busy, cesuffisent to show that the preparation of technical faster than spam filtering technology spam.Par Therefore, in the present or the future for a long period of time, the spam will continue to be accompanied by all e-mail users.
But we can not remain spectators as spam Silué go to these endroits.En fact, with a comprehensive analysis of spam, we have also learned its weaknesses existent.Par Therefore, appropriate precautions as spam, spam we can control the extent we can afford inside.
some useful recommendations are as follows:
1, continue to deepen anti-spam legislation, adding to the junk e-mail providers be severely punished, cut the chain of spam over the interest, so that spam can be reduced at source.
2, try to buy contains all major spam filtering technologies, products, and carefully examine their approach, performance, and failure rate of false positives, as well as the scalability and compatibility between different produits.En addition, the products of service providers and suppliers of fashion and post-maintenance must be considered.
3, the real development needs and security policy corresponding e-mail.Anti spam is not a technology or a service that needs to be completed, and should include the messaging system within any security policy, it is a kind of mutual cooperation in a variety of technologies and services systématique.Pendant process this time, the system design of the e-mail should be considered in the theory of the security design should be from the edge of the corporate network, mail server and the client as well as three levels of deployment sécurité.Si skilled, best used in each layer are not even fournisseur.C is because each vendor in the messaging system has its own security at all levels the greater good, and also compare their own weak and, therefore, entirely Liyongmeige products best device applied to the relevant level, to reach Guo Xiao ZuiTrès well.
4, the security policy messaging system in all company safety policies IT make full use of other safety equipment to reduce the threats to system security messagerie.De same for improve the security of email system will also reduce other way to the threat to enterprise security. system security e-mail and enterprise IT environment, security complements other.
5, e-mail users in order to improve the knowledge of the training network security.
In short, spam is a constant struggle and hard, we have to keep spam out of the direction of development, to fully utilize the existing spam filtering product, use structure spam measures OK effective prevention can spamles risks we can control in a sustainable manner, e-mail us can really bring benefits.