outlook express spam filter

Microsoft to add Blackberry-style e-mail to Exchange Server

2005-08-18T05:13:00.000-07:00

The upcoming version of Microsoft's Exchange Server will push e-mail directly from the server to Windows Mobile devices, offering the same service as the Blackberry.The new Direct Push Technology will come in a Community Technology Preview (CTP) of Exchange Server 2003 Service Pack 2, with the full version by the end of the year, said Exchange product manager Martha DeAmicis.The push technology no longer relies on SMS to notify a Windows Mobile device. Instead, it sends e-mail directly from Exchange to Windows Mobile devices, giving users a faster and more efficient way of retrieving messages.RIM requires the use of middleware on top of Exchange to allow messages to be sent directly to BlackBerry devices, which costs businesses and end users extra licence fees. "With Windows Mobile, you can talk direct from Exchange to a mobile device with no server and no [extra] cost," said John Starkweather, group product manager for the mobile and embedded devices team at Microsoft. It is however dependent upon the inclusion of Windows Mobile 5.0 Messaging and Security Feature Pack. An early version of this software is currently in the hands of Window Mobile OEMs, but devices that come with the technology pre-installed will not ship until early next year. However, customers will be able to buy Windows Mobile devices that can download the messaging and security feature pack from November.There will also be new security features in Exchange SP2, such as Web-based remote wiping of applications and e-mails on a device in case it should get lost or stolen. There will also be an intelligent spam message filter, and support for anti-spam technology Sender ID. The CTP of Exchange Server 2003 SP2 also will include a Mailbox Fundamentals feature with improvements to the way public e-mail folders can be managed and tracked, as well as an increase in the storage limit for Exchange Standard Edition customers, DeAmicis said.

How To Cut Down On The Volume Of Junk Mail, E-Mail

2005-08-18T04:37:00.000-07:00

Junk Snail MailTo get your name off national mailing lists (understand that it won't stop all unsolicited mail):
The Direct Marketing Association is the "oldest and largest national trade association serving the direct and interactive marketing field." Visit these sections of their Web site for information about reducing unsolicited snail mail:DMA Consumer Assistance: How And Where To Find Help Getting off mailing lists/Mail Preference Service
ADVO, Inc. is the nation's "largest targeted home-delivered print advertising provider." They describe themselves as being the "force and the name behind some of the most recognizable and successful direct-mail marketing and advertising campaigns in the country." For information on removing yourself from their lists, visit advo.com.
More tips can be found on the Web site www.junkbusters.com.
Another step might cut down on unsolicited credit card offers."Changes to the federal Fair Credit Reporting Act took effect Sept. 30, 1997. Under one provision of the new law, consumers can call toll-free numbers to remove themselves from lists used by credit-card companies and some direct marketers to solicit them by mail. Consumers need call only one of the three major national credit bureaus to get off all such lists."The special "opt-out" numbers are:Equifax -- (888) 567-8688Experian -- (800) 353-0809Trans Union -- (888) 5OPTOUT or 888-567-8688If you answer the questions, you can opt out of mailing lists of the major credit reporting agencies for two years.
Junk E-MailWhat about all that unsolicited e-mail? Some of the spam borders on X-rated.Tips for reducing the amount of unsolicited e-mail:
Don't display your e-mail address in public. Spammers use automated tools to collect valid addresses from Web pages, chat rooms and online directories. Consider using a second e-mail address for public correspondence.
Consider using software to filter e-mails. Some are free, and some work better than others. Most can be customized to allow personal e-mails from family members, for example, but block many advertisements. The most prominent antivirus vendors are increasingly building spam-filter utilities into their security products.
Check a Web site's privacy policy before you submit your e-mail address to see whether it permits the company to share your address with online marketing companies; if it does see whether it's possible to "opt out" from such an arrangement.
For years, experts have discouraged Internet users from replying to unwanted e-mails with requests to be removed from future mailings because that verifies that spam was sent to a valid address. Under the new law, however, marketers are required to honor such do-not-send requests after the first unsolicited advertisement.
Here are other tips:
To try to reduce spam, you can register for free online with the Direct Marketing Association's E-Mail Preference Service.
The government wants your spam. Forward unwanted or deceptive e-mails to uce@ftc.gov, where federal regulators are creating a huge spam database to go after the most egregious marketers.The Federal Trade Commission also offers tips for people who are trying to eliminate junk e-mail and deceptive e-mail:FTC E-Mail Tips

Email Delivery & The War Against Spam

2005-08-18T04:35:00.000-07:00

war is afoot between legitimate senders of mass email and spammers. There is an ever-increasing number of tools, in the form of algorithms and list management tools. These tools will affect email delivery and reduce the amount of spam that has hijacked the email industry.As reported from the New Scientist, a team of researchers from IBM, and Cornell University developed a new algorithm for detecting spam in emails, called SMTP Path Analysis. The algorithm works by examining the path information (probably by looking at the Received headers), and detects patterns that are likely to be the route of a spammer. ?...the algorithm is not meticulous enough to efficiently catch spam on its own, but works well in combination with content filtering tools. "And it catches stuff that content filters can't," Engineers at ActivSoftware recently announced their new algorithm called 'slow start outbound connection ramping.' This new server technology attempts to avoid becoming flagged as spam by automatically monitoring delivery success and failure rates and adjusting simultaneous connections to an email service provider based upon those parameters. It begins with a very low number of simultaneous connections to any one ESP for any one IP address. It monitors delivery failure to success ratios and slowly ramps up the number of connections to that ESP from that particular IP. In another recent attempt to help legitimate email senders avoid becoming flagged as spammers, researchers at ActivSoftware, using a bayesian spam filter, sifted through over two hundred thousand words flowing through their email servers and itemized the top 50, or so, words most likely to trigger spam filters. The words are organized by their spam to ham ratio, or illegitimate to legitimate email ratio. The team analyzed many factors within this data, but the most compelling was the spam to ham ratios. Words such as click and here don't rank as high, since they are used often in legitimate email. Whereas words like madam, rarely found in legitimate email, while readily found in spam email, had very high ratios. Using this method the team created, what they deemed, ?A superior list of spam words.? The top twelve words follow: - homeowner - discreet - madam - materially - unclaimed - anticipates - soma - preapproved - unconditionally - beneficiary - refinance - intercourse

AOL to Give Away Spammer Stash

2005-08-16T02:12:00.000-07:00

One spammer's misfortune could be an Internet user's dream as AOL plans to give away a fully-loaded Hummer H2 and nearly $100,000 in cash and gold bars. The online service received the loot through a provision in the CAN-SPAM act, which allows courts to seize property obtained through profits from the sending of unsolicited e-mails.
In addition to seizing the spammer's assets, AOL also won a $13 million judgment against the company, and will donate the seized computer equipment to schools in Northern Virginia.
The property will be given away through the AOL Spammer's Gold Sweepstakes, which will begin Wednesday and will run through August 19. Participants will be able to enter once per day by answering a question on computer security and safety.
Every day during the period a $1,000 prize will be awarded with the grand prize drawing at the end of the contest. The grand prize winner will receive the 2003 Hummer H2 and nearly $85,000 in cash and gold bars.
All of the loot was seized from a then 20-year old man in New Hampshire following a successful campaign to shut down and sue the spammer. At his height, AOL claims the man had 40 computers sending out millions of spam e-mails per day.
In on day in January 2004 alone, the spammer generated 100,000 complaints from AOL members.
"The safety and security of our members is Job No. 1 at AOL, and that means taking aggressive action against spammers and scammers. I am delighted that our efforts are paying off, literally, with the seizure of these assets and the sweepstakes," Jon Miller, Chairman and CEO of AOL said in prepared remarks.
Miller pointed to statistics that show an 85 percent drop in spam on the service, announcing that spam filters now block 1.4 billion messages per day as opposed to a high of 2.4 billion messages in one day in 2003.
AOL also issued a terse warning to spammers sending unsolicited mail to the service. "AOL will find you and sue you. And AOL will do everything it can to make sure its members end up with any money you made as a spammer."

Tech Trends: Whamming the spammers

2005-08-16T02:05:00.000-07:00

Life just got a bit harder for spammers trying to reach one coveted audience—college students. Last week, a federal appeals court ruled against an online dating service called White Buffalo Ventures, which had been battling the University of Texas-Austin for the right to send unsolicited E-mail come-ons to UT students.
The spat started in 2003, when White Buffalo obtained UT E-mail addresses under the Freedom of Information Act and spammed a sizable chunk of the student body, pitching a site called longhornsingles.com. A number of upstanding students complained, so the university issued a cease-and-desist letter to White Buffalo, which the company ignored. UT countered by putting a filter on its Web server that blocked E-mail from a White Buffalo site to all addresses ending in "@utexas.edu." Instead of backing off at that point, like most spammers do, White Buffalo sued UT, claiming that the university was violating both the First Amendment and the federal Can-Spam Act of 2003, which established rules for bulk E-mailers.
A lower court ruled that the university was within its rights in establishing spam filters; the Fifth Circuit Court of Appeals agreed. The ruling could put limits on other spammers directing bulk E-mail to colleges and universities.
Spammers often find ways around the rules, though—one reason that two thirds of all E-mail traffic consists of spam, according to security firm Symantec. And as annoying as it can be, some businesses say it's an essential marketing tool. Unsolicited offers for pharmaceuticals make up over 40 percent of all spam traffic, according to Sophos, which develops antivirus software. And the fastest-growing spam segment in the first half of this year involved stock scams, which grew at 10 percent per month, according to Sophos. Blasts offering mortgages and adult content also continue to fill E-mail in-boxes.

AOL Busts Spammer - Then Gives Away Ill-Gotten Profits

2005-08-16T01:49:00.000-07:00

AOL Busts Spammer - Then Gives Away Ill-Gotten Profits
Dulles, Virginia - (via THE HOSTING NEWS) - August 10, 2005 - America Online today announced that spam is down more than 85% on the AOL service, and AOL's anti-spam filters are blocking more than 1.4 billion pieces of spam each day, as compared to a high of 2.4 billion messages blocked in a single day in 2003.AOL also announced that it has recovered nearly $100,000 worth of gold bars and cash, as well as a fully-loaded 2003 Hummer H2, from a major spammer that AOL caught with the help of its members.As a reward to AOL members, visitors to AOL.com and web users, the spammers' ill-gotten loot is being given away through the ''AOL Spammer's Gold Sweepstakes'', which starts today. Additionally, the company said it would donate tens of thousands of dollars worth of high-end computer equipment seized from this spammer to local public schools and school systems in Northern Virginia.The gold, cash and the Hummer were seized as part of the first lawsuit filed by AOL under the federal CAN-SPAM Act of 2003, and aided by AOL members who have used the ''Report Spam'' button to help AOL anti-spam, digital detectives investigate and snare one of the country's most prolific spam gangs.In addition to these assets, AOL has also obtained a $13 million judgment in the case against the remaining members of the spam gang.Jon Miller, Chairman and CEO of America Online explained, ''The safety and security of our members is Job No. 1 at AOL, and that means taking aggressive action against spammers and scammers. I am delighted that our efforts are paying off, literally, with the seizure of these assets and the sweepstakes. Today, we're putting the brakes on spammers and celebrating our gold standard spam protections for the AOL service and the AIM Mail product at AOL.com. Our hard work in fighting spam is paying off in another way as well - since November 2003 when spam was at its peak, we've achieved a dramatic and hugely beneficial decline in the amount of spam reaching our members' email boxes.''The company attributes this success to its multi-pronged approach in fighting the scourge of spam, which includes a combination of software tools, filtering technology, public policy, litigation and enforcement, and industry partnership.The Sweepstakes begins August 10 and runs through August 19. AOL members can enter the sweepstakes at AOL Keyword: Spam Sweepstakes; non-members can enter at http://aolhummer.onlinepromo.com. Entrants will have a chance to win daily cash prizes as well as the Grand Prize -- a Hummer H2 and approximately $85,000 in gold bars and cash. Each day throughout the promotion period, participants may gain one additional entry in the Grand Prize drawing and one (1) entry in the daily ''spammer cash'' drawing ($1,000 each day) by returning to the site to answer the special ''AOL Spammer's Gold'' question for that day that focuses on security and safety issues. Those that participate each day throughout the 10-day promotion period will receive an Official AOL Spam Patrol certificate.

Sophos Identifies the Most Prevalent Spam Categories of 2005

2005-08-16T01:42:00.000-07:00

Sophos Identifies the Most Prevalent Spam Categories of 2005
Pump-and-dump stock scams increased while porn spam decreased over last six months
Lynnfield, MA - infoZine -While emails peddling snake-oil meds and low-interest loans continue to irk computer users and clog corporate networks, dangerous new categories of spam are becoming more prevalent according to Sophos, a global leader in network security, which today published the results of its research on the most prominent spam categories during the first six months of the year.Researchers from SophosLabs™ analyzed the spam received in its global network of spam traps. Sophos experts found that "pump-and-dump" stock scams are on the rise, and unsolicited pill or medication email, including generic or non-brand name versions of Viagra and other pharmaceuticals, accounted for more than 40% of all spam traffic.The top five spam categories spanning January 2005 through June 2005 are as follows:
"Over the last six months, we've seen medication and mortgage spam retain their notorious ranking atop the spam charts, while unsolicited pornography, though still accounting for about 10% of all spam, is slipping downward," said Gregg Mastoras, senior security analyst at Lynnfield-based, Sophos. "The most interesting development, however, is the increased volume of stock scam spam, representing a new financial threat to somewhat naïve online investors."Sophos's analysis shows that, during the first half of 2005, the volume of stock scam spam has increased at an average rate of 10% per month."The purpose behind the pump-and-dump stock racket is to quickly and cheaply disperse false information about a company's stock, along with information obtained from recent press releases, to potential investors via email," Mastoras explained. "Typically targeting microcap companies stock, once these fraudsters dump their shares, and then stop advertising the stock, the price often falls, and investors ultimately lose their cash."Pump-and-dump campaigns tend to run for short durations, keeping overall volume low. Even though some of the information provided is accurate, the deceptive and unsolicited nature of the messages qualifies them as spam. The majority of stock scam spam campaigns employ obfuscation techniques, using word variations such as "st0ck" or "stox" to avoid being caught by spam filters. Messages can arrive in many different formats, such as HTML or plain text, and are almost always sent via hijacked PCs known as zombies."Social engineering through email, where scam artists take advantage of unsophisticated computer users, is on the rise and represents a dangerous trend," said Brian Burke, IDC Research Manager. "Stock scams, combined with traditional phishing techniques, can result in significant financial loss for victims of these swindles."Sophos recommends that the most effective way for businesses to reduce spam and other threats is to adopt a multi-layered defense as well as implement a best practice policy regarding email account usage. Users can also learn how to best minimize the influx of unwanted email by following a few simple guidelines.

Ipswitch Says Spam Is On Vacation

2005-08-16T01:39:00.000-07:00

Ipswitch has today announced that spam is down by over 20 per cent on the previously recorded period. According to a survey conducted for the company, 74 per cent of e-mail received over the Summer period was unwanted spam, down from 93 per cent over the Easter period.Although mortgage and loan spam held on to the top spot, it fell from 44 per cent - a third of spam e-mails this time. Second remained unwanted e-mails offering various types of medication (up from 18 per cent to 22 per cet).Next was the new trend of e-mails attempting to 'phish' recipients' banking details with spurious claims of Lottery wins and online gambling accounts (12.5 per cent up from 9 per cent), with various pornographic offerings rising to the occasion at number four. Last was spam offering pirated software with 9 per cent of the total spam received.'Although the percentage of spam arriving in e-mail inboxes can vary substantially, the importance of having efficient filters in place is as relevant as ever because productivity can be adversely affected by even small amounts of messaging spam,' said Ipswitch's vice president of marketing, Alex Neihaus.'Businesses lose countless man-hours a week in staff having to sift through the deluge of e-mail in their inbox to get to those that have a real affect on the bottom line. Collaboration is a cornerstone of doing business in the 21st century and companies cannot do enough to protect this vital part of their business communications.''Although the user is becoming more knowledgeable in their approach to spam, the spammers are at least one step ahead. The rise in phishing Spam is the most worrying, as this is often quite sophisticated - and has the highest financial repercussions for users. It is of massive importance that users have suitable anti-spam capabilities in place,' said Quocirca analyst Clive Longbottom.

Seeing red over unwanted e-mail? Create a 'white list'

2005-08-16T01:22:00.000-07:00

Every day I receive one or two e-mails from some unknown address with a subject that is just meaningless words, and the body of the message is usually an ad for Viagra or other prescription meds or maybe a Rolex watch. I bounce and block each one I receive but they continue their daily barrage. Is there anything more I can do short of changing my address? Two words: white list. That rather indelicate term commonly refers to the little-known but hugely useful tools in most e-mail software and Web e-mail services that let one quickly isolate desired messages in special, spam- free folders. You let all of the potency pill pushers, junk jewelry joints and Nigerian escrow schemes wallow in the so-called Inbox while you use a personally approved list to create your real Inbox, which will accept only the messages you want to see.
Believe me, this simple strategy will bring peace at very little cost.
Rest assured, if your rich Uncle Harold (or is it Aunt Hermione?) wants to leave you a fortune, the lawyers will find you some other way than e-mail to give you the good news. Meanwhile, the rest of those unk unks (unknown unknowns) can just go fish while your time spent on e- mail gets devoted to folks you know.
Like a great many e-mail users, your account works through a software-based system called POP mail, or post office protocol, and your fix is to create what are called rules for how your software handles each incoming message. The overwhelming majority of POP mail accounts use either Microsoft Outlook Express or the Outlook module in Microsoft Office, so let's focus there first, then move on to similar procedures available in other e-mail services.
When a POP mail message arrives from somebody you want admitted into your circle, click on the Message item in the Outlook Express toolbar and then select the option to create a rule based upon that person's message. The menu this triggers lets you specify all notes from that sender be moved from the Inbox to a new folder, which you can create.
Give that folder a distinctive name like Real Inbox. Then, with all desirable incoming messages, you simply click on Messages and make a rule to order messages from that particular sender to be moved to the Real Inbox instead of the un-vetted Inbox.
The routine is almost identical for users of Microsoft Outlook, except the message rule tool is accessed by giving the subject line of a message a right-click instead of opening the Message toolbar.
The white list scheme has worked so well with formal e-mail software that most of the Web- based e-mail services have created similar functions. For example, people with free e-mail accounts at Yahoo can select a Mail Options tool at the top of the main display of e-mail messages and then create what are called Filters instead of rules that work exactly the same way.
Google's free gmail.com service uses a system called Labels to let customers create customized inboxes.
Microsoft's hotmail.com and msn.com Web-based services use a streamlined scheme called Built Contacts to let users quickly go through a list of e-mail messages and check a box alongside each sender to be added to the list of acceptable sources.
You can always make checks of the regular Inbox from time to time if you fret some stranger somewhere is going to send you an e-mail worth reading. But with one of these white lists up and running, you'll find yourself checking the spam blighted Inbox less and less. I need help organizing my Favorites in alphabetical order. I've tried and tried to figure out how to do it with no success. Can you help me? Despite the item above this one, I love short answers.
Open the Favorites tool in the Microsoft Internet Explorer and give a right-click on any item listed. A pop-up menu will appear. One command is Sort by Name. Do it. The favorites will be listed alphabetically.
If something you like is too far down, just select the Rename command in the same menu and put a couple of A's in front and then sort the list again to bring it to the top.
Jim Coates writes about .

A new release of Spam Blocker from Softinform Version 2.1

2005-08-15T03:01:00.000-07:00

The new version of Spam Blocker 2.1 delivered by the SoftInform company provides maximum efficient protection for user computer (user mailbox in particular) from torrents of "spam". This is due to the fact that all correspondence is analyzed before it is downloaded from the mail server. The application checks the mail and retrieves the headings of all letters pending in the user mailbox (email addresses, sender names, letter subjects, etc.). The new release of "remote" ad blocker features a substantially tuned up interface. The added nice-to-haves include automatic and manual mail check buttons and a visualized process of receiving mail (an animated icon in the system tray and a tool tip with the total number of letters and the number of letters blocked by the application). The main alterations, however, concerned the "technical" facet of the application. Spam Blocker 2.1 is sported as a self-learning application. The new version of the spam-filter automatically registers sender names and servers (domain addresses) in the black (with letters marked as spam) and white (correct) lists.A new release of Spam Blocker from Softinform Version 2.1One of the major problems in the Internet is nothing more nor less than unwanted advertising letters, also known as "spam" - wasted incoming megabytes of information. The mail server filters block only a fraction of proposals to "increase" or "relax". The mighty "authorization" protection is, first of all, expensive (let's not forget the monthly fee), and second of all, it is not very convenient for the people on your contact list (they will have to go through a long and humdrum "access" process). If you want to rid your mail box of "spam", you need a comprehensive anti-ad "shield" that will save the money you spend on traffic by downloading bulky mail, as well as the time you spend on viewing and deleting useless emails. The new version of Spam Blocker 2.1 delivered by the SoftInform company provides maximum efficient protection for user computer (user mailbox in particular) from torrents of "spam". This is due to the fact that all correspondence is analyzed before it is downloaded from the mail server. The application checks the mail and retrieves the headings of all letters pending in the user mailbox (email addresses, sender names, letter subjects, etc.). The new release of "remote" ad blocker features a substantially tuned up interface. The added nice-to-haves include automatic and manual mail check buttons and a visualized process of receiving mail (an animated icon in the system tray and a tool tip with the total number of letters and the number of letters blocked by the application). The main alterations, however, concerned the "technical" facet of the application. Spam Blocker 2.1 is sported as a self-learning application. The new version of the spam-filter automatically registers sender names and servers (domain addresses) in the black (with letters marked as spam) and white (correct) lists.By using various settings of Spam Blocker 2.1 you can fine-adjust the application to suit your needs. Various modes for checking messages (automatic and manual), support of an unlimited number of accounts, checking the mail box at set intervals (e.g., every five minutes) or at user's will, updating system lists, flexible rule settings and lists editing ability make Spam Blocker 2.1 a convenient and irreplaceable tool for blocking "spam". Sick and tired of endless "spam"? Registering new ("clean") mail boxes over and over again? Every day dozens of letters for you and thousands for your company burning up megabytes of traffic that is by no means free? All it takes is to install Spam Blocker 2.1. And watch annoying and useless e-mail advertising disappear.

Spam Wars: Blue Security Strikes Bac

2005-08-15T02:55:00.000-07:00

Your Emeril LaGasse screen theme pops up with "BAM!" going off as it always does. Everything is done loading so you continue the ritual. You open your Outlook Express and the loading begins. Delightful, you've got 384 email messages. Considering you've only got 20 in your contact list, you might have spam. So you check the weather and post in the LiveJournal. The email done by this point. So you start the cleaning process. You've determined that of the 384 emails you've received, 30 were actually something you were interested in. Scene sound familiar? Ever been through the ringer because of spam and it's taken you quite a while to get rid of it all? Even if you set the spam filters for email, it won't cover all of it. Blue Security understands this and they are encouraging users to not get mad, get even. They want you to take play with the "Blue Frog". The Israeli Internet security firm, Blue Security may have a pleasant end for some of those people getting inundated with spam. They've created a "Do Not Intrude Registry that gives users the ability to complain about the deluge of spam they might receive. The way it works is the amount of spam received dictates the amount of complaints. According to their website, if Blue Security gets sent 40,000 spams promoting the same site, that site gets 40,000 complaints right back at it. Eran Aloni, Blue Security's Marketing Director said on the company blog they are "building the community and sending warnings to spammers." The process sounds pretty keen. Various interested parties sign up for the service and complaints build up in honey pots. Then they're dumped on the sites mentioned in the spam people receive. So if www.humongomaleenhancement.com send you spam for natural-unnatural male enhancement products every day, you can simply allow complaints to build in these honeypots and then eventually, www.humongomaleenchancement.com will get hit by tons of these complaints based on each and every spam they had a male enhancement in. There is another side to this story though. An ongoing debate on Blue Security's forum debates the ethics of this project. Blue Security maintains that for every single spam message someone receives, they should be allowed to complain to the parties responsible for it, namely the companies linked too in the spam. Critics say this whole thing is really an unethical DdoS and makes them no better than the groups they say they're protecting people from. As the need for Internet security continues to grow and spam continues to drive people haywire, it stands to reason many would want to take a more active role in defending their computers because people end up with all kinds of garbage on their computers, malicious or just annoying. The questions raised are important as people look for new methods of security, the ethical question is something that must remain in the backs of people's minds. But I do have to admit, it will be sweet seeing the spammers getting a taste of their own medicine.

GFI has Today Released a New Version of GFI MailSecurity for Exchange/SMTP

2005-08-15T02:51:00.000-07:00

GFI has today released a new version of GFI MailSecurity for Exchange/SMTP, its email content security solution. Version 9 provides administrators with far greater ease of use and highly reduced maintenance requirements while retaining the product's proven multi-layered defense system - in the form of multiple virus engines, content and attachment checking, spyware and exploit detection, and Trojan/executable scanning. Through its new quarantine filters, search options and web-based configuration, GFI MailSecurity 9 will help administrators ensure that their email servers are secure and efficient with a minimal amount of effort."With its multi-tiered protection, multiple virus engines, email exploit engine, Trojan engine, and more, GFI MailSecurity offers high level email security without compromising performance. The latest version extends GFI MailSecurity's operational power: Version 9's advanced quarantine filters and rules make administering the product a snap. Its enhanced efficiency, coupled with its solid lines of defense, grants administrators additional time to focus on other tasks rather than having to be glued to their email security solution," explained David Vella, GFI Product Manager.Ability to set up custom quarantine filters - for faster sorting of quarantined mailGFI MailSecurity 9 enables administrators to configure a series of search folders (similar to the Microsoft Outlook Search Folders) within the product's 'Quarantine Store', permitting them to manage quarantined emails better and faster. For example, a folder can be set up for emails related to a particular user that were quarantined by virus checking and another for that same user's emails quarantined by attachment checking, allowing administrators to prioritize which folders they check first: It may be more important to examine the attachment checking folder first as this is likelier to contain emails that must be approved and forwarded to users.The latest version of GFI MailSecurity also provides the facility to conduct searches within all emails that it quarantines. Such searches can be performed among inbound or outbound emails to or from a particular user, for instance. Searches can also be carried out based on sender, recipient and the reason for quarantine, freeing the administrator from the need to go through all quarantined emails one by one.Web-based configuration - enables remote management from any locationThe product's web-based configuration allows administrators to configure and monitor the product remotely from any computer that is equipped with a browser - meaning that one can monitor and manage GFI MailSecurity from anywhere in the world. This module also permits remote management of quarantined emails.Other new featuresGFI MailSecurity 9 also includes these new features:• Full threat reporting for quarantined emails - When an email is quarantined, GFI MailSecurity gives a full threat report, detailing all threats identified per email.• Scanning engine speed improvements - The engine now makes full use of multi-processor machines and scans a great volume of mails at a faster pace than ever.A list of all new features is available at http://kbase.gfi.com/showarticle.asp?id=KBID002394.GFI MailSecurity pricing and trial version informationGFI MailSecurity for Exchange/SMTP is an email content checking, exploit detection, threats analysis and anti-virus solution that removes all types of email-borne threats before they can affect one's email users. GFI MailSecurity's key features include multiple virus engines, to guarantee higher detection rate and faster response to new viruses; email content and attachment checking, to quarantine dangerous attachments and content; an exploit shield, to protect against present and future viruses based on exploits; an HTML threats engine, to disable HTML scripts; a Trojan & Executable Scanner, to detect malicious executables; and more. Pricing starts at just US$350 for 25 mailboxes. More information and a free trial version of the product are available at http://www.gfi.com/mailsecurity/.

Herb Weisbaum: How To Get Rid Of That Pesky Spam

2005-08-15T02:50:00.000-07:00

The term "spam" means different things to different people. I tend to take the broader definition. When I talk about Spam, I mean unsolicited bulk e-mail, messages that have not been sent to you personally. It's JUNK e-mail.
A new survey by Consumer Reports released Tuesday night, finds that spam has eased for some users, but it's getting worse for many others. The magazine contacted 3,200 households with Internet access. 54% said at least half of their e-mail is spam. 33% say they are getting much more junk e-mail than they did a year ago.
Because my e-mail address is on the KOMO Web site, my in-bin is over-flowing with spam
I get dozens of e-mails each week pushing erectile dysfunction pills. Why in the world would someone buy any prescription drug this way - from an e-mail that pops up in their computer - even if they needed the stuff? Because the ads all say "no prescription required."
Of course, maybe they're not selling the real drug, it could be counterfeit. How would you know? The bottom line: buying any prescription drug by responding to an e-mail like this is just plain stupid.
A lot of my spam looks like it's from people giving me a quote on a home mortgage. They promise low-low rates with very little money down. Some of them are made to sound like they're responding to an e-mail I sent them. They're not.
What are they up to? Who knows. But it's a great way to get your personal information for identity theft!
There are also the "urgent" messages disguised to look like they came from your bank, eBay, Pay Pal or some other trusted service provider. They all tell you there's a problem with your account (the reasons vary) and they need you to click on a link in the e-mail to give them your personal information. Why? So they can steal it! These "phisihing" scams, as they're called are huge problem and getting bigger.
The big Internet Service Providers, AOL, EarthLink, and Microsoft feel your pain, and they're working to filter out the spam before you get it. They're also going to court to shutdown the spammers sending out all this e-mail. So, if your ISP offers spam filters, make sure you enable them!
Consumer Reports says Microsoft Outlook 2003 and Apple OS 10.4 Mail do an excellent job of blocking spam. So, if you have old versions, Consumer Reports says you might want to upgrade. Do this, the editors say, and you won't need to buy separate spam blocking software.
Of course, some people prefer to go with an add-on blocker. For it's September issue, Consumer Reports tested 7 of these programs and two were clear standouts.
The editors says Allume Systems SpamCatcher 4 did an excellent job. It "tags spam to help you delete it quickly," they say. SpamCatcher 4 sells for around $30 and there's a $10 annual fee. There is no phone support with this product.
Consumer Reports says Mail Frontier Desktop is another excellent choice. The editors point out that Mail Frontier Desktop is "easier to setup" than SpamCatcher4. It blocks Windows Messenger pop-ups and identifies fraudulent e-mail. Mail Frontier is also priced at $30 with a $15 annual fee.

The clues that led us to the porn spammer

2005-08-15T02:26:00.000-07:00

The story began when senior producer Allan Maraynes asked me if we could trace a piece of pornographic spam e-mail back to the person who sent it. Tracing spam is never easy. And as with any investigative story, we were not sure where the journey would lead.
But there are clues that we could follow.
The idea became a journey into how an adjunct one of the world's oldest businesses was combining with one of the newest trades. The trail would give us an opportunity to show viewers the money at stake, the lack of regulations, how this affects people's lives, and the people involved in the industry. One operating theme, as correspondent John Hockenberry said during the piece, was "return to sender."
We began doing something that most people would never do: We sought out spam. Associate Producer Michelle Feuer asked groups who complain about spam to provide us with examples so that we could glimpse the scope of what is out there. Within a couple weeks we had hundreds of different kinds of e-mail.
Once we got the e-mails, we began culling through them.
One of the worst aspects of the story is that we had to do what those who do not want spam should never do: We had to start by looking at those e-mails. The problem with that is, depending on the program you use for e-mail- like Outlook or Eudora- and how you adjust your settings, you run the risk of downloading a virus on your computer.
Here are some of the clues we were evaluating:
Every e-mail contains what is known as header information - information that offers clues about the route traveled by the e-mail to reach you. It will have a list of IP addresses. These are like those old stamps you would see on vintage steamer trunks, telling you about the various ports traveled through. Each address-a set of numbers-tells you the computers that e-mail passed through. And you can look up who owns those computers, though there is always a risk that the information is not accurate. These are known as "whois" searches. There are various places you could go for these kinds of searches, including this Web site.
You can look up who owns the pornographic Web site promoted by the spammer. For instance, we learned quickly that the owner of the Web site we eventually decided to profile was owned by a Canadian company called Global Media Resources. Trade publications such as Adult Video News profiled the company as a substantial player in the Internet porn business.
There are also other ways to learn about sites. For instance, a Web site operator- like any kind of company- could be involved in a business-related dispute. And just like traditional trade name disputes, Internet sites may get tangled in arguments about who owns a Web site name. A springboard to examine those is this site. And like any proceeding, the documents filed can offer another glimpse into a Web site operator.
Another resource are anti-spam organizations like Spamhaus. We did not use Spamhaus to track the spammer in our story. But the group compiles a lot of useful information about spammers.
Other clues could be embedded in e-mails. Even though e-mails could be filled with fancy graphics-or offensive pornography-there are ways to examine the source code used to assemble the missive. The ways to do so depend on your e-mail software. In the case examined by Dateline NBC, the source code told us what would happened if we "Clicked Here" on the e-mail, the computer routes that would be taken to the porn site. And we could see that there was a numeric code- something we later confirmed was an ID used by the spammer to get paid by the pornographic Web site. That ID number, visible in the source code of the spam profiled in the story, proved crucial to tracking down our spammer.
All of these approaches could be useful to tracking any spammer, not just those in the porn business.
We learned that the spam that so offended Julie in Texas was seemed to have been sent on this continent and that it involved a big pornographic Web site operator in Canada. There's a lot of spam that comes from all around the world, including China and some of the former Soviet republics. At least we were going to remain in North America for this story.
So at this point, we did not know the identity of the spammer. But we had leads to pursue.
It did not take long to learn something else about the pornographic Internet business: to combat child pornography, the U.S. government requires Web site operators to post a list of its Custodians of Record. The records are contracts and other documents showing those photographed for the Web sites are 18 years old or older. Often, these are photographers. So at most pornographic Web sites, you may notice a link tucked away that would lists Custodians of Records. You would know who has the documents. You get the company name and often an address. (But you cannot see the actual model contracts documenting the ages. Those are available only to law enforcement officials). These list of document keepers was another avenue for us to pursue. You can learn more about this law here.
One footnote: U.S. law requires spammers and other e-mail mass mailers to include a way to opt out of getting further e-mails. You may have seen these. They say something like "If You Don't Want More Emails From Us, Click Here." Spam experts told us you should think twice about ever clicking this. Opting out something you should only do if you trust the sender. If not, and you do click, it could tell a spammer that your e-mail account is for real, and that you read stuff from people you don't know. It's added incentive for them to keep spamming you. And since the law is rarely enforced, there is little you could really do to get the spammer to stop using this opt-out provision. Australia is one place that experts say has a much different approach, where you would have to opt in to get mass marketing e-mails to begin with.
On the hunt for the spammer, we learned about the Internet porn industry's major convention in Las Vegas. It precedes a better-publicized event designed more for those who are fans of porn stars. Producer Lynne Dale and correspondent John Hockenberry went there in January 2004, and saw first hand how the industry is constantly looking for ways to boost traffic-getting people to visit their Web sites. Key players in the business say they oppose spam as a means to do this. But as many people with e-mail accounts know, it still goes on. As you saw in the story, when they spoke with John Hockenberry, the Global Media representatives promised to reveal the name and address of Julie's spammer- the identity of the person we'd only known by a code number.
It's important to know that spammers make money not just by spamming you, but by selling your e-mail address (along with millions of others) to other spammers. It's an added reminder to be careful about giving out your e-mail address.
Avoiding spam
A good way for you to help avoid spam is with a spam filter. Ray Everett-Church, an anti-spam expert who appeared in the story, e-mailed this to us regarding spam filters:
The software that I have come to depend on personally is SpamAssassin, a free software package that is built and maintained by a volunteer community of anti-spam fighters. It's mainly for use on mail servers by ISPs and enterprises, but the same technology is available to the average user through another free software package called PopFile. It runs on Windows machines and works with just about any e-mail software like Outlook or Thunderbird. (But not proprietary services like AOL or Web mail services like Hotmail or Yahoo.) There are decent anti-spam software offerings from some of the big name anti-virus companies, but they can cost money and aren't all that more effective than PopFile. The upside of those, however, is that they have good service and support and are easy for the average user to install.
I also use Cloudmark's SafetyBar which is a plug-in for Outlook. It works alright as well, and is pretty easy to use.
If you want to be safe, anti-spam experts caution you to never open e-mails from someone you don't know, and to even turn off e-mail preview features. Anti-spam filters can also be a big help to block unwanted missives from even going into your inbox. There is a lot of money at stake with planting viruses on computers. The viruses can hijack your connection to the Internet, making you the unwitting sender of spam. Or the viruses could make you face unwanted popups, and push your Web browser to places you don't want to go.

Businesses are taking a cue from bloggers with a new way of distributing information. The appeal: It's really simple.

2005-08-05T07:56:00.000-07:00

In a world of content overload--with E-mail always pushing information and thousands of Web sites pulling us--more people are using RSS readers to cope. The grassroots technology, used for the past few years by bloggers and news junkies, is finding a place in business-computing environments as a fast and easy way to channel information to customers, employees, and partners. It's also catching on as a cheap but effective approach to application integration. RSS, short for Really Simple Syndication, defines a way to let people subscribe to their favorite information sources on the Web. It uses an XML-based content-syndication protocol to do it. (Variants known as Rich Site Summary and RDF Site Summary use a slightly different protocol.) A like-minded protocol called Atom also is gaining popularity.
Among other things, RSS is emerging as an antidote to some of E-mail's most frustrating problems. While technical countermeasures do a passable job of blocking spam and phishing attacks from beyond the firewall, the sheer volume of E-mail from legitimate senders has companies looking for ways to communicate through the clutter. "People get a lot of what we'll call occupational spam, where there's information that may be delivered to you every day, but you can have too much of it," says Michael Pusateri, VP of engineering with the Disney ABC Cable Networks Group.
The Disney division has begun using software from NewsGator Technologies Inc. to let employees run RSS feeds alongside their Microsoft Outlook E-mail clients. Instead of offering a link to a document, for example, an E-mail message can contain the live information via RSS, along with a link to the Web application that stores the original report. "We can make the applications present an always-up-to-date version of the information," Pusateri says. hile this approach doesn't entirely free users from having to deal with E-mail, it does shift the burden of maintaining distribution lists from an IT administrator to the user. It also reduces E-mail traffic by making sure that messages containing RSS information are wanted.
There's more you can do with RSS. Insurance and financial-services company ING Group N.V. recently implemented KnowNow Inc.'s Enterprise Syndication Server to deliver work-related information via RSS to employees. Instead of searching for information on company portals and other Web sites, employees now have the information sent to them, improving both productivity and internal communications.
A similar approach can be used to deliver data from a company's internal business applications to the specialists who need it, says Ron Rasmussen, KnowNow's chief technology officer. "I can create an RSS channel for the finance department called 30-days-past-due receivables," he says. "They just look at their RSS reader."
The Integrated Justice Information Systems Institute, whose members are IT companies that support law-enforcement and Justice Department operations, uses RSS and Atom feeds that came built into its blogging software from Traction Software Inc. to keep committee members up to date on recent developments. "Some of our more technical committees that had some familiarity with RSS saw immediately how they could use that inside their workspace to provide a publish-and-subscribe capability so they don't have to rely on going hunting to see if there's something new in their committee work," executive director Paul Wormelli says.
The institute uses grant money to help state and local agencies adopt new technology, and committee members regularly publish papers that require comment from members in other locations. The benefit Wormelli sees is that information distribution becomes automatic. "No one has to initiate the distribution of information using an RSS feed," he says. "The main purpose is to put things in an E-mail form without anyone having to take the action to do that, and to not force stuff on people that they don't want to take the time to look at."
Major news sites and most noteworthy Weblogs publish their content as RSS feeds. They can be viewed using an RSS reader application, an online aggregation site such as Bloglines.com, or an RSS-enabled Web browser such as Apple Computer's Safari, Mozilla's Firefox, or Microsoft's upcoming Internet Explorer 7.0.
Microsoft's growing interest in RSS heralds even broader adoption in the months ahead, portending a day when RSS becomes a standard feature of many PC applications. Microsoft plans to support RSS in its next major operating-system upgrade, the recently dubbed Windows Vista, formerly known as Longhorn and due in 2006. "Really, we're at the beginnings of this," says Gary Schare, director of product management for Windows. "The people who own the content are just realizing the power of it. And the tools we use to publish content internally are just starting to become RSS-enabled."
RSS gives people an efficient new way to organize their information resources. Users can track the publication of frequently updated content across any number of sites simultaneously from a single, simple interface, and, because they only receive the RSS feeds to which they subscribe, filtering unrequested information isn't necessary. In that sense, RSS is a proactive search technology--it goes out and grabs information on designated subjects from trusted sources.
Because RSS was designed from the outset to be a means for summarizing information, the feeds can be scanned and comprehended easily. Compare that with E-mail, where in-boxes clog up with unwanted missives and, thanks to overzealous filters, sought-after messages sometimes get blocked. Twenty percent of consumers are concerned that desired E-mail can get trapped in filters, according to research firm Forrester Research. And some E-mail messages don't deliver relevant information efficiently, particularly call-to-action messages that point to a Word or Excel document or other application.

Productivity ploys

2005-08-05T07:48:00.000-07:00

Productivity ploys
It's not just the bottleneck aggravation that spam causes, employee efficiency can take a significant hit.
The amount of minute-by-minute so-called 'urgent' e-mails that demand attention drives down worker productivity considerably.
Managing and cleaning up staff e-mail accounts, or even keeping employees productive, is an issue all businesses have to deal with constantly now e-mail is considered an essential practice. E-mail's intrusive, immediate and possibly not work-related nature has led to companies such as Telecom New Zealand to implement no e-mail Fridays . A Hewlett-Packard study early this year reported that 62 percent of British adults are addicted to their e-mail. Half of the workers surveyed felt they needed to respond to e-mails immediately or within an hour, and one in five people reported being happy to interrupt a business or social gathering to respond to an e-mail or phone message.
According to Frost & Sullivan security analyst James Turner, e-mail for users today is similar to a DDOS attack on a network - packets of information (e-mail) is thrown thick and fast at a user and if they cannot process that information fast enough they fall in a heap.
"The companies that are thinking about their employees are going to start coming up with strategies to make the working day more productive, and that is not squeezing out productivity by responding to e-mails every 30 seconds ... people need thinking time," Turner said.
"Not all companies can implement a no e-mail day because it might not be viable but it is an interesting backlash against the intrusion e-mail has made on working capacity; companies that are doing e-mail packages are watching this and instant messaging with great interest because humans are at a point where they are so busy chatting and typing that they are not doing anything - that is not a sustainable business model." Stricter identity management, including using multiple e-mail addresses for work projects and social agendas, is the area where e-mail can be better managed and therefore create a more organized workflow, Turner said.
While doing without e-mail may not be an option for many companies, clamping down on spam is critical and not just to reclaim bandwidth. Spam has turned as insidious as viruses. Security vendors are starting to see spam used as a mechanism for delivering malicious content in the form of viruses, worms, trojans and the like.

Double trouble

2005-08-05T07:44:00.000-07:00

Double trouble
Besides cutting productivity, adware and spyware can also cause computer problems and worse. "They can cause instability in PCs, operations to crash, slow performance," says Chris Williams, a senior analyst at Ferris Research. "And [malware] can log your keystrokes and report those back to a Web site, so your network log-in is being compromised."
How can a company shore up its servers and desktops against this rising tide of malware? First, say experts, educate employees on spam and viruses. But education can go only so far; technology is also needed. Here are five steps in the defence against malware:
1) Restrict user privileges: The fewer system privileges on a user's desktop, the fewer opportunities there are for viruses and spyware to take over, says Andrew Jaquith, an analyst at The Yankee Group. "The biggest reason companies have spyware problems is that user privileges are set too high," he says.
IT may also choose to block certain types of attachments, such as executable or Zip files, and prevent access to certain Web sites. The DOE's Carlsbad office now uses Websense software to block access to adware- and spyware-heavy sites, such as gambling sites. It also relies on an e-mail firewall from Tumbleweed Communications with built-in McAfee antivirus and spyware filtering tools.
2) Apply patches immediately: Installing security patches and updates is critical, regardless of how much antivirus protection you may have. JetBlue Airways in New York, for example, has layers of antivirus and antispam defences, but its IT staffers also apply new security patches promptly, says Lesen Wang, IT e-mail systems administrator at JetBlue.
"Even with an antivirus program, a virus can get through," he says. Two years ago, for example, JetBlue's desktops were infected by the Blaster virus because they hadn't been patched, but the airline's servers, which had received regular updates, remained unaffected.
3) Switch to alternative e-mail packages: While not guaranteed to be shielded against viruses, nonstandard (that is, not Microsoft) software is less likely to be targeted by virus writers.
For example, Brett McKeachnie, network systems administrator at a state school, reports that the school, which uses Novell's GroupWise, never had a virus problem and didn't realize it was receiving viruses until it installed iSolation Server, an e-mail security product from Avinti.
"Avinti put [iSolation Server] into the mail stream, and the next thing you know, we've got 40 to 50 viruses hitting the filter," McKeachnie says. However, not everyone at the school uses GroupWise -- some are on Outlook -- so the school remains vulnerable to virus attacks and, of course, spam.
4) Build a multilayered defence: There are several approaches to antivirus and antispam protection, none of which is 100 percent effective. So using two or more is a useful strategy, experts say.
Techniques for blocking spam include maintaining blacklists of spammers' Internet addresses and employing the challenge/response strategy, which attempts to catch spammers by asking a suspicious sender to resend the message, the assumption being that an automated spam program won't reply. Another option is Bayesian filters, which "learn" to recognize spam from samples that an IT administrator or an end user feeds it. The filter then uses probability scores to decide whether an e-mail is likely to be spam.
Signature-based scanning is the most common approach for identifying viruses, but it doesn't help when there's a brand-new virus on the loose. The "zero hour" problem -- the time lag between the initial release of a new virus and the point when an antivirus software vendor can issue a patch update -- is the biggest problem with signature-based products, especially since the gap can be as long as eight hours. Companies relying solely on pattern-based antivirus protection are vulnerable to new viruses during that time.
One technique that attempts to close this gap is blocking technology that shuts down access to certain systems if it detects any initial virus activity. For example, JetBlue used Trend Micro's signature-based ServerProtect, but it opted to add IronPort Systems' C-Series antivirus and antispam device, which includes a blocking technology called Virus Outbreak Filter. The filter quarantines suspect e-mail if it detects a new virus outbreak based on data from IronPort's SenderBase e-mail monitoring network.
Yet another approach to blocking viruses is heuristics scanning, which detects viruses by analyzing a file's structure, behaviour and other attributes instead of looking for a pattern match in the code.
The bottom line, experts say, is that two or more defensive technologies -- whether in different products or combined in one -- are better than one.
Just as using two types of antivirus or antispam software can increase your odds of catching malware, so, too, can locating defensive products at different points on your network. Firewalls, SMTP gateways, HTTP gateways, e-mail and file servers, and desktops are all good places to defend.
Monrovia Nursery, a plant and flower wholesaler, recently added its fourth layer of security: an antispam and antivirus gateway from MailFrontier. The new gateway complements an existing firewall -- which blocks attachments such as Visual Basic scripts -- and antivirus software from Symantec on its e-mail servers and desktops. "It's another layer of protection," says Ray Martin, Monrovia's IS technical manager. "Redundancy and variety are good when it comes to e-mail security."
The main point of a multilayered defence, says Richi Jennings, a Ferris Research analyst, is to cover all the potential points where a virus could enter. Too often, he says, companies think they're immune to viruses, when in fact they've failed to cover a key point of entry.
"You may feel you have a clean architecture, with virus scanning on the perimeter of the network," Jennings says. "But if you've forgotten a vector -- such as a laptop that has a virus and gets plugged into the company network -- then suddenly you've got a bunch of infected machines because you didn't put antivirus on the desktops."
5) Use an outside service: If you want a multi-tiered defence without having to purchase individual products and implement them, an outside antivirus and antispam service may be the answer. Companies such as MessageLabs and Postini will intercept and clean your e-mail of viruses and spam before sending it to your e-mail server, thus sparing you the software and hardware expense of scanning and processing your own e-mail.
Internet service providers may offer antivirus and antispam filtering services to corporate clients. For example, virus and spam filtering at Bata Canada, a unit of shoe manufacturer and retailer Bata International, is handled by Bata's service provider.
A significant advantage, according to Eli Gabbay, manager of IT technical support at Bata, is the ability to offload some of the administrative chores to the service provider. "I found [antispam and antivirus software] to be very complicated. . . . There's a lot of work for me to do to maintain it," he explains. "Now the only thing I need to do is put any spam that gets through into a folder, and the provider adds it to its database." Typically, antivirus services use signature-based scanning in combination with other approaches to optimize their success rates. And they clean up the e-mail before it ever reaches their customers' servers. Some users are also turning to antivirus and antispam service providers to clean up their e-mail before it even hits their firewalls.
Euro RSCG Worldwide, an international advertising and marketing firm with 233 agencies, turned to MessageLabs for help in dealing with a rising flood of spam that threatened to overload its e-mail servers.
"We had more spam coming in than legitimate e-mail," says CIO John Tanner. "It got to the point, last August, where we were going to have to increase our hardware by 33 percent."
The agency tried blocking spam at the firewall with blacklists, but that approach resulted sometimes in blocked mail from prospective clients whose addresses or e-mail servers had been hijacked by spammers. So the ad agency tried the MessageLabs service, which culls spam and viruses before sending the clean mail on.
Of course, the company still uses antivirus software on its servers and desktops to be safe. But so far, spam has ceased to be a problem. "I don't have to manage any hardware or software. I don't have to worry about upgrading hardware because spam has increased," says Tanner. "Spam has disappeared from the planet for us."

GFI MailSecurity 9 offers server-based email security on a silver platter

2005-08-05T07:38:00.000-07:00

GFI has today released a new version of GFI MailSecurity for Exchange/SMTP, its email content security solution. Version 9 provides administrators with far greater ease of use and highly reduced maintenance requirements while retaining the product's proven multi-layered defense system - in the form of multiple virus engines, content and attachment checking, spyware and exploit detection, and Trojan/executable scanning. Through its new quarantine filters, search options and web-based configuration, GFI MailSecurity 9 will help administrators ensure that their email servers are secure and efficient with a minimal amount of effort. "With its multi-tiered protection, multiple virus engines, email exploit engine, Trojan engine, and more, GFI MailSecurity offers high level email security without compromising performance. The latest version extends GFI MailSecurity's operational power: Version 9's advanced quarantine filters and rules make administering the product a snap. Its enhanced efficiency, coupled with its solid lines of defense, grants administrators additional time to focus on other tasks rather than having to be glued to their email security solution," explained David Vella, GFI Product Manager.Ability to set up custom quarantine filters - for faster sorting of quarantined mailGFI MailSecurity 9 enables administrators to configure a series of search folders (similar to the Microsoft Outlook Search Folders) within the product's 'Quarantine Store', permitting them to manage quarantined emails better and faster. For example, a folder can be set up for emails related to a particular user that were quarantined by virus checking and another for that same user's emails quarantined by attachment checking, allowing administrators to prioritize which folders they check first: It may be more important to examine the attachment checking folder first as this is likelier to contain emails that must be approved and forwarded to users.The latest version of GFI MailSecurity also provides the facility to conduct searches within all emails that it quarantines. Such searches can be performed among inbound or outbound emails to or from a particular user, for instance. Searches can also be carried out based on sender, recipient and the reason for quarantine, freeing the administrator from the need to go through allquarantined emails one by one. Web-based configuration - enables remote management from any location The product's web-based configuration allows administrators to configure and monitor the product remotely from any computer that is equipped with a browser - meaning that one can monitor and manage GFI MailSecurity from anywhere in the world. This module also permits remote management of quarantined emails. Other new featuresGFI MailSecurity 9 also includes these new features:* Full threat reporting for quarantined emails - When an email is quarantined, GFI MailSecurity gives a full threat report, detailing all threats identified per email.* Scanning engine speed improvements - The engine now makes full use of multi-processor machines and scans a great volume of mails at a faster pace than ever.

IndiaLinks Launches SpamGuard - An Easy to use anti -spam filter to protect your inbox against unsolicited junk emails

2005-08-05T07:35:00.000-07:00

Indialinks one the India’s largest web hosting provider & official .IN Accredited Registrar, today announced the launch of a new service called SpamGaurd. Spam today has become an annoying factor for the people who use the internet to communicate, business,education, research and purchase goods online. Nearly 10 billions spam emails are send out everyday and the figure is expected to rise to 30 billion by 2005. Spamguard is a cost effective, reliable and time saving solution to increase the corporate productivity. It makes your inbox Virus and Spam free. With its advanced features like Challenge Response, DNSBL/RBL based filtering, White/Black Listing, Custom Filters, Mail tracks, Mail trends, Web based Control Panel and many more, Spamgaurd gives you the directive to monitor, filter emails and avoid spam. "Today dealing with spam mails is a primary concern and has become an high-priced affair, which avails time and resources, leading to deprivation in the efficient productivity and monetary loss, features like content filtering and challenge responses, help to put by bandwidth, which can be used for other business needs." says Mr. Bhavin Chandarana, CEO of IndiaLinks. This service empowers organizations to achieve high detection rates of spam mails , allowing users to safely delete spam without reviewing, helps in time management and saving of other resources.One can thus receive emails from your friends,families and authorized contacts immediately without wasting time in filtering or downloading hundreds of spam mails. Also no new software or hardware is required, and the service requires no additional IT administration.

eNeighborhoods Introduces New Lead Generation Direct Mail Service

2005-08-03T02:53:00.000-07:00

eNeighborhoods, Inc., has introduced a new Web-based marketing service enabling real estate professionals to create fully automated, personalized, color direct response marketing campaigns. The new service streamlines and automates the entire direct mail process producing personalized, relevant, high impact, customized print communications that significantly improve response rates, the company says. eNeighborhoods is announcing a series of turnkey direct response marketing programs incorporating the most up-to-date localized information about property, neighborhoods and schools. Each campaign includes customized data for each recipient’s neighborhood, such as recent home sales or aerial imagery. The system also has the ability to track and measure campaign effectiveness by incorporating unique personalized URLs (web address) offering an effective call to action and response mechanism. Expanding upon its already successful eNeighborhoods NewsLetter email service the company has announced a direct response print version of “Neighborhood News”. “This is the first in a series of direct response marketing communication campaigns we’re announcing,” explains Bryan Ehrenfreund, director of Product Development for eNeighborhoods. “The real innovation we’ve done with our new direct response service is integrating eNeighborhoods unique data, with variable printing technology, to print high quality direct mail pieces with extremely relevant data respective to each mailing address, automatically,” Ehrenfreund adds. “For example, a recipient could receive a postcard with the five most recent home sales closest to their address, or the average SAT scores of their daughter’s school district or the pricing pattern of recent homes sales, or maybe the median income of their neighbors. The sky is the limit, and the agent benefits by looking like a total expert.” The system integrates a new full-featured CRM contact management system for both email and print direct mail marketing campaigns. The new contact manager has the ability to import contact records from other programs such as Microsoft Outlook, Outlook Express and Top Producer, allowing customers to easily create profiles or groups of contacts for submission into specific campaigns. For existing customers who have enrolled contacts in the eNeighborhoods NewsLetter email service but are frustrated and finding it increasingly difficult due to proliferation of spam filters to get their emails delivered they can easily enroll their contacts to begin receiving a monthly print edition of “Neighborhood News” personalized for them with recent home sales for their area. An easy one step submission process is included. “The most successful agent in town is typically the one who is the most visible, has developed a reputation as the neighborhood expert and makes every prospect the center of the universe. The new eNeighborhoods 1 to1 direct response marketing tools use sophisticated technology to make achieving these goals toward success extremely simple for our customers,” says Stu Siegel, founder and CEO of eNeighborhoods.

Return Path Releases E-Mail Preview

2005-08-03T02:49:00.000-07:00

E-mail marketing firm Return Path debuted an e-mail campaign preview tool this week that previews six different e-mail views to improve delivery.
The unique feature of the Campaign Preview upgrade to Return Path's Delivery Assurance Monitoring Platform is that it lets companies preview how their campaigns will look in different e-mail readers on one page before the e-mails are sent.
Campaign Preview views include: AOL 9, MSN Hotmail, Outlook 2003, Outlook Express 6, Yahoo Mail and Lotus Notes 6.5.4, all displayed on one screen.
"By testing mailings for code and content problems [before] sending, our customers can improve both the appearance and delivery of their campaigns," said Tim McQuillen, co-founder of StrongMail Systems, Redwood Shores, CA, which is offering the tool. "Campaign Preview illuminates HTML errors that will trigger spam filters as well as rendering problems that will occur in different e-mail platforms."

Filtering spam in Novell Evolution

2005-08-03T02:29:00.000-07:00

When I switched to Novell Evolution, finding an anti-spam solution became a top priority. Having warmed to Evolution after noticing that its interface was no longer an imitation of Microsoft Outlook, I quickly learned to appreciate its centralized mail and business tools. Spoiled by Mozilla Thunderbird's built-in spam detection, I wanted some equivalent in Evolution.

Evolution's filtering tools for handling incoming messages provide the raw material for spam detection. However, the filters have difficulty knowing which characteristics of incoming mail should be treated as signs of spam. Information I gleaned from the Internet was only moderately useful; most of it was incomplete, obsolete, or inaccurate.
To find a solution, I pored over the headers of messages that Mozilla Thunderbird had detected as spam. From this research, I isolated the most common characteristics of spam and built several filters without leaving Evolution. Wanting to further improve spam detection, I spent several evenings testing various instructions for linking Evolution with SpamAssassin through a filter until I found one that worked. Taken together, these filters provided all the spam filtering I needed to remove my last obstacle to using Evolution.
Evolution's filtering tools
Evolution's filter rules are created from Tools > Filters > Add. Each rule consists of a logical condition with an If statement, which sets the conditions under which the rule applies, and a Then statement, which applies what happens when the conditions are met. You create both If and Then statements by selecting the Add button in the appropriate pane, then selecting from drop-down boxes or typing in fields. By default, a rule applies when all If statements are met, but you can also set the Execute action drop-down list to if any criteria are met. For convenience, give each rule an appropriate name, so you don't have to open it to know what the rule does.
For spam filters, If statements have many possibilities. Focusing on a specific message header, such as the Sender, Subject, Recipient, or on a message's contents, If statements can detect an exact phrase using the is building block, or part of a phrase using contains, starts with, or ends with. You can also introduce a degree of fuzziness by using sounds like or regular expressions. Many of these search patterns also have an opposite, such as is not. If none of these patterns, alone or in combination, does what you want, you can select Pipe to Program to call a shell command, such as grep.
By contrast, you'll need only a limited number of Then statements. Before you write Then statements, you'll want to create a Spam folder; Evolution comes with a Junk folder, but, in Debian, you can't use it when writing a filter rule from the GUI, not even if you modify /home/[user]/.evolution/mail/filters.xml in a text editor. For each spam rule, you'll want to use three Then statements in this order:
Move to Folder Spam
Set Status Read
Stop Processing
This set of Then statements delivers the email to the Spam folder and marks it as read, so you aren't distracted by the appearance of unread messages in the folder. It then keeps other filters from being applied to the same message and delivering it to other folders. Once you've tested your rules together, you may want to change the second statement to Set Status Deleted. However, until you're confident with your set of rules, this choice may cause you to lose legitimate messages.
While testing the results, you may want to assign a color or a sound to each piece of email marked by a rule, so you can see how many messages it is catching.
Completed rules are listed in the Tools > Filter window. Evolution processes them sequentially, so the order in which they're listed in the Filter window can affect the how useful a rule is. For example, a rule that moves messages from person@address.com to a particular folder will never come into effect if a rule that is processed first deletes all mail in which the sender's address contains @address.com. Since combinations of rules can have unexpected results, the Filter window includes buttons for moving a selected rule up or down in the list.
When you first write a list of rules, you'll probably need to debug them. If you do, opening View > Message Display > Show Email Source can help by showing the message headers that the normal view conceals.
Creating basic spam filters
The simplest spam filters in Evolution are the creation of whitelists and blacklists -- that is, lists of addresses from which you will or will not accept email. If you have a particular person in mind for either list, then the IF statement is: Sender is [email address]. If you want to include an entire domain, then the IF statement can be either Sender contains [domain name] or Sender ends with [domain name]. Set the rule to execute when any criteria are met, and you only need to create two rules, each a list of addresses or domains.
For most people, a whitelist is easy to set up. Place the whitelist at the top of the filter rules, and you won't miss any essential email. By contrast, because spammers frequently change addresses, a blacklist is likely to require constant updating. This updating defeats the utility of creating rules by forcing you to spend far more time dealing with spam than you care to.
For this reason, rules that identify characteristics of spam rather than email sources are likely to be more useful. For example, emails that list your address as both sender and recipient are likely to be spam, so you could create a rule to send them to the Spam folder using two IF statements: Sender contains [email address] and Recipients contains [email address].
Similarly, these two If statements create a filter based on size: Size (kb) is greater than 60 and Attachments do not exist. Since 60 kilobytes is about 9,000 words, that size should accommodate any mailing list digests you receive. If you don't subscribe to any mailing list digests, you can adjust the number to 20 or even lower. Either way, you can usually assume that a larger message without attachments will be spam full of graphics.
Other useful spam filters include a search for:
Words and phrases likely to be evidence of spam, such as click here or Cialis
Windows executables as an attachment. This search could be a list of IF statements containing the extensions of Windows executables, or simply Pipe to Program grep 'name=.*\.$exe\scr\bat\pif$'.
A date more than 96 hours before the message was received. Such a date could indicate a relayed message.
An empty Reply-To header
Many of these searches can be defined by If statements within a single rule.
Depending on your correspondents, you may also want to filter by character-set (charset). For example, I don't have any correspondents who write to me in Japanese, Korean, or Cyrillic characters. However, I regularly receive spam that uses these character sets. For that reason, setting up a filter on those character sets works for me. I also include a filter for messages that list no character set, since that can also be a sign of spam.
You can also search for HTML tags that are more likely to be used in spam. Filtering out all HTML email by searching for text/html seems a bit drastic, although some purists might consider it. More practically, you might consider setting up If statements that search the message body for:
large and extra large fonts (font size= "+)
tables (tbody)
red or blue text (#0000CC, #FFFF00)
Even if you have correspondents who insist on HTML email, these tags are still unlikely to be in the average legitimate e-mail. If necessary, you can filter such correspondents in a whitelist.
Evolution filters cannot check for all the signs that anti-spam software can detect. For instance, they cannot, as far as I can figure, assess the percentage of the message body that is in HTML, or determine that Microsoft Outlook is falsely identified as the mailer. Nor can Evolution filters evaluate the likelihood that a message is spam. Yet, with ingenuity and a study of results obtained from other anti-spam software, you might manage to filter 90-95% of your spam without any other measure.

Spam choked the traveller's tale

2005-08-03T02:28:00.000-07:00

Spam choked the traveller's tale
With 2000 inboxes to protect and the interests of customers, airlines, hotels and suppliers, spam's extra load was grinding servers at Harvey World Travel to a near halt.
Matthew Harris, the travel agent's IT manager, said the combination of an increase in regular business together with spam and viruses, while not crashing the e-mail server, caused it to run slow so that users' e-mail clients would time out.
Harvey World Travel has 350 franchises in Australia and Harris said the problem with spam started when the e-mail server couldn't cope. "Spam gave us many more problems than viruses ... e-mail is very important to our business."
Harris signed up for a 30-day free trial with Messagelabs which, he said, "fixed the problem overnight and we have been using the solution ever since; we just had to change the MS records in DNS and make a few firewall changes - we spent more time reading the contract than deploying".

Mail-Filters Continues to Lead the Way in the Anti-Spam Industry: Users of Mail-Filters' Anti-Spam Technology Praise its Low False Positive Rates

2005-07-28T05:00:00.000-07:00

Now That Most Anti-Spam Filters Are Able to Catch More Than 95% Spam, Users Recognize That False Positives Have Become Their Real Problem Mail-Filters.com, Inc., the global leader in OEM anti-spam solutions, provides technology for its OEM partners that filters billions of messages a day in more than 100 countries and 30 languages. Where most anti-spam technologies have focused on achieving higher catch-rates with apparent disregard for false-positive rates, Mail-Filters has achieved industry leading catch-rate with nearly no false-positives. Mail-Filters' technology is consistently praised by both the industry and its users for its low false positive rates as well as its ability to stop spam and phishing messages. Comments such as the following are typical: -- "We got our first false positive last week, after some 10M messages processed, which means that we have an extremely high efficiency." -- "I have yet to find a 'false positive' from my Premium (Mail-Filters) spam trap which accounts for about 98% of all our caught spam." -- "We have not received a single reported false positive in the three month period the program has been running." Mail-Filters combines two proprietary weapons to catch both spam and phishing messages: the Bullet Signature Database created and maintained by both technology and human editors, and the STAR Engine that detects spammer tricks. This approach allows the filter to catch new types of spam, including phishing, embedded content, HTML, and foreign language spam. The result is a catch rate of more than 95% with less than 1 in 1,000,000 false positives. "The Mail-Filters technology was designed four years ago with the problem of false positives high on our list of system requirements," says Ben Westbrook, CEO of Mail-Filters. "Early in the design phase it became apparent that open source solutions and those relying on statistical analysis cannot catch spam and avoid false positives -- at the same time -- they have to trade off one for the other." Mr. Westbrook continued: "To avoid this problem, and building on extensive experience designing anti-virus filters, we chose to base our anti-spam filter on signatures written and maintained by human editors. As a result, unlike most filters that are considered `acceptable' in comparison tests if they have a false positive rate of 0.1%, or 1 in 1,000 messages, we have never had to accept anything less than 1 false positive in 100,000 messages. In actual usage, as you can see from these quotes, we consistently achieve better than 1 in 1,000,000."

IndiaLinks Launches SpamGuard - An Easy to use anti -spam filter to protect your inbox against unsolicited junk emails

2005-07-28T04:50:00.000-07:00

IndiaLinks Launches SpamGuard - An Easy to use anti -spam filter to protect your inbox against unsolicited junk emails
(PRLEAP.COM) Mumbai Indialinks one the India’s largest web hosting provider & official .IN Accredited Registrar, today announced the launch of a new service called SpamGaurd. Spam today has become an annoying factor for the people who use the internet to communicate, business,education, research and purchase goods online. Nearly 10 billions spam emails are send out everyday and the figure is expected to rise to 30 billion by 2005. Spamguard is a cost effective, reliable and time saving solution to increase the corporate productivity. It makes your inbox Virus and Spam free. With its advanced features like Challenge Response, DNSBL/RBL based filtering, White/Black Listing, Custom Filters, Mail tracks, Mail trends, Web based Control Panel and many more, Spamgaurd gives you the directive to monitor, filter emails and avoid spam. "Today dealing with spam mails is a primary concern and has become an high-priced affair, which avails time and resources, leading to deprivation in the efficient productivity and monetary loss, features like content filtering and challenge responses, help to put by bandwidth, which can be used for other business needs." says Mr. Bhavin Chandarana, CEO of IndiaLinks. This service empowers organizations to achieve high detection rates of spam mails , allowing users to safely delete spam without reviewing, helps in time management and saving of other resources.One can thus receive emails from your friends,families and authorized contacts immediately without wasting time in filtering or downloading hundreds of spam mails. Also no new software or hardware is required, and the service requires no additional IT administration.

Spam block has its own ethical issues

2005-07-26T04:27:00.000-07:00

couple of years ago, this column featured the prediction that the junk e-mail problem would be coming under control right about now. So much for clairvoyance.Sign up for: Globe Headlines e-mail Breaking News Alerts Instead, between 60 and 70 percent of the world's e-mail is spam. Even a federal anti-spam law and a number of high-profile federal prosecutions haven't put a kink in the hose. With so many junk mail marketers on the loose, locking up a couple here and there makes hardly any difference. Distracted by terrorism, drugs, and organized crime, cops won't hammer the spammers with an all-out nationwide dragnet, the only strategy that might work.
Perhaps technology can save us: more aggressive spam filters, maybe, or new technologies that will identify and block spammers before they can run wild. Many such ideas are making the rounds; why haven't they paid off? In large part, because spam-fighters have spent so much time sparring among themselves.
Just look at the dispute over Sender ID, an e-mail authentication system backed by Microsoft Corp. Most spam contains phony return addresses, making it hard to track the filth back to its lair. Sender ID would add a feature to the e-mail system that would enable it to confirm the true origin of a piece of e-mail, thus making it harder for spammers to hide. It's not a cure-all -- you would still need to block the spam. But that's a lot easier when you've accurately identified the source.
But will Sender ID work? A recent study by a panel of technical experts found that the system has a host of technical problems. That hasn't stopped Microsoft from trying to patent key portions of the technology. This move terrified other firms, who don't want their e-mail put at the mercy of the world's most merciless software company. So some of them have rallied around an alternative authentication system developed by the search company Yahoo Inc.
The Internet Engineering Task Force, which must decide on the best technical solution, is still thinking about it. ''No consensus has yet been reached concerning a single technical approach," the task force said last month, news that no doubt warmed many a spammer's heart.
It's enough to make you feel trapped, desperate, eager to strike back with any tool at hand. So an Israeli entrepreneur's plan to choke spam at its source has a certain spiteful appeal.
''We're looking for people who are willing to stand up for their online rights," said Eran Reshef, founder and chief executive of Blue Security Inc. The company, in Menlo Park Calif., and Herzliya, Israel, has scared up $3 million in venture funding from Benchmark Capital. Now it's rounding up a digital posse to unleash against the companies that torment us

Trend Micro announces network anti-spam services

2005-07-26T04:18:00.000-07:00

SecureData, a member of the JSE-listed ERP.com Group, and the southern African distributor for Trend Micro security software, today announced the latter's Network Reputation Services, a portfolio of network-based anti-spam services that complement the company's existing anti-spam offerings.
The services represent the first offering resulting from the company's acquisition last month of Kelkea, Inc, an IP filtering and reputation services provider.
Trend Micro Network Reputation Services respond directly to the continuing growth and difficulties of tackling spam. Although its abundance is nothing new to businesses - Gartner reported that approximately 90% of enterprise organisations' inbound e-mail is considered spam (Source: The Evolving Secure Email Boundary, 2005) - the adoption of spam-like techniques in carrying out malicious zombie and botnet attacks is creating a pressing need for advanced network-level protection.
Trend Micro Network Reputation Services provide that solution. According to Trend Micro, the services stop between 40% to 80% of connections from known offending IP addresses from sending suspicious e-mail into a network. This service is enabled by the Trend Micro Threat Prevention Network, which monitors the Internet and rates the 'reputation' of IP addresses based on whether or not they're sending spam. This information is stored in an extensive reputation database that Trend Micro believes to be the largest of its kind in the industry. By applying proactive protection at the network level, customers can increase productivity and support a continuous flow of business information while managing costly demands on bandwidth and administrative time.
"Once again, Trend Micro has executed quickly, converting the promise of an acquisition into flexible market-ready services that address a growing customer pain," commented Eva Chen, CEO of Trend Micro. "Trend Micro Network Reputation Services provide enhanced protection against existing and emerging threats. By stopping the bulk of spam at the IP address, our services protect customers from the rising threat of zombie attacks and botnets, both of which utilise spam-like techniques. These new services will ultimately help customers optimise bandwidth and other resources for business-critical operations."
The services complement Trend Micro's existing Spam Prevention Solution (SPS) as well as other anti-spam content filtering systems. Blocking spam at its source offloads the amount of e-mail that traditional messaging security solutions must filter and therefore can reduce the potential for threats to infiltrate the network.
Trend Micro Network Reputation Services consist of the following offerings:
* Trend Micro RBL+ Service: This service involves checking lists of suspect IP addresses from four databases -- an open-relay list, open proxy list, a real-time black-hole list, and a dial-up user list.* Trend Micro Network Anti-Spam Service (NAS): This advanced service consists of a dynamic list that queries a database focused on dynamic behavioural monitoring of suspect zombie PCs.
In addition to its anti-spam capabilities, Trend Micro plans to expand its reputation services to defend against phishing, pharming and other network-related threats.

Spam filter may have blocked news items

2005-07-26T04:06:00.000-07:00

A new spam filter may have stopped some submissions sent by readers using one of the forms on The News-Review's Web site in recent weeks.E-mail sent directly to a specific News-Review address was not affected. Anyone who has used one of the forms on newsreview.info since June 6 should contact the newspaper to see if the information arrived, or simply resend it. The technological glitch has been solved.The forms that may have not functioned properly are the ones used to submit news for the Community page and letters to the editor

Open-source spam filter advances

2005-07-26T04:05:00.000-07:00

Open-source spam filter ASSP has been upgraded with a much improved administration interface, Sender Policy Framework (SPF) support, SMTP session limits, IP connection limits and a much better statistics page for reporting on mail traffic.
ASSP is a Perl program, so the same software runs on Linux, Unix, Windows, OS X and most other systems for which a Perl interpreter is available. The upgrade can be downloaded from the first URL below.
The most noticeable addition is the SPF support. The SPF protocol is designed to prevent messages with incorrect return-addresses from being delivered. Because most spam currently has a forged return address, this approach might rapidly become an effective anti-spam measure.
However, SPF requires domain owners to update their Domain Name System (DNS) servers to incorporate SPF-related information. It also requires recipients to verify the extra SPF details. Rather than needing to update all desktop systems, the latest ASSP software could handle this verification for an entire mail system.
The other new features are likely to interest mail system administrators.
The SMTP connection limit can be used to reduce the amount of ASSP work taken by a particular server, which could be used to manage the overall CPU utilisation on a busy server. Similarly, the IP connection limits restrict the number of connections from individual IP addresses, which would be a boon when a firm is suffering a denial of service (DoS) attack on its mail system.
DoS attacks are often caused either by extortionists attempting to disturb normal business processes, or as a side-effect of viruses.
An FBI/Computer Security Institute report released in June said over 99 percent of firms use antivirus tools, but despite this virus incidents were the most common computer security problem in 2004, with 78 percent of firms surveyed reporting virus infections.
These incidents are estimated to have cost US organisations some $55m. The same report said that DoS attacks were the next most expensive security problem.
The web-based administration interface for ASSP includes an improved hierarchical structure to hide unwanted options.

SpamSweep spam filter for Mac OS X released

2005-07-26T02:50:00.000-07:00

Bains Software has released SpamSweep 1.0, a new spam filter for Mac OS X. SpamSweep is an advanced bayesian spam filter with a simple, easy-to-understand interface. SpamSweep seamlessly combines many filtering technologies, including domain and relay blacklists, sender whitelisting, and a bayesian filter to automatically delete spam messages before they're downloaded by your email client. SpamSweep can notify you when you have new good mail by playing a sound, displaying the new messages in a floating window, or launching your email client. The $20 shareware runs on Mac OS X 10.3 or later; a 15-day trial is available online.

The Breakthrough Solution to Spam Filters and Email Blockers

2005-07-25T03:08:00.000-07:00

Email broadcasts to opt-in clients are no longer reaching targeted audiences anymore. Aggressive spam filters are blocking legitimate emails sent by companies and are costing businesses’ billions in loses each and every year. According to Double Click, an advertising and email delivery company, reports in their Q3 2004 Email Trend Report, that the average email deliver rate (emails sent minus the combined hard and soft bounce-back rate, but not counting the e-mail messages, blocked by various filters without bouncing the message) grew slightly to 89.3%, while the average open rate is only 34.3%. The average click through rate is 8.3% and the click-to-purchase conversion rate grew to 4.2%. It’s difficult and frustrating enough to convert members into buyers, but with the blockage by spam and email filters, legitimate companies worldwide with client and prospect lists are losing tremendous revenue every year. Businesses are crippled because only 20% to 50% of their content communication is reached. This disastrous implication not only affects your existing clientele from getting your company’s news and product announcements, but it also starves your business from converting new prospects into clients as well. But have no fear, there’s a breakthrough way to go around the spam and email problem. It’s called RSS feeds. By using RSS feeds, your news and email broadcasts get delivered to 100% of your member lists, Guaranteed! How you ask? Well, because a RSS feed is an opt-in subscription feed. Once your members subscribe to your RSS feed, all of your messages, news, and announcements will be delivered to your subscribers’ desktop instantly, without any of the irritating hassles of filters and blockers. RSS feeds were initially used online by the news media; newspapers like the Wall Street Journal use RSS Feeds. Now you can have your very own feed. Think of an RSS Feed as your opportunity to start your own broadcasting empire online for no cost. RSS is a way to "syndicate" your message and business content.Syndication = Huge Traffic = Money... Just ask Oprah.An RSS Feed is a way to broadcast your message directly to your target market. This is a way to stay in front of your clients and prospects and deliver your message. You can do this in the time that it takes to write an email.RSS have been around for a few years but are just starting to make their way into the business & marketing world. Because they are just starting to go mainstream now is the time to catch the wave. RSS is really taking off fast.It's called first mover advantage when you are ahead of the crowd...and now is time to be a first mover in this space. Search engines are now creating separate indexes and directories for RSS Feeds. You can get listed at or near the top of these directories if you act now, and you will get free traffic from these high rankings in these directories.It would be like knowing all about search engines and how Google ranked your site 5 years ago. This will be a huge advantage for many reasons: you can get free traffic, better search engine rankings, and repeat targeted visitors hungry and ready to buy your services and products, etc...This technology is just beginning to explode. RSS usage is exponentially growing every month.Why should you care? This is the hottest new technology since the web browser. It’s going to change the way people get information online forever. This means getting your news, product announcements, or broadcasts delivered 100% of the time to all of your opt-in members and subscribers. Say goodbye to spam filters and email blockers. The window of opportunity to make a huge financial impact is now.

Spam block has its own ethical issues

2005-07-25T03:03:00.000-07:00

A couple of years ago, this column featured the prediction that the junk e-mail problem would be coming under control right about now. So much for clairvoyance.
Instead, between 60 and 70 percent of the world's e-mail is spam. Even a federal anti-spam law and a number of high-profile federal prosecutions haven't put a kink in the hose. With so many junk mail marketers on the loose, locking up a couple here and there makes hardly any difference. Distracted by terrorism, drugs, and organized crime, cops won't hammer the spammers with an all-out nationwide dragnet, the only strategy that might work.
Perhaps technology can save us: more aggressive spam filters, maybe, or new technologies that will identify and block spammers before they can run wild. Many such ideas are making the rounds; why haven't they paid off? In large part, because spam-fighters have spent so much time sparring among themselves.
Just look at the dispute over Sender ID, an e-mail authentication system backed by Microsoft Corp. Most spam contains phony return addresses, making it hard to track the filth back to its lair. Sender ID would add a feature to the e-mail system that would enable it to confirm the true origin of a piece of e-mail, thus making it harder for spammers to hide. It's not a cure-all -- you would still need to block the spam. But that's a lot easier when you've accurately identified the source.
But will Sender ID work? A recent study by a panel of technical experts found that the system has a host of technical problems. That hasn't stopped Microsoft from trying to patent key portions of the technology. This move terrified other firms, who don't want their e-mail put at the mercy of the world's most merciless software company. So some of them have rallied around an alternative authentication system developed by the search company Yahoo Inc.
The Internet Engineering Task Force, which must decide on the best technical solution, is still thinking about it. ''No consensus has yet been reached concerning a single technical approach," the task force said last month, news that no doubt warmed many a spammer's heart.
It's enough to make you feel trapped, desperate, eager to strike back with any tool at hand. So an Israeli entrepreneur's plan to choke spam at its source has a certain spiteful appeal.
''We're looking for people who are willing to stand up for their online rights," said Eran Reshef, founder and chief executive of Blue Security Inc. The company, in Menlo Park Calif., and Herzliya, Israel, has scared up $3 million in venture funding from Benchmark Capital. Now it's rounding up a digital posse to unleash against the companies that torment us.

More tips on the use of Outlook Express

2005-07-25T02:56:00.000-07:00

Use HTML Format: You may have received e-mail, such as newsletters that have images, animation, tables, and other features of a Web page. Have you wondered how to create such a mail? There are two ways. In the first (and perhaps the less versatile) method you compose the message directly in OE. You can use options like Insert Picture, Horizontal Line, Hyperlink, and others to create a Web page-like mail.
In the second method you use an HTML editor or software like Dreamweaver to create a Web page. First, create the page and save it as an HTML file. Second, position the cursor in the OE message composition window where you want the page to appear. Third, select Insert > Text from File, and specify the file. While HTML messages can add a new dimension to your mail, be aware, however, that such messages not only take more time to download from the server, but may also annoy the recipient. Get Hotmail Mail If you have a Hotmail account, you can download it without having to visit that site. Here are the steps: Start OE. Click Tools > Accounts. Click the Mail tab. Click Add > Mail. Type a name in the Display name field. Click Next. Type your Hotmail address in the E-mail address field. Click Next. Select HTTP from the "My incoming mail server is a" menu. Click Next. Type your Hotmail login name and password. Click Next > Finish. Opening Attachments If you receive a mail with an attachment from someone you don't know, you should not open it. Because it may contain virus, it is better that you delete the mail. If you do want to open the attachment, however, first scan it with an up-to-date antivirus software. Even if you know the sender, you should scan the attachment before you open it. Note that certain antivirus software automatically scans all incoming and outgoing mail. Ignore Spam A bane of e-mail communication is spam. If you receive spam mail, don't reply to it. If you do, it will only confirm that your e-mail address is valid. And, spammers may bombard your Inbox with more junk mail. Use filters to reduce spam mail. Many ISPs and free e-mail service providers (such as Yahoo!) offer additional options to tackle unwanted mail. You have another way to deal with spam: Complain to the spammer's ISP. That may not be easy, however, as spam mail are often sent using fake e-mail IDs. In such a case, see if the domain (the part after the @ symbol of the e-mail address) is visible. If yes, send e-mail to the domain's postmaster. Example: If the domain is services.isp.net, complain to postmaster@services.isp.net. Use a Different ID For general use, obtain an e-mail address from free e-mail service providers like Yahoo! The benefits from such an ID include huge storage space, options to tackle spam, and facility to scan attachments. When someone wants to send you an important message, you can ask him/her to send one copy to your main e-mail address (given by your ISP), and a carbon copy (Cc) to the free mail ID. If, for some reason, you're not able to retrieve the mail from one account, you've an alternative way to access the mail.

Filtering spam in Novell Evolution

2005-07-25T02:54:00.000-07:00

Spam Wars: Blue Security Strikes Back

2005-07-25T02:51:00.000-07:00

You sit down at your desk in the evening after work. You've had a difficult day, as usual. You just want to come home and check your eBay bids, post on your LiveJournal and your check your email. It's a ritual you know but it works. It provides some relaxation. So you sit down and turn it on and it takes a minute or two to boot up.Your Emeril LaGasse screen theme pops up with "BAM!" going off as it always does. Everything is done loading so you continue the ritual. You open your Outlook Express and the loading begins. Delightful, you've got 384 email messages. Considering you've only got 20 in your contact list, you might have spam. So you check the weather and post in the LiveJournal. The email done by this point. So you start the cleaning process. You've determined that of the 384 emails you've received, 30 were actually something you were interested in. Scene sound familiar? Ever been through the ringer because of spam and it's taken you quite a while to get rid of it all? Even if you set the spam filters for email, it won't cover all of it. Blue Security understands this and they are encouraging users to not get mad, get even. They want you to take play with the "Blue Frog". The Israeli Internet security firm, Blue Security may have a pleasant end for some of those people getting inundated with spam. They've created a "Do Not Intrude Registry that gives users the ability to complain about the deluge of spam they might receive. The way it works is the amount of spam received dictates the amount of complaints. According to their website, if Blue Security gets sent 40,000 spams promoting the same site, that site gets 40,000 complaints right back at it. Eran Aloni, Blue Security's Marketing Director said on the company blog they are "building the community and sending warnings to spammers." The process sounds pretty keen. Various interested parties sign up for the service and complaints build up in honey pots. Then they're dumped on the sites mentioned in the spam people receive. So if www.humongomaleenhancement.com send you spam for natural-unnatural male enhancement products every day, you can simply allow complaints to build in these honeypots and then eventually, www.humongomaleenchancement.com will get hit by tons of these complaints based on each and every spam they had a male enhancement in. There is another side to this story though. An ongoing debate on Blue Security's forum debates the ethics of this project. Blue Security maintains that for every single spam message someone receives, they should be allowed to complain to the parties responsible for it, namely the companies linked too in the spam. Critics say this whole thing is really an unethical DdoS and makes them no better than the groups they say they're protecting people from. As the need for Internet security continues to grow and spam continues to drive people haywire, it stands to reason many would want to take a more active role in defending their computers because people end up with all kinds of garbage on their computers, malicious or just annoying. The questions raised are important as people look for new methods of security, the ethical question is something that must remain in the backs of people's minds. But I do have to admit, it will be sweet seeing the spammers getting a taste of their own medicine.

The new version of Spam Blocker

2005-06-30T01:23:00.000-07:00

One of the major problems in the Internet is nothing more nor less than unwanted advertising letters, also known as "spam" - wasted incoming megabytes of information. The mail server filters block only a fraction of proposals to "increase" or "relax". The mighty "authorization" protection is, first of all, expensive ( let's not forget the monthly fee ), and second of all, it is not very convenient for the people on your contact list ( they will have to go through a long and humdrum "access" process ). If you want to rid your mail box of "spam", you need a comprehensive anti-ad "shield" that will save the money you spend on traffic by downloading bulky mail, as well as the time you spend on viewing and deleting useless emails. The new version of Spam Blocker 2.1 delivered by the SoftInform company provides maximum efficient protection for user computer ( user mailbox in particular ) from torrents of "spam". This is due to the fact that all correspondence is analyzed before it is downloaded from the mail server. The application checks the mail and retrieves the headings of all letters pending in the user mailbox ( email addresses, sender names, letter subjects, etc. ). The new release of "remote" ad blocker features a substantially tuned up interface. The added nice-to-haves include automatic and manual mail check buttons and a visualized process of receiving mail ( an animated icon in the system tray and a tool tip with the total number of letters and the number of letters blocked by the application ). The main alterations, however, concerned the "technical" facet of the application. Spam Blocker 2.1 is sported as a self-learning application. The new version of the spam-filter automatically registers sender names and servers ( domain addresses ) in the black ( with letters marked as spam ) and white ( correct ) lists.By using various settings of Spam Blocker 2.1 you can fine-adjust the application to suit your needs. Various modes for checking messages ( automatic and manual ), support of an unlimited number of accounts, checking the mail box at set intervals ( e.g., every five minutes ) or at user's will, updating system lists, flexible rule settings and lists editing ability make Spam Blocker 2.1 a convenient and irreplaceable tool for blocking "spam". Sick and tired of endless "spam"? Registering new ( "clean" ) mail boxes over and over again? Every day dozens of letters for you and thousands for your company burning up megabytes of traffic that is by no means free? All it takes is to install Spam Blocker 2.1. And watch annoying and useless e-mail advertising disappear.

A Practical Approach to Eliminate Spam

2005-06-30T01:17:00.000-07:00

Spam isunderstatement of the year. Like any other annoying fact of life, you let it drive you crazy or you deal with it.In the age of cyber communication, "Spam" has become the main way to get the message out to the masses. But if you think about it, I guess "spam" has always been with us. Before the Internet, when it came in our mailbox, we called it "junk mail". On TV, we call it an "infomercial". Over the telephone, it's "telemarketing.The determined marketer will always find an annoying way to try to get his message to the people, whether they want it or not. But to me those other methods always seemed more controllable."Junk mail", a quick look and chuck it in the trash. I guess it was a lesser volume of mail because the advertiser was paying for it? You know, postage and real paper.The TV "infomercial", just turn off the Telly or change the channel. This form of bombardment is costly to the advertiser also.Now "telemarketing" is a whole other animal. It doesn't seem to matter what the cost to the advertiser is, the return is greater. The deterrents, like the national "don't call me" doesn't really work. My solution. Caller ID and don't answer the phone if no name and/or phone number comes up. Oh yea! and an answering machine to catch the strays is helpful.As an Internet marketer, with a web site, I get upwards of 500 emails in my inbox daily. What used to take minutes to sift through them now takes me hours.When I am done and close my email client, a little window pops up and asks me if I am sure I want to delete the 450 emails in the trash? Over 450 of the approximately 500 emails I get daily are trash. That's ludicrous!You might say to yourself, why doesn't he use a spam filtering program to get rid of the spam? Well so far all the spam filter software I have tried seems to throw out the baby with the bath water. I would rather trust my own internal spam filter, called common sense; and the "delete" key to get the job done.None of the filters I have tried, no matter how fine tuned, doesn't throw out the good email with the bad. In fact they are so fine tuned, that in trying to out smart the spammer they include many legitimate words or phrases in their list of no-no's. So you still have to scan it.The spam filters are even contributing to the amount of emails we get. Many legitimate Internet marketers have resorted to sending out a second email in case a spam filter stopped their first email from reaching you.In fact, just mentioning the word "spam" in this article would probably keep it from being read by millions of people.So what can we do about it? If I had a definitive answer to that question, I probably would get the Nobel Prize for Solving an Annoying World Problem. Do they have a Nobel Prize for solving an annoying world problem?Anyway. Here is my humble offering in an attempt to rid the world of this cursed menace!The best way, of course, would be not to buy any product or service offered by a spammer. If they don't make any money as a result of their spamming, they eventually will get the message and stop. However, this solution would have to be undertaken on a global scale to be effective and there must be plenty of people who are reading and acting on the spammer's message to prevent this from happening. Although I can't for the life of me figure out why!Another solution that you and I, as individuals, can do is delete the email and more importantly not buy from the spammer. Like trashing "junk mail", turning off the "informercial" on TV or not answering the phone when it's a "telemarketer". You can take an individual stand.Like the great actor Peter Finch, in his Oscar winning performance in Network (1976), tell the world your "mad as hell and your not going to take it anymore!" out of control! I guess that would be the

Why Microsoft's spam ploy is no solution

2005-06-30T01:01:00.000-07:00

Microsoft's ploy to drum up business for its spam-filtering technology will probably be successful!
That said, from my experience, the number of people depending upon e-mail forwarding must be considerable — from an e-mail volume standpoint, perhaps staggering!
Being an alumnus of two universities, having a primary e-mail address at work, a wireless e-mail address, and an e-mail address required by my broadband provider — all of which forward to the same Exchange inbox, I expect that Microsoft's actions will result in a dramatic drop in the reliability of the existing spam detection technology — especially for the mobile professional who also subscribes to a large number of listservs which might also be impacted.
It took months for my employer's spam filters (which send me a quarantined list of two-dozen every day — for my review) to mature to the point that the number of false positives are down to about three per week! If successful, Microsoft's plan will likely introduce large numbers of false positives to the workplace e-mail environment without significantly improving the spam problem for hundreds of millions of casual users of e-mail.
Spam really represents two distinct problems. One is the "legitimate" mass market operation who used to send you "junk mail" until they discovered that sending e-mail was cheaper than bulk-rate postage. These folks, while a considerable annoyance, do at least have a legitimate reason for contacting you. They want to tell you why their product is better than the next guy's product. The other is the unscrupulous e-mailer who wants to steal your identity, sell you porn, or get you to buy some fake product (be it a pharmaceutical or a sexual aid).
There are laws to protect you from both of these types of unwanted e-mail. The problem is that we don't know who the sender really is — or what jurisdiction governs their activities. One more anti-spam tool which generates false positives will not solve this problem!
The solution can only be an underlying redesign of Internet e-mail, developed under the auspices of a sanctioning body (such as IEEE), which guarantees that sender are who they say they are and that the jurisdictions of senders can be determined with certainty.

Microsoft adopts spam-fighting system

2005-06-28T00:49:00.000-07:00

Microsoft Corp is stepping up the pressure on email senders to adopt its Sender ID spam-fighting technology despite problems that could send up to 10% of legitimate messages to junk folders.
By the end of the year, Microsoft's Hotmail and MSN services will get more aggressive at rejecting mail sent through companies or service providers that do not register their domain names with the Sender ID system.
Sender ID seeks to cut down on junk email by making it difficult for spammers to forge email headers and addresses, a common technique for hiding their origins.
The system calls for internet service providers, companies and other domain name holders to submit lists of their mail servers' unique numeric addresses. On the receiving end, software polls a database to verify that a message was actually processed by one of those servers.
Although only a quarter of email messages now carry the proper Sender ID information, Microsoft believes it needs to begin requiring Sender ID to do a better job of cutting down on junk email, said Craig Spiezle, director of Microsoft's technology care and safety team.
"We have a solution that works for about 90% of mail today," Spiezle said. He said Microsoft will continue to fine-tune its spam filters to account for the remaining cases.
Although the standard-setting Internet Engineering Task Force dissolved a working group on Sender ID in September, partly because of a dispute over Microsoft's claims to a patent, Microsoft and other companies were encouraged to continue pushing their technologies in the marketplace.
For the past six months, Microsoft's Hotmail and MSN services have been checking Sender ID records as one test in determining whether a message is junk.
Microsoft began posting a warning for users on top of messages whose numeric addresses don't match those in Sender ID records, meaning the email likely came through an unauthorised mail server and could be junk.
By the end of the year, Microsoft will treat as failures cases where Sender ID records don't exist at all, increasing the likelihood those messages would be considered junk.
The Direct Marketing Association, the trade group for email and other marketers, lauded the move as "a necessary step to protect both corporate brands and consumer confidence," said Jerry Cerasale, senior vice-president for government relations.
Use of such systems, the association said, could help protect legitimate marketers from unauthorised use of their brands online.
Indeed, Spiezle said Sender ID has helped reduce the number of legitimate messages mislabelled spam. Email that passes the Sender ID test is given a slight positive boost in the filtering test, and for borderline cases it is enough to push the message to the non-junk inbox, Spiezle said.
But Spiezle acknowledged lingering concerns, including the disruption of mail-forwarding services that colleges and companies offer to alumni and subscribers.
Sender ID also could break "send to a friend" features in which someone clicks on a web link to pass an interesting item to someone else.
Spiezle said Microsoft is monitoring such cases

Understand how various spam software works

2005-06-28T00:38:00.000-07:00

There are four major types of spam fighting technology. We discuss those types here

When considering how to protect your mail system from spam, you'll find that there are too many choices in the marketplace to be able to evaluate them all. Since each solution handles spam differently, it's important to understand the various methods by which spam filters work. There are four major types of spam technology available. I'll discuss each here.
BayesianBayesian filters use complex statistical algorithms using existing information to determine the probability that a message can be trusted. The term 'existing information' is important as it means that this type of solution requires an initial period during which it may be less than effective at capturing spam. However, many people report that, once filters are trained, they do an excellent job of canning spam with a minimal number of false positives. Further, since by its nature, a Bayesian filters learns from its mistakes, it generally requires less ongoing maintenance than other types of filters, and the filter is good at adjusting its parameters to meet the needs of the individual user. On the con side, spammers have found ways to defeat some of the measures used by these filters. If you've ever received a spam email with a large number of nonsensical words, you've seen this in action. By inserting enough valid words into a message, a spammer can fool a Bayesian filter into thinking a message is legit.
Whitelist and blacklistIf an address or domain exists on a whitelist, the message is allowed through; in fact, only messages from addresses on the whitelist are allowed through. If, on the other hand, an address or domain is on a blacklist, it's blocked while all other messages are allowed. There are a number of blacklist services-called RBLs, for RealtimeBlackhole Lists, that compile lists of known spammer addresses. However, RBLs can be problematic in that if they're not maintained, or they're maintained by an overzealous administrator, legit senders might be blocked. The pro side of white and black lists is their simplistic nature. For this kind of spam filter, there is only the dark side and the light side. There is no in between. On the con side, they require a huge amount of maintenance, especially for whitelists, which require an entry every time you want to add a new allowed sender.
Content-basedVery simply put, these kinds of spam filters look for certain words, such as 'Viagra' and kill a message if those words are present. These filters require significant administration in that each time you want to block a new word, you need to create a rule. Further, spammers have found it child's play to get around these kinds of filters. They use a variety of ways to do this. One way is to make the word still readable, but different. For example: 'V.i.a.g.r.a'. You can certainly create a rule that blocks that version too, but spammers have become even sneakier. In some cases, you might look at the word 'V.i.a.g.r.a' and wonder why your filter didn't catch it. If you copy and paste the word into Word and change the font size to something larger, you'll notice that the spammers don't use periods between the letters at all. Instead, they use a variety of characters with a font size of 1 so that they look like a period, but can get past filters.
Challenge/responseIn a desperate move to thwart spammers, some new spam systems require senders to basically prove that they are allowed to send mail to someone. Before a person using this system receives a message, the sender must visit a web site and answer some questions. The pro is that this system virtually eliminates spam. The con is that it's a pain in the neck for legitimate senders.

Spam can be managed

2005-06-28T00:29:00.000-07:00

In the decade or so since Web access became a consumer commodity, we've fixed many things about the Internet, from the pokey speed limit of dial-up modems to browsers that crash three times an hour. But spam is a bigger nuisance than ever. It starts taking its toll long before it lands in your inbox. First, spammers employ spyware and viruses to hijack home and office computers for use as unwitting relays for junk e-mail. Then your Internet provider must spend time and money running filters, lest its computers be swamped. The junk e-mail that inevitably leaks through wastes your time and bandwidth as you wait for each message to download. Almost all of it insults your intelligence and good sense; spam assumes we're drug-addicted, money-grubbing, porn-addled fools ready to click on any stupid offer.
And the single worst thing about spam? Enough recipients do click on those stupid offers to keep spammers in business. Nobody has found a technological fix for spam. The Internet's design puts a priority on the free flow of data. Internet providers, too many of which still whore themselves out to spammers, and spammers' own cockroach-like tenacity all but ensure there won't be. Because the Internet spans the world, laws aren't likely to solve this problem either, although I am always delighted to see spammers being litigated into poverty, fined into bankruptcy or imprisoned until senility sets in. Spam can, however, be managed. You can make your e-mail address a smaller target for spammers, and you can shunt aside a healthy chunk of the spam that does find you. If you can keep your address off spammers' lists, you will get little or no junk e-mail. So never post your e-mail address on any public spot on the Web, and be choosy about giving it to strangers or companies. Throwaway account Instead, create a second, throwaway account at any of the free Web-mail services, such as Yahoo Mail, Hotmail or Gmail, and use that for online commerce. Most Web sites won't share your address with the world — but a few might, so why chance it? This method will not, however, defeat a dictionary attack, in which spammers send messages to randomly chosen names at popular Internet providers. Having an address with an unusual spelling or at a lesser-known provider can reduce vulnerability. When spam arrives, never respond to it. And make sure your mail software isn't doing that for you: If it displays a picture in a spam message, it often does so by downloading the image from the spammer's Web site, which tells the sender you just read the spam. Current releases of the major mail programs — Microsoft's Outlook Express and Outlook, Apple's Mail, Qualcomm's Eudora and Mozilla's Thunderbird —won't display pictures in mail from strangers. But older versions will, so upgrade now. You'd think that writing a program to delete spam would be easy, since even an Internet beginner can tell spam from real mail. But that hasn't happened —yet another way in which the computer can't match the human brain. Your Internet provider's spam filtering will usually sweep the worst offenders out of sight, but some adopt an excessively strict policy that wrongly tags innocent e-mails as spam. Last winter, for example, Verizon's filtering suddenly began flushing away many legitimate e-mails sent from parts of Europe and Asia. Filtering spam If you use your own mail program instead of a Web interface such as Hotmail or Yahoo, you can run your own spam filters. The best learn from your use, watching what mail you label as spam and adjusting their screening to match. Mozilla Thunderbird (www.mozilla.org) and Apple's Mail, both free, include this type of filter, as does the $50 edition of Qualcomm's Eudora (www.eudora.com). Microsoft's Outlook 2003, by contrast, has a non-learning spam filter, while its free Outlook Express includes no spam block. You can add a learning filter to either program with various add-ons; some, such as POPFile (popfile.sourceforge.net) and SpamPal (www.spampal.org), are free but may require tricky configuration; others, such as SpamBully (www.spambully.com) cost money. A more stringent defense, “challenge-response” filtering, requires would-be correspondents to pass a simple test online that a bulk mailer can't or won't bother to complete--usually, visiting a Web page and typing in letters shown in an image. Some Internet providers--notably, EarthLink--and such add-on software as ChoiceMail (www.digiportal.com) and SpamArrest (www.spamarrest.com) offer it. But although these systems wave through mail from people in your address book, other legitimate senders must perform extra work. Challenge-response has not been widely adopted. All of these techniques can only treat spam. A cure will have to be economic: When no money can be made from spam, nobody will send it. Filters, lawsuits and fines can raise the costs of sending junk e-mail, but there's still money to be made by defrauding the gullible.

More tips on the use of Outlook Express

2005-06-28T00:26:00.000-07:00

Use HTML Format:
You may have received e-mail, such as newsletters that have images, animation, tables, and other features of a Web page. Have you wondered how to create such a mail? There are two ways. In the first (and perhaps the less versatile) method you compose the message directly in OE. You can use options like Insert Picture, Horizontal Line, Hyperlink, and others to create a Web page-like mail.
In the second method you use an HTML editor or software like Dreamweaver to create a Web page. First, create the page and save it as an HTML file. Second, position the cursor in the OE message composition window where you want the page to appear. Third, select Insert > Text from File, and specify the file. While HTML messages can add a new dimension to your mail, be aware, however, that such messages not only take more time to download from the server, but may also annoy the recipient. Get Hotmail Mail If you have a Hotmail account, you can download it without having to visit that site. Here are the steps: Start OE. Click Tools > Accounts. Click the Mail tab. Click Add > Mail. Type a name in the Display name field. Click Next. Type your Hotmail address in the E-mail address field. Click Next. Select HTTP from the "My incoming mail server is a" menu. Click Next. Type your Hotmail login name and password. Click Next > Finish. Opening Attachments If you receive a mail with an attachment from someone you don't know, you should not open it. Because it may contain virus, it is better that you delete the mail. If you do want to open the attachment, however, first scan it with an up-to-date antivirus software. Even if you know the sender, you should scan the attachment before you open it. Note that certain antivirus software automatically scans all incoming and outgoing mail. Ignore Spam A bane of e-mail communication is spam. If you receive spam mail, don't reply to it. If you do, it will only confirm that your e-mail address is valid. And, spammers may bombard your Inbox with more junk mail. Use filters to reduce spam mail. Many ISPs and free e-mail service providers (such as Yahoo!) offer additional options to tackle unwanted mail. You have another way to deal with spam: Complain to the spammer's ISP. That may not be easy, however, as spam mail are often sent using fake e-mail IDs. In such a case, see if the domain (the part after the @ symbol of the e-mail address) is visible. If yes, send e-mail to the domain's postmaster. Example: If the domain is services.isp.net, complain to postmaster@services.isp.net.
Use a Different ID For general use, obtain an e-mail address from free e-mail service providers like Yahoo! The benefits from such an ID include huge storage space, options to tackle spam, and facility to scan attachments. When someone wants to send you an important message, you can ask him/her to send one copy to your main e-mail address (given by your ISP), and a carbon copy (Cc) to the free mail ID. If, for some reason, you're not able to retrieve the mail from one account, you've an alternative way to access the mail.

A Better Outlook on Email

2005-06-28T00:24:00.000-07:00

A Better Outlook on EmailInstalling a new email client is often the last thing on anyone’s mind. But Mozilla’s Thunderbird, which promises tougher spam filters and clever customization, is a strong contender to Microsoft’s Outlook or Outlook Express. A built-in RSS reader lists updates on desired Web pages (news sites, blogs), while the message grouping function bundles emails by date or sender. As for viruses, Thunderbird doesn’t let attachments automatically open within the program, a problem found in other email clients. The only caveat concerns importing: Some users find it difficult and time-consuming to move their contacts and archived emails from their old program over to Thunderbird.Downloads in one month after its December 2004 launch: More than 4 million.

Promote Your Products Without Annoying Spam Filters

2005-06-24T00:19:00.000-07:00

How many times have you realized that your email simply doesn't arrive to your list or you suspect something is going wrong because you don't get the response you are waiting for?, this is more common today than yesterday and will be critical tomorrow.
It's frustrating for us that our Content is not deliver to the end-user, this is true for you and all the people dependable on email technology, the results plainly don't come, whatever they can be.
Have you seen those funny email arriving to your email container with odd characters that some times seem like the sender is telling you rude words? Don't take it literally, is an effort from the advertisers to deliver their best proposition trying to bypass the filters... some of them will arrive, some of them are taken out from you and put inside the waste container of your ISP.
Is there some hope for the small entrepreneur in this jungle of spam filters, viruses, and junk information?
Deliver Quality Content To End-user And Promote Your Products Without Annoying Spam Filters: RSS Gives you the Chance To Deliver messages To End-user
It's A Fact: At present this is the best way to beat spam filters, RSS is the fresh road to walk, getting rid of the problems that nowadays attack the email option, this allows you to send your messages to the users with 100% sureness they will arrive, we don't know if RSS is the email killer, its too early to state and coin this phrase, anyway some gurus say its here to bury email, some others think is only an alternative way to keep in contact with the end-user ... the only true is: You can deliver your messages spam free.
But its not costless, you need to work, and work constantly and with quality, if any of these variables fail, all your efforts go to the drainage piping. Why? If the end-user are no more interested in your content he/she can kiss you good bye easily with a finger, the small one on the delete key.
RSS is The Secret Weapon To Deliver Quality Content
RSS gives the power to the end-user, this means marketers must be concerned with the content they deliver, for most of the sellers this is a hard alternative, but at the end the online world will see a lot of websites full of worthy content, the users will come again and again, and if this happen to you, your days will be longer and profitable.
Deliver quality content is the advertisers and webmasters payment, this is not negative, Search Engines go in the same direction, if you want a good SE position it most be due to your content, content tends to be the only parameter in the near future. Make your homework and you'll see positive results in short time. If this not convince you, remember, email is living the hard way and if things go in the same direction it will go out of sight, at least like a marketing alternative.

Outsourced Security Called Battle Tested

2005-06-23T08:35:00.000-07:00

Outsourcing corporate security is no longer risky business and large organizations should hand off network monitoring and security services as soon as possible. That was the main conclusion Gartner analysts presented to about 2,000 IT executives at the firm's IT Security Summit last week. Gartner predicts the future of security is in the cloud and expects to see more services such as MCI's WAN Defense ,announced two weeks ago. "Why should I filter out this garbage at my end? Outsource as much of the day-to-day busywork as you can, as soon as you can," said Gartner analyst John Pescatore in his presentation titled "The Near Future of Network Security." Pescatore acknowledged this is a radical change from what Gartner would have advocated in years past, when it viewed security outsourcing - which requires a company to entrust an outsider with critical support - as controversial.

"It's just not controversial anymore," Pescatore said. He said the level of expertise exhibited by the first-generation of managed security service providers (MSSPs) along with the rise of carrier- class high-speed security gear from vendors such as iPolicy Networks indicate that security outsourcing can evolve into a trusted service. Customers need not purchase their own customer premises equipment (CPE), Pescatore says, particularly for perimeter defense. Managed security services will evolve into "in-the-cloud services" in which network traffic is cleaned of spam, viruses, attack traffic and other problems before it reaches the enterprise, and perimeter firewalls and IDS reside with the carrier, said Kelly Kavanaugh, whose presentation was titled "security in the Cloud: Take My security Hardware, Please." Traditional pure-play MSSPs such as Symantec, Internet security Systems and Counterpane Internet security, as well as the larger IT outsourcers such as EDS and IBM, are most often associated with remote monitoring customer IDS, firewalls and other gear. But he predicted,"It becomes a utility that's shared. For enterprises, it's a way to let go of having customer premises equipment." He said a number of in-thecloud anti-spam and anti-virus filtering services already exist, including those from MessageLabs and Symantec's Brightmail outfit. While MSSPs also might offer their own version of in- thecloud security, Kavanaugh explained that "the carriers have the best opportunity to deliver in the cloud" because they provide the essential connection closest to the customer's network.

Electric Mail Announces Launch of PerimeterProtect Service; New Service Provides Enhanced Email SPAM and Virus Control Service for Businesses

2005-06-23T08:12:00.000-07:00

Electric Mail, a provider of managed secure email services to businesses, today announced the immediate availability of an enhanced version of PerimeterProtect(TM), its comprehensive solution that delivers up-front email messaging protection and continuity through SPAM and content filtering, as well as virus blocking. PerimeterProtect offers improved message quarantining, enhanced reporting, policy and service control, as well as tighter integration with Microsoft Exchange Server 2003 and Exchange Server 2000 -- creating a fast, powerful and cost-effective solution that significantly reduces enterprise email headaches. "PerimeterProtect has been an ideal solution for us, allowing us to virtually eliminate SPAM and safeguard our network and email servers," noted Christopher Black, Director of Technical Infrastructure at T&F Informa plc, an international provider of specialist information for the academic, professional and business communities. "Most importantly, we can completely control our use of the service but don't have to worry about maintaining or updating filters and mail rules. We have seen immediate benefit on our perimeter network through the sheer reduction in unwanted network traffic caused by SPAM/virus emails. In addition, it is very cost-effective, easy to use and configure. Email is a critical business application for T&F Informa, as it is for most companies. Frankly, I don't know of a business that doesn't need a product like PerimeterProtect." "Enterprise customers, like T&F Informa, have fully embraced the advantages of outsourced email security services and are demanding tighter integration with their in-house mail servers," said Adam Hyde, Director of Product Strategy for Electric Mail. "PerimeterProtect provides robust and scalable SPAM and virus protection for corporate email systems, combined with an intuitive tool through which administrators and users can monitor and manage their email security protocols."About PerimeterProtectPerimeterProtect safeguards companies from unwanted, often obscene and productivity-robbing messages, while protecting customer email servers against denial-of-service and directory-harvest attacks. PerimeterProtect combines six filtering layers designed to identify 99% of SPAM with less than 0.01% false positives. The content filtering capabilities enable administrators to configure flexible profiles and policies via a Web-based console. This service helps minimize a company's exposure to inappropriate email content and can reduce server load caused by large email attachments. PerimeterProtect's enhanced Quarantine Central (TM)offers users easy access to quarantined messages -- ensuring that no legitimate email is ever lost. Moreover, it gives users and administrators the ability to directly control "allow/deny" lists and view filtering reports. An "auto-allow" function is also available, automatically adding an email address to the "allow list" when it is sent two or more messages by the user. Quarantine Summaries consolidate all SPAM and virus headers into a list for easy review. The list is delivered to each user's email account on a predetermined schedule, with message retrieval available via a link to the Quarantine Central Web interface. Users can customize report frequency, delivery time and filter the summary results based upon a configurable "SPAM score" range. Administrators can turn summaries on or off, control which users get summary reports and manage the report delivery "From" address. Microsoft Exchange customers can synchronize PerimeterProtect with their Exchange 2003 and Exchange 2000 servers via a Windows-based LDAP synchronization tool. This ensures invalid accounts are blocked at the network perimeter and Exchange aliases, groups and directory information are automatically available to the web quarantine.Availability & PricingPerimeterProtect is available now. For more information on pricing and features, please visit www.electricmail.com or call 800-419-7463.About Electric Mail

Simple step keeps hard drive from filling up with spam

2005-06-23T06:57:00.000-07:00

Question: Every day I delete spam. Today it was 66, a record. Yesterday Outlook Express wanted to compress the files. Is this stuff filling up my hard drive? How can I get rid of it and stop the incoming without changing my Internet service provider? _ Bob Stump @camtel.net
Answer: I wish I could just tap out a paragraph or two and tell the world how to eliminate spam, Mr. S., but that's a question that people far more adept than Mr. Computer Answer Person have failed to solve for years now.
As you note, though, in addition to becoming an obnoxious time sink, spam also clutters up hard-drive real estate even if one has anti-spam shields in place and set all the way up to Kill all Klingons.
The junk, as you note, gets saved into the default Deleted Items folder, or in a special folder designated for spam that folks set up using various rules to identify and quarantine unwanted messages.
These folders are needed because there are times when even the best spam filters can attack messages that one really needs.
However, it is possible to remove these deleted messages permanently by the simple process of going to the Deleted Items folder and either delete one by one or tap Control + A to select all messages at once and then Control + X to kill them for good.
It's not a bad idea to do this every time the software pops up with an offer to compress the entire contents of the e-mail in an archive file.
___
Q: We have just upgraded our home computers to Windows XP and Office 2003. When we insert pictures into a Word document, the Format Picture option does not seem to work. The pictures are inserted, but they are either at the left or right margins.
When we change to absolute positioning and click OK, the changes are ignored. Interestingly, I was able to do the Microsoft online tutorial on graphics in Word, but I could not get the position to work on a new document.
Any ideas on a missing setting? Are you aware of any problems in this area? We have installed all the required updates to Office 2003 as of May 15. _ Elaine Olson @comcast.net
A: There are a couple of points to review here, Ms. O., but otherwise your settings can be fixed simply by forcing Word to rebuild the default settings file it uses each time it is booted up.
Do that anyway so we're both on the same page as I suggest a fix. So right-click on Start and then click the magnifying glass icon for Search. Now type normal.dot in the search terms box and click OK. When this file appears in the panel on the right of the search display, give it a right-click and select rename from the pop-up menu that appears. Change it to something like xnormal.dot so you can restore it in case you have changed other settings that you still need.
Now to ensure that you're doing it all correctly, open your document and select the Print Layout setting in the View item on the toolbar. This assures that your document will appear on the screen just like it will look when printed.
Now put the cursor near where you want to insert the picture and then click on the Insert menu and then select Picture and From File. Use the browser box this summons to find the picture file you need to center in the document.
Click Insert in the file browser and the image will appear at the cursor location with text above and below it. Now right-click on the image and select the Format Picture option that appears in the list of choices. This brings up a tabbed menu where you need to select Layout.
This brings up a display with icons showing various ways the picture can be placed on the page, including centered or on the left or right margins.
Be sure to select the icon for square rather than the default that puts it on the left-hand side of the page. Now check the alignment buttons below these icons and make certain that yours is set to Other instead of left, right or center. Now click Advanced and select "Move with text."
With this done you can click on the inserted image and drag it wherever you want, and the text will flow around it or alongside it. Now save the document and then close it. It will come up where you want it when the file gets opened again.

Spam, spam everywhere -- How can we control it?

2005-06-17T03:29:00.000-07:00

Spammers get e-mail addresses from a variety of sources, Laplante says. "Robot" harvesters traverse the Web and collect e-mail addresses posted on Web sites. Spammers share email lists with each other and obtain legitimate lists under false pretenses. They can randomly generate e-mail addresses too -- all they need to know is the domain name (e.g. "anywhere.com") and they can create random combinations of user IDs until they hit real users. "Anytime you give your e-mail address in exchange for free information posted to the Web it becomes fair game for the spammers," says Laplante. "Finally, even when you give your e-mail address to a legitimate correspondent or business partner, it might inadvertently end up in the hands of a spammer." Even though spammers know that most recipients delete the e-mail without reading it, and that spam filters and bad addresses keep many of their e-mails from reaching their intended targets, spamming can still be very profitable. Sending spam isn't free -- there are costs involved in obtaining the addresses, preparing the lists, sending the e-mails, supporting the spam site, etc. -- but the cost of doing so is quite low, probably around 1/100 of a cent per e-mail sent. If only one e-mail in 100,000 yields a successful business transaction, depending on the product, the profit can be significant. So, how do you stop getting so much spam? Well, there is no way to prevent spam completely, says Laplante. This is an "arms race" and the spammers develop counter-measures for every new technique developed to stop them. But you can reduce spam by taking a number of precautions. First, use and aggressively maintain whatever spam-blocking feature your mail client provides. Microsoft Outlook has a pretty good spam filter if you maintain the rules database faithfully. There are commercial spam-blocking products, too, and some freebies, but this is not the place for an analysis of these. Also, stop giving away your e-mail address so freely. If you don't have to give your e-mail address in exchange for "product updates," don't do it. Be careful how you post your e-mail address to your Web site. If it is posted in text format, a harvester will eventually grab it. You can embed your e-mail address in an image -- this makes it nearly impossible for a harvester to find it. Finally don't ever buy a product introduced to you via spam. If the economics didn't work out for the spammer, they would stop doing it. Unfortunately, there are always suckers out there who can't resist a "bargain."

Hotmail with Outlook Express

2005-06-17T03:21:00.000-07:00

A recently added feature of Outlook Express (it's included in version 6, which comes with Windows XP) is the ability to read your Hotmail messages. This gives you an easier to use and nicer way to compose and read messages, compared to accessing Hotmail through a browser. If you are familiar with the features of Outlook Express for reading regular POP3 email, you will really appreciate having the same format and tools for using Hotmail.Sponsored LinksMicrosoft Outlook Add-InsMust have add-ins for Outlook 2000, 2002 and 2003. Need help with Email or Outlook Express?Post your question in the Forum!To set up a Hotmail account with Outlook Express, first open it from the Start Menu. If this is the first time you are opening OE, you will automatically find yourself in the new account wizard. If you have already been using OE, and you want to add a Hotmail account, click the Tools menu, then click "Accounts..." Click the Add button, then choose "Mail..." Enter a display name for you to use to reference the account, then click Next. Then enter in your Hotmail email address and click Next. Make sure that your email server is HTTP, and your provider is Hotmail, and click Next. Verify your email address, and enter your password (optional). if you leave the password field blank, you will be prompted for it each time you open Hotmail in OE. Click Next, then Finish to complete the setup. You may be prompted to download the folders from Hotmail; choose Yes to be able to read your Hotmail email now.OE will not really download your messages - instead it synchronizes them with the Hotmail web server. This can actually be convenient if you switch back and forth between using OE and using Hotmail from a browser. If you receive many messages, or have a really slow network connection, you may want to change your synchronization settings. Right-click the Inbox (or any folder), and hold the mouse cursor over "Synchronization Settings," then click "Headers Only." This means that only the title of the messages will be downloaded into OE, and the message itself won't be downloaded until you open it. This is also handy for SPAM, which you can delete without opening it.

Spam Fighting: To Bounce or Not to Bounce?

2005-06-17T03:17:00.000-07:00

What is the largest headache caused by spam? Many sites find that once you get decent filtering in place and start identifying spam, a new problem that crops up is just a disconcerting: Deciding what to do with it.
Software such as amavisd-new, a front-end for SpamAssassin and virus filters, leaves the ultimate decision up to the administrator. That is, what do we do with e-mail that has been identified as spam? The options are: use before-queue filtering to not accept it in the first place, send a delivery status notification (DSN) notifying the party that their e-mail was not delivered, or just silently discard the email. All of these options have consequences, and some are more hair-raising than others.
Option 1: DSNs, aka Bouncing In this first scenario, a mail server will accept most email, and then subject it to spam and virus filtering before delivering it to a user's mailbox. If the e-mail is determined to be spam, it isn't delivered to the user, and a DSN is sent to the address in the From: header, notifying the sender that delivery was not successful.
This is problematic for many reasons. Most critical, is the fact that the From: header in spam is rarely correct. In fact, it is possibly claiming to be from someone you know, since spammers have been known to harvest e-mail addresses from people's address books. Sending a DSN to someone who didn't send e-mail in the first place causes confusion, and results in support calls from the confused user who thinks their e-mail account has been compromised.
When servers start falling over due to extensive resource consumption, many people turn to silently dropping spam.Even more detrimental to productivity, sending DSNs to addresses or domains that don't exist will cause the bounces to pile up on the mail server, since they can't be handed off to another server. Thousands of e-mail messages sitting in the mail queue will jeopardize system resources and can effectively clog mail services for legitimate mail. Most organizations find this to be the most difficult aspect of dealing with spam.
Option 2: Silently Discarding Once a message has been accepted and eventually identified as spam, another option is to simply discard the message. This completely solves the problem of a mail server crumbling from having too much mail in the queue, but is perhaps just as problematic. If e-mail is falsely identified as spam, and the sender isn't notified that delivery failed, the sender will just assume everything was delivered as usual.
Clearly this is less than optimal, but when servers start falling over due to extensive resource consumption, many people turn to silently dropping spam. Oftentimes, silently discarding e-mail is an intermediate step between DSNs and before-queue filtering. David Ernst of HoosierNet said it was a question of keeping the mail flowing at all. "Well," he noted, "something had to be done. We can grind the service to a halt if we try to process all of those return-to-senders. So, it made the difference between working and not working."
Many people in this position opt to use a hybrid system of still sending DSNs, but cleaning the queue periodically to discard ones that cannot be sent.
Option 3: Don't Accept it at All Ideally we want to identify spam while the sending server is still connected, and tell them that delivery isn't going to happen. This means that the sending server has to deal with it, and in the case of a spammer, it simply means that sending failed. "Just don't accept it" is quite easy to say, but sometimes tricky to implement.
Also on Spam at ENP
Tuneups and Tweaks for the Better Spam-Trap
Realtime Black-hole Lists: Heroic Spam Fighters or Crazed Vigilantes?
Who Goes There? An End to the Spam War?
Study: End Users Need More Anti-Spam Education
Sign Your Users Up in the War on Spam and Viruses
Some mail servers, such as postfix and sendmail, have the ability to hand messages to another program before sending them to the queue for final delivery. This provides the ability for the second program to scan mail for viruses and spam, and report the status to the mail server. If the message is identified as spam, the server, which has not yet reported to the sending server "delivery accepted," now has the option of reporting an error. There is no need to send a DSN, since we never accepted the suspicious message in the first place.
Best PracticesImplementing spam and virus checking isn't very difficult. Depending on the mail server, implementing spam filtering such that it is able to reject spam before the SMTP session is over can be difficult. Two widely used mail servers, postfix and sendmail, both have the ability to utilize amavisd-new. Amavisd-new is a favorite, since it provides a nice and simple way to implement spam and virus checking, so we feel it deserves special mention.
Sendmail has the milter interface, which allows anyone to program add-ons to sendmail. The amavis-milter will hand off mail to amavisd-new, which in turn runs SpamAssassin and virus checking. Amavisd-new will also check attachments, and can extract data from zip files and many other types of archives to check for viruses and spam. Configuring this in postfix is even simpler, since it only requires one change in the configuration file, plus the addition of another smtpd process.
Email is increasingly frustrating to manage. We sometimes want to receive messages from people we don't know, so e-mail is designed to reflect that. People have implemented systems where a sender has to verify himself the first time they send email, but that type of system doesn't always work. For instance, users always want to receive automated messages when they purchase things online, and those messages are normally sent from an address that people don't monitor, making "sender verification" impossible.
One thing that's clear is that sending DSN messages for spam is very bad practice. Users are confused when they receive a DSN for mail they didn't send, and dropping spam silently will lead to lost email. The best option is to complete all virus and spam checking before accepting the mail for delivery, then report "success" to the sending server. Aside from the fact that this option tends to make the most sense, in most cases it also conserves system resources

Gmail thinks Match email is spam

2005-06-17T03:15:00.000-07:00

Match sent out a periodic email urging members to check out new features that have been covered here previously. In the irony department, I see that the email tells reader to add @connect.match.com to their Safe Senders email address list. Then I look over at the ads Gmail has selected as contextually relevant and I see ads for Spam filters. Sometimes my Match email, and email from other dating services, ends up in the spam box, and others it goes through fine. I hate managing whitelists and rely on Google's fairly robust spam filters but the results seem to be spotty.
I wish all dating services would offer their member updates and weekly emails as RSS feeds, much easier to manage, won't get stuck in spam filters and since newsreaders can now display html fairly reliably publishers don't loose the richness of html email

Tech Stocks in Motion

2005-06-17T03:13:00.000-07:00

Shares of Japanese Internet company Internet Initiative Japan (IIJI:Nasdaq - commentary - research) rose 18.8% after the company said it would provide Toshiba with antispam software in two parts: IIJ Edge Filter and IIJ Spam Mail Filter. The Edge Filter identifies and restricts mass spam that is sent to a single server. The Spam Filter determines a spam rating for all incoming mail and filters them on that basis. Toshiba saw a 30% drop in mail traffic after the implementation of the Edge Filter, and the performance is expected to increase after the Spam Filter is brought online. The stock finished up $2.20 to $13.90.
Shares of satellite and wireless communications provider ViaSat (VSAT:Nasdaq - commentary - research) traded up 3.6% after the company won a $60 million delivery order for multifunctional information distribution system terminals from the Space and Naval Warfare Systems Command in San Diego. The system provides secure, high-capacity, jam-resistant digital data and voice communications capability for the U.S. armed forces. Delivery for the Lot 6 units is expected to begin in April of next year and continue through the fourth quarter of ViaSat's fiscal year 2007. The stock closed up 77 cents to $22.04.

if (!disablePopup()) {
if (document.cookie.indexOf("ad_cookie") == -1) {
document.write('');
} else {
var cookieKval = readCookie('ad_cookie');
document.write('');
}
} else {
document.write('');
}

Intel (INTC:Nasdaq - commentary - research) set up a $200 million venture capital fund that will invest in Chinese technology companies developing hardware and software services. The Intel Capital China Technology Fund will invest in companies that complement Intel's technology initiatives and will help further build the Internet infrastructure in China. "We will invest in Chinese companies to accelerate technology adoption locally and to foster development of innovative technologies with potential for global distribution," said CEO Paul Otellini. The stock finished up 2 cents to $27.
Shares of electronic power converter company American Superconductor (AMSC:Nasdaq - commentary - research) traded up 23.6% after it was upgraded by Needham Equity Research to buy from hold. The firm cited valuation and long-term prospects, saying the recent selloff is unwarranted. Though the firm doesn't see the company reaching profitability until fiscal 2007, it has placed an $11 price target on the stock. American Superconductor closed up $1.82 to $9.45.

E-mail security appliances are good news for users

2005-06-17T02:41:00.000-07:00

The announcement by value-added distributor AmVia that it has released a range of high performance e-mail security appliances to the local market is music to the ears of those seeking a maintenance-free answer to securing enterprise mail servers.
The IronPort C-Series of Mail Transfer Agent (MTA) gateway appliances provide advanced threat protection against virus attacks, spam, false-positives, denial of service (DoS) attacks, misdirected bounces and phishing (fraud), and enable corporate e-mail policy enforcement, all from a single, centralised box.
Comments Kevin Hurwitz, MD of AmVia: "IronPort boxes are geared to provide the CIO with a single solution for a multi-faceted problem. The C-Series offers solutions for small through large businesses, serving as a gateway to send and receive e-mail, while filtering incoming messages for spam and viruses, and outgoing mail for adherence to corporate and regulatory policies. You simply plug it in, set it up and then it is pretty much maintenance- and administration-free thereafter."
IronPort uses Symantec Brightmail Anti-Spam to detect spam, while Sophos Anti-Virus with its unique DoS prevention, powers its virus protection functionality. Updates are pushed to the box automatically, to ensure up to date protection.
The C-Series appliances are built on IronPort Systems' high performance MTA platform, to address the requirements of modern e-mail gateways and to position customers for the future of SMTP. This platform ensures the user's e-mail infrastructure can withstand even the largest virus outbreaks or spam attacks. At the same time, it is cost-effective, compact and saves users countless hours of IT administration time.
In a typical installation, IronPort would be integrated between the firewall and the Groupware layers. From this location, it is easily administered, even in a complex network, thanks to IronPort's E-mail Security Manager, which provides administrators with total control, at their fingertips, to manage all e-mail security, including preventative and reactive anti-spam and anti-virus filters, e-mail encryption and content filtering.
The IronPort C-Series is available in three incarnations, the C10, C30 and C60, for companies up to 500 employees, small and medium enterprises and large enterprises and ISPs, respectively.
Hurwitz concludes: "IronPort e-mail security appliances are exciting new offerings in the e-mail hygiene space and have taken the world by storm. In a recent report evaluating e-mail security vendors, the Meta Group awarded IronPort the leading position. Of all the vendors featured, only IronPort received a perfect score for spam blocking, virus blocking and MTA/anomaly detection. All told, we fully expect the products to fare very well indeed in the local market.

Informz joins bonded e-mail sender program

2005-06-17T02:26:00.000-07:00

The Saratoga Springs online-marketing company is putting up a cash bond that would be debited if Informz or one of its clients is the subject of a spam complaint.
Under the system, which is operated by New York City-based Return Path Inc., Informz ensures that its messages and those of its clients will get delivered to the 35,000 Internet service providers, corporations and universities taking part in the program.
Members of the Return Path Bonded Sender Program, as the voluntary system is known, receive a bonded sender "seal of approval" for having a good e-mailing record. Systems administrators in turn agree not to block the material using spam filters.
"Bonded sender certification is yet another tool that we can use to improve e-mail deliverability for our clients," said Joe Tyler, Informz CEO. "Further, it identifies Informz as a responsible member of the e-mail marketing community."
As a reseller of Return Path's product, Informz will charge its customers an annual fee in return for certifying them as having a good e-mail record, and posting a bond on their behalf. If a spam complaint is filed, the bond would be debited, with the proceeds going to a non-profit organization.
"The Bonded Sender Program only accepts e-mail providers that meet the strictest e-mail standards," said George Bilbrey, vice president and general manager of Return Path's Deliverability Assurance Solutions. "Because Informz meets the reseller standards for this service, their customers can now benefit by working with them to be accredited and accepted into the program."

Over 100,000 Sources of Spam and Other Malware Detected in Any Given Hour

2005-06-16T06:47:00.000-07:00

Mail-Filters.com, Inc. is theglobal leader in OEM anti-spam solutions providing technology for its OEMpartners filtering billions of messages a day in more than 100 countries and30 languages. Mail-Filters noted that last week the number of unique, active,significant spam sources averaged 103,967 hourly. "It must be stressed, however, that these sources are just the tip of theiceberg," says Ben Westbrook, CEO of Mail-Filters. "The number of machinesdetected sending any spam is significantly larger. Given that the typicalnumber of spammers in any given hour is in the hundreds, we can say that thevast majority of these machines are hijacked. Not only that, this is a onehour snapshot of spammers sending messages to our partners' customers. You caneasily see that millions of computers continue to be hijacked for the purposeof sending spam and phish." Mr. Westbrook continued: "The real problem isthat the IP addresses of these innocent hijacked computers get on blacklistsused by some spam filters. Any legitimate mail from these addresses runs therisk of being stopped, driving up those filters' false positive rates andpreventing legitimate mail from being delivered to a business associate,customer, or partner." Mail-Filters described in February 2005 the problem with Trojans and theimpact they are having in the email space. Mail-Filters technology is one ofthe few anti-spam technologies available in the industry that is not impactedby these Trojans. Nevertheless, since most spam filters are fooled by thistactic, spammers and phishers continued to find more effective ways ofhijacking computers for the purpose of sending spam and phishing messages.This latest data shows the practice is still going strong. Mail-Filters' anti-spam filtering technology catches both spam andphishing messages. It combines two proprietary weapons: the Bullet SignatureDatabase created and maintained by both technology and human editors, and theSTAR Engine that detects spammer tricks. This approach allows it to catch newtypes of spam, including phishing, embedded content, HTML, and foreignlanguage spam. The result is a catch rate of more than 95% with less than 1 in1,000,000 false positives.

Do You Know What's in Your Trash?

2005-06-16T06:25:00.000-07:00

A hearty welcome to all the spam fighting filters and programs created to rescue us from the deluge of unwanted e-mail! There is practically a “solution” for everything. But as with most online “solutions” filters and programs are only tools that users need to make some effort to use properly to reap the benefits.
You have to learn how to use these programs to your advantage or you can experience the unexpected downside. How can there be a downside when we’re talking less spam you say? Unfortunately, all too often legitimate and expected e-mails are being eaten by filters and are ending up in the trash!
Twice this week I received terse e-mails from new clients awaiting my response on certain issues. Because they were new to working with me, they didn’t know that I usually respond within an hour to most e-mail. My responses were not returned as “undeliverable” so what happened? Where are they? In both instances I called my clients only to find my messages had inadvertently landed in their junk or trash folder because of their ISP’s filtering systems.
When communicating with clients and in my day-to-day communications, I do not go to extremes to alter certain words that may trip filters in my day to day communications. With folks I know, that shouldn’t be an issue because they are supposedly expecting my e-mail. In addition, I always instruct new clients and subscribers to add me to their address book, approved or white list.
Plus as I am sure you’ll agree, you’ve seen all those funky ways of spelling certain words with characters or spaces that are unnatural. I believe they ruin the flow of your message because the reader can’t help but take pause to notice.
Before you send off a terse e-mail complaining or assuming no response, be sure you have covered the following:
1) When you know you will be communicating with a specific person on a regular basis, make sure you add them to your approved list or address book as soon as possible. Many onliners now use Web based e-mail such as Yahoo! and MSN that allow them to control who they receive e-mail from. Just as the majority of ISPs now give you the ability to filter e-mail based on level of spamminess or by adding e-mail addresses to your list so they can get through. Be sure to use these tools to avoid trashing wanted e-mail.
2) Same goes for Web sites or eZines you sign up for. Add their dot com to your list as soon as you sign up. Most legitimate eZines use a double-opt in subscription process that requires you respond or click on a link within an e-mail from them before you get formally added to their list. If you don’t get that e-mail to respond to it—you will not be added.
3) Before you empty your trash or junk folder—go through the trash! Take a quick peak and look at the Sender: and Subject: fields to see if names are familiar or for a topic that is expected. Otherwise you risk wanted e-mail going out with the trash!
Three simple little steps can help ensure the e-mail you do want lands in your inbox. The e-mail you are waiting for may have already arrived!

Intergenix Releases Spam Control Module

2005-06-16T06:17:00.000-07:00

Intergenix LLC, a new jersey based technology solutions provider, announced this week that it has released the spam control module for use with the *nix version of the PortGenix internal monitoring suite.The spam control module allows server owners to monitor, limit, and stop spammers from abusing web based applications running on the target servers.
“Waiting to react after a spam incident is highly inefficient. With the spam control module and the PortGenix internal monitoring suite, you can not only trace the problem and the culprit, but you can now automatically stop these problems.” said Jacques Manukyan, CEO of Intergenix LLC.One of the myriad of issues facing server owners is that of spammers abusing and exploiting web application weaknesses to send thousands and possibly hundreds of thousands of emails through the victims server.
“Ultimately, it’s the server owner who is blamed for the spam being sent out, and it is the owner of the server who must face the consequences of allowing spam through their servers.” said Manukyan.The spam control module can limit the amount of emails being sent from web based applications. Server owners can specify filters to restrict and limit outgoing emails from web applications. Restrictions can be customized to meet

Firefox is PC World's Product of the Year

2005-06-16T06:16:00.000-07:00

Mozilla Firefox 1.0 web browser took the top spot on PC World's ranking of 100 best products for 2005.
Mozilla Foundation, a non-profit organization dedicated to preserving choice and promoting innovation on the Internet, announced today that PC World named Firefox its "Best Product of 2005".
Firefox is an open source web browser and according to the organization, its customizable features and ease-of-use has attracted many users. It also features a tabbed interface, better navigation, built-in Google taskbar, a pop-up blocker and Autodownload. These have added up to increase the browser's market share consistently in the past few months. According to WebSideStory, the U.S. browser usage of Firefox grew from 3.03 percent to 4.06 percent last december.
Mozilla's email client, Mozilla Thunderbird 1.0, also ranked high on PC World's list of top 100 product. Thunderbird's email sorting functions, spam filters and better performance than OutLook were cited as reasons for this.

Tips on emailing with the outlook express

2005-06-16T06:13:00.000-07:00

The following are some tips on using features available on outlook express. Multiple Recipients If you wish to send the same e-mail to more than one recipient — just type the addresses of the receivers of the mail in the To: field. Separate each address with a comma or semicolon.
Mask E-mail Addresses In some situations, you may want to send the same e-mail to, say, two recipients but you don’t want the recipients to know who else received the mail. Use the Bcc field. Bcc is the acronym for Blind Carbon Copy. Type the e-mail address of the first vendor in the To: field and that of the second in the Bcc: field. Avoid Typing addresses Do you wish to recall e-mail addresses — particularly the long ones — without remembering them? One way to accomplish this is to use the nick name approach. Give a nickname for any e-mail address in the Address Book. Here is an example: Say you want to send mail to a person who is a mathematics professor and whose address is johndoe@mathsdept.sciences.univ.edu. Create an entry in the Address Book for this recipient. In the Nickname field, type, for example, math. To send a mail, you just need to type math in the To: field. Outlook Express automatically substitutes the entry with the actual e-mail address. Insert Signature Do you type your name, title, and contact information (address, telephone, fax, etc.) at the end of the message? If you send many mail daily, this task can be laborious and prone for typos. Here's one way to perform the task with ease: Insert a signature file at the end of the message. The file is a text file that contains your contact info. You just have to create it once and save it with a .txt extension (e.g., sig.txt). Then, insert the same — using the Insert option — in as many messages as you wish. Note that you can have different signature files for a different set of messages and e-mail accounts. Create Filters Are you tired of receiving unsolicited or spam mail? Filters, to an extent, can help you to tackle such mail. You can use the Message Rules option and create several filters to filter unwanted mail. Each filter is comprised of a rule. A rule has one or more conditions and actions. Whereas a condition specifies the criterion to filter the e-mail, an action indicates how to deal with the filtered e-mail. Here's an example of a rule: (a) Condition - Where the Subject line contains specific words e.g., Lose Weight in 21 Days. (b) Action - Delete if from server. Compose Offline A nice thing about e-mail is that you don't have to compose the message when you're connected to the Internet. To use this feature, start OE and specify that you want to work offline. Compose the message. Then, click Send Later from the File menu. Your message will be stored in the Outbox folder. Any time afterwards, to send the mail, connect to the Internet and use either the Send and Receive or Send All option from the Tools menu. In case your message is incomplete, you can save it in the Drafts folder. After you've typed the (partial) message, click File > Save. An alert box displays a message that your mail has been saved in the Drafts folder.

Filters best for fighting spam

2005-06-14T05:29:00.000-07:00

CHICAGO — They are imperfect and often overzealous, but spam filters are still the best way to fight unwanted e-mail, technology companies and privacy advocates said yesterday. At a conference here sponsored by the International Association of Privacy Professionals, people involved in the fight against spam said filtering software remains the most widespread and effective way to keep unwanted e-mail out of in-boxes. Scores of other methods to defeat spam have appeared in recent months, including legislation and changes to the structure of e-mail. "There are other solutions out there, but ... filtering is really the most valuable tool," said Carl Hutzler, director of antispam operations for AOL, the world's largest Internet service provider. Spam is unsolicited commercial e-mail. Spam is often deceptive in nature, and technology analysts have said it costs businesses as much as $10 billion a year in services and lost productivity. AOL said it blocks about 80 percent of all incoming e-mail because it is spam. Several hundred companies have emerged in the past year to offer spam-filtering software for e-mail users and businesses. Most filters search for characteristics common in spam, such as pornographic words. Many filters weed out e-mail sent from addresses that have been put on Internet "blocklists," which attempt to identify spammers. Most major Internet service providers use a filtering system to prevent spam from reaching customers, and some boast of blocking more than 90 percent of unwanted messages. The providers acknowledged yesterday that filters are imperfect, because they fail to block all spam and occasionally block e-mail that customers want. But they insisted that filters would remain the primary solution, because no other method has worked. Legislation designed to regulate spam at the state level has failed to stop senders of unwanted e-mail, according to those familiar with the laws. Congress is close to passing a bill that would ban the most deceptive forms of spam, but technology analysts said it is unlikely to work because spammers excel at hiding their identities. To some Internet providers, filtering is an economic necessity. "We can't accept every piece of mail that comes in," Mr. Hutzler said. "The cost would be prohibitive. Filters and blocklists are obviously necessary for these reasons." Microsoft, which owns the Internet service provider MSN, recently updated its spam-filtering service, which examines each e-mail based on more than 100,000 different attributes. It also uses products from Brightmail, a company that filters out spam to more than 280 million e-mail addresses. Much of the staff at the Microsoft's antispam division is charged with researching and analyzing ways to make spam filters more accurate. "We think filtering is certainly part of our core solution," said George Webb, the division's business manager

Is the CAN-SPAM Law Working?

2005-06-14T05:24:00.000-07:00

Commtouch Software, based in Mountain View, California, and MX Logic, based in Denver, both found that more than 99 percent of spam e-mail they checked through late last week did not comply with one or more provisions of the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2005.
A third spam filtering vendor, Audiotrieve, found just over 10 percent of unsolicited commercial e-mail complying with CAN-SPAM requirements in a survey of e-mail it conducted over the weekend.
On the Rise
The new law hasn't had an effect on the amount of spam being sent, either. "There's been no reduction in the volume of spam," says Scott Chasin, MX Logic's chief technology officer. "In fact, the exact opposite--our spam rates are actually going up."
MX Logic classified 77 percent of its customers' e-mail as spam on Monday, up 6.5 percent from January 1.
CAN-SPAM requires that spam e-mail include a working return e-mail address, a valid postal address for the sending company, a working opt-out mechanism, and a relevant subject line. The law also directs the U.S. Federal Trade Commission to study setting up a national do-not-spam list, similar to the national do-not-call telemarketing list now in effect.
Enforcement Needed
The numbers from the three vendors show the need for enforcement actions against major spammers, says a spokesperson for Senator Conrad Burns (R-Montana), a sponsor of CAN-SPAM.
On December 11, Burns and Senator Ron Wyden (D-Oregon), the other leading advocate of CAN-SPAM, sent a letter to FTC chairman Timothy Muris, asking his agency to take enforcement action against "kingpin" spammers once CAN-SPAM became law.
"Senator Burns has continually stated that enforcement is key regarding the CAN-SPAM legislation," the Burns spokesperson says in an e-mail. "This is something that we certainly won't let fall through the cracks."
An FTC spokesperson didn't immediately respond to a request for comment, but Burns' spokesperson provided a letter from Muris dated January 7. "Although we have directed substantial resources to studying a do-not spam registry, we have many more investigations under way," Muris wrote to Burns and Wyden.
Spammers often hide their identities, and an investigation into a spammer can take months, Muris also wrote.
Taking Action
The national spam law alone won't cut the amount of spam being sent, but enforcement could have an impact, with multimillion dollar fines and jail terms allowed in CAN-SPAM for some spamming activities, says Avner Amram, executive vice president at Commtouch. "Legislation is the first step, enforcement is the second," he says.
Commtouch and the other vendors tout antispam technology as an essential partner in the fight against spam. "While legislation helps, it's not the answer," Chasin says. "We applaud the intent of the legislation. Any step in the direction of trying to stop spam is a good road to go down."
To determine how much spam is in compliance with CAN-SPAM, the three vendors took different approaches. MX Logic, which provides spam and virus filtering services, looked at 1000 randomly selected pieces of spam received during the first seven days of January and found only three that complied with CAN-SPAM requirements that the e-mail include a working opt-out option and a valid postal address. In cases where the spam includes a physical address, it may be the address of a bulk e-mail company and not the actual company marketing the product, Chasin says.
Audiotrieve, based in Boxborough, Massachusetts, collected e-mail messages using so-called "honey pot" accounts on January 10 and 11, and found 102 of 1000 messages analyzed contained all of the information required by CAN-SPAM. Physical addresses were missing from all of the remaining 898 spam messages, according to a press release from Audiotrieve, which markets its InBoxer spam filter.
Commtouch, which uses its Recurrent Pattern Detection technology to identify and filter massive spam attacks, has analyzed millions of e-mail addresses since January 1 and found less than 1 percent that comply with CAN-SPAM, Amram says. Commtouch found that 80 percent of spam e-mail didn't include valid return e-mail addresses and more than 40 percent contained subject lines that weren't related to the text of the e-mail.

Stemming Spam

2005-06-14T05:13:00.000-07:00

Efforts to curtail spam have been pressing forward, with some positive results. The CAN-SPAM Act, which went into effect on January 1, 2004, directed the Federal Trade Commission (FTC) to adopt tools to combat unsolicited commercial e-mails, commonly known as spam. Those rules continue to evolve, despite resistance from marketers who employ spam to spread the word about products that range from legitimate consumer goods to black market drugs, pornography, and worthless investments.
Still, there seems to be no stemming the flow of spam email that profile of obscure, penniless public companies. Read those reports and you might believe that every one of these struggling companies is poised to become the next Microsoft or Intel. That optimism is generally paid for by promoters who are looking to create interest in a company, help spike the stock price, and then dump their own shares. There is virtually no chance that any of these companies will rival Microsoft, Intel, or any other successful technology company. Most of them are lucky if they can afford to buy a computer, much less market one.
The anti-spam initiative moved forward this month when federal enforcement agents arrested two Detroit, Michigan-based men and charged them with sending millions of e-mail advertisements for a bogus weight loss patch. Two other men are still being sought in the case. The arrests mark the first use of the new spam busting regulations.
The four men, Daniel Lin, Mark Sadek, James Lin and Christopher Chung, could face five year prison terms under the CAN-SPAM law, as well as mail fraud charges that carry a maximum 20 year sentence.
Authorities claim that the defendants earned almost $100,000 a month selling the phony diet patch through a company called Phoenix Avatar. To cover their tracks, the men used other people's e-mail addresses, a technique known as spoofing. Spoofing is illegal under the new anti-spam rules.
In a separate case targeting spammers, the FTC said it is seeking to close Global Web Promotions Pty Ltd., an Australian-based spam operation that sends a massive number of spam to the U.S. Global Web, like Phoenix Avatar, has been promoting a useless diet patch, as well as other anti-aging products that experts say do not work.
These spammers, who are selling useless weight-loss products, have a good deal in common with spamming promoters who peddle worthless stocks. Both are using e-mail to gain immediate, low cost access to millions of potential customers, and both employ manipulative and misleading techniques to profit at the expense of innocent consumers.
Now, hopefully, the FTC will aim CAN-SPAM at the stock promoters as well, and curtail the seemingly endless stream of promotional nonsense that litters the e-mail.

83% of spam contains hidden tracking codes

2005-06-14T04:53:00.000-07:00

Eight out of ten spam e-mails contain covert tracking codes which allow the senders to record and log recipients’ e-mail addresses as soon as they open the message. These are among the findings revealed this week by OUT-LAW.COM, the IT and e-commerce legal service from international law firm Masons. The research was carried out for OUT-LAW.COM by network security experts iomart.
Much of this unwanted spam is illegal under various regulations but Shelagh Gaskill, a partner at Masons, said: “The people sending it could not care less about the law.”
Iomart set up separate accounts to receive spam, or unsolicited commercial e-mail, and the team of investigators played dumb and opened up all spam that came into these accounts.
They found that 83% were HTML e-mails with hidden tracking codes that notified the spammers as soon the messages were opened. After a two-week period, the volume of spam received on these accounts virtually doubled. Hundreds of worthless e-mails became thousands in almost no time at all.
Next, the team ‘sterilized’ the spam flowing into these accounts, removing the hidden tracking codes. During the next few weeks there was a slight but steady decline in the mountain of spam being received.
Their conclusion was simple and stark: that spam e-mailers respond to the hidden tracking codes by sending more e-mail to identified accounts.
For a third trial period, spam e-mail was ‘bounced’ by means of an automatic e-mail being sent to the spam sender, stating that the e-mail could not be delivered, but not giving a specific reason why.
Predictably, based on their earlier findings, there was a marked drop in the number of spam e-mails being received. The decrease in spam e-mails started almost immediately, and after about two weeks the volume being received had decreased by about 40%.
“The rule is simple: do not open spam if you want to minimise it,” says Iain Richardson, a software developer with iomart. “A lot of spam is evident from the subject header and sender’s name. If you suspect it’s spam, the easiest thing to do is to delete it – otherwise you’re letting the senders know that you exist and you will receive more.”
Richardson offers a few tips on reading e-mail, and explains how people get caught out. “Popular software, such as Microsoft Outlook or Express, lets the user read a section of the e-mail in the preview window before opening the full e-mail. Be warned that viewing a preview pane will activate the hidden tracker code – so don’t use it if you want to minimise spam.”
Another option is to apply spam filters. The problem with filters is that no system is perfect: there is likely to be an occasional loss of legitimate business communications, unless someone examines all filtered e-mail.
Iomart has developed a product, part of its NetIntelligence suite, which businesses can install in their system to give the option of filtering or sterilising only the hidden tracker mechanism in spam.
There were a couple of points of note in the results of the tests conducted by iomart: most notably that the decrease recorded after spam was bounced was less pronounced than the increase noted when the accounts were newly set up and no action was taken to remove tracking codes or bounce e-mails.
So far, so good. Cutting down spam requires little more than ignoring the obviously tacky. Unfortunately, the iomart study suggests that the spammers have thought of that and are involved in a subtle form of electronic warfare to circumvent those who take the simple precautions outlined above.
When the team began bouncing e-mails there appeared to be an increase in the amount of spam coming from different domain names. They concluded that this is likely to be an attempt by the spam senders to circumvent blocking mechanisms based on domain names.
There are laws that are relevant to spam. Depending on how the e-mail addresses were obtained and the manner in which spam is sent, there may be a breach of the Data Protection Act. Do not trust those unsolicited offers of “128 million e-mail addresses on a CD for $200.”
There may also be a breach of the contract that the sender has with its internet service provider – since many ISPs forbid the sending of spam.
Also relevant is the E-mail Preference Service, a list to which people can add their e-mail addresses to say that they do not want to receive e-mail marketing – although it lacks any legal weight.
Most recently, under the UK’s E-commerce Regulations, all unsolicited commercial e-mail must be clearly and unambiguously identifiable as such as soon as it is received. Such e-mail must also, among other things, clearly identify the person on whose behalf it is being sent.
The UK has to implement a European Directive on the protection of privacy in the electronic communications sector before November 2003 that goes further than the current UK position on spam.
It requires that unsolicited commercial communications such as e-mail, text messages, faxes or telephone calls from automated calling systems, are only lawful if consumers have already indicated that they are willing to receive such communications.

Spam continuing to damage the Internet's health

2005-06-14T03:53:00.000-07:00

COULD SPAM EFFECTIVELY destroy the Internet? While that's a question direct marketers would either avoid or laugh at, depending on their outlook, it's an increasingly-serious problem.
The Internet, in its most abstract form is a tool designed to facilitate communication between at least two parties who may be separated by hundreds or thousands of miles. The idea of an electronic mail system that can deliver messages across this network is an obvious one and is crucial to the dissemination of information. Even in the 21st century, email functions as the lowest-common-denominator of Internet access. Computers far too slow for streaming video or flash animations can access it, even users on ancient 14.4 modems can download it, assuming no attachments, and even the most electronically uninitiated can learn/understand the simple act of writing a letter and sending it to someone electronically. For many people exploring online for the first time, email acts as a gateway and entry point to a much wider world. It is, in a word, essential.
Spam began life as small containers of whipped pig, became an occasional annoyance, and is rapidly becoming a problem of endemic proportions. AOL is reportedly beginning to block ADSL users from certain networks that run their own personal mail servers, from writing to AOL addresses as an anti-spam effort.
Faced with a deluge of spam coming from the East, many US companies/technical firms have begun banning all email delivered from certain world IP ranges .[Most of my spam comes from the USA, Jack. Are you telling me that Coral Calcium won't change my life? Ed.] Blocked at the firewall, such email bounces and isn't delivered. An increasing number of users refuse to publish their email addresses or give erroneous ones so as not to be placed on email lists that are then sold to mass-marketing companies. Entire websites are devoted to maintaining blacklists of domains or IP's accused of spamming, and getting taken off such a list can be all but impossible.
All of the anti-spam actions undermine the fundamental principles of communication the Internet is meant to foster and the problem isn't getting better. Faced with an ever-increasing deluge of junk mail, users and companies alike are adopting increasingly restricted rules of communication that have begun to transform email networks from open communication areas to walled fortresses, the occupiers of which speak to each other only under an occasional flag of truce.
It might be easier to tolerate this parasitic form of advertising if any of the arguments used to justify its continued existence held water. Some of these are.
It takes no effort to delete Untrue. Deleting one email takes no effort, deleting 500 does, particularly when one must sort through all 500 to ensure that a real, valuable message isn't wiped along with the junk.
Users can opt-out of receiving it Again, untrue. It’s a well-known fact that responding to a spam email with a removal option will indeed get you removed from that particular company's list, but it'll also put your name on a list of "guaranteed" active email addresses that'll be resold at a premium price. It's like plugging one hole in a dike while drilling fifty more.
Spam advertises important services Unless fifty thousand people I don't know have somehow intuited that I'm drastically under-endowed, have a secret love for websites named "goatsandsheep.com" and want to make money from home without buying anything, selling anything, talking to anyone, or sending any mail, I don't think this argument holds water either.
Perhaps the biggest and most practical anti-spam argument, however, is its cost. While bulk email lists are cheap and sending the emails may be effectively free, the cumulative cost in network bandwidth to the thousands of companies slammed with the message isn't. Spam is the ultimate advertising parasite. Imagine, for a moment, that your newspaper boy was forced to deliver fifty thousand advertisements with every paper, while the newspaper company itself was stuck with the cost of transporting and creating those ads, even though the work was done by a third party.
Spam is, in fact, only distantly related to any other form of advertising. Pick up a paper or turn on the television and you'll see advertisements — but these advertisements are placed with the mutual understanding that you, by choosing to read the paper or watch a television program, have agreed to be shown such advertisements to help subsidise it. Websites operate under a similar paradigm. While you are reading this article there are ads running on the page — by visiting The INQUIRER you give tacit consent to view them as partial "payment" for the content you are consuming.
Email spam is something else entirely. It is the only form of advertising that thrusts itself into a space set aside for the private citizen, while trumpeting its right to exist due to the fact that it offers readers choices, whether they want them or not. The argument that having an email address is a tacit invitation to spam is logically false unless an ISP's specific agreement were to implant such a rule. By paying my $20 (or whatever you pay an ISP) you are paying for the right to rent what amounts to an electronic PO Box. Were you to do such a thing at a standard post office, it would not give Best Buy the right to stroll by and casually stuff it full of ads.
If the current spam epidemic is not stopped by legislative action it will inevitably destroy a fundamental principle on which the Internet was based. Email will still exist (as will websites, etc) but the open communication that made the Internet such a useful and interesting place will ultimately be scrapped in favor of a degree of privacy that prevents such abuse.

Worse Than Spam?

2005-06-14T03:50:00.000-07:00

Challenge-and-response systems pose particular problems for newsletters and listservs. These systems try to cut down on fraudulent e-mail by not delivering a message until the sender replies to a confirmation e-mail sent by the intended recipient's ISP or e-mail host.
"Declan McCullagh of Politech and Dave Farber of Interesting-People can't do 100 challenge-responses a day," said Cohn. "That, as a solution, doesn't scale."

It would be wrong to call Cohn soft on spam. While in private practice she sued a spammer and won a court injunction and $60,000. And her employer uses antispam technology on its own servers.
The difference, according to Cohn, is that the SpamAssassin software EFF uses doesn't block spam, it simply rates each e-mail. Staffers then set up their e-mail clients to separate messages into different inboxes. This keeps the main e-mail boxes free of spam, but allows individuals to check the spam folder occasionally to see if a legitimate e-mail was incorrectly tagged as junk.
Many in the technology industry think that only better technology can stop the spam deluge.
"The only people who can stop spammers are other technologists," said trimMail's Gillette.
The most promising new approach is better filters that use Bayesian algorithms to tag spam automatically and move it into a spam folder. The algorithms look at the body and header of an e-mail and judge from past experience whether an incoming message is junk. Users then train the algorithm, by moving misclassified e-mail from one e-mail folder to another.
Paul Graham, who many credit for applying Bayesian filtering to the spam problem, is ecstatic at the power of the new filters.
"I don't need blacklists," said Graham. "My own software is better than I am at deciding what is spam and what is not."
Several open-source and commercial products, such as SpamBayes and Spam Bully, already use Bayesian filtering.
The ACLU's Johnson hopes the new technology will head off the worst of the antispam legislation.
"Why do we want to start imposing a different world for the Internet than we have in the real world?" asked Johnson.
"Let the marketplace handle spam," he said. "When Congress wants to show they are doing something about an issue, they often screw it up."

Major victory in war on spam

2005-06-14T03:44:00.000-07:00

China has woken up to the problem of spam email and blocked 127 servers which were identified as being the source of high volumes of unsolicited email.
The move is likely to send shockwaves through the international community of spammers who previously had regarded China as a safe haven in which to base their operations.
Many spammers had based their servers in and around Beijing because they believed they were safe from the long-arm of Western law and of very little interest to the Chinese authorities. But if that situation is now changing a drastic rethink may be in order.
The Internet Society of China today announced that 127 servers have been blocked, eight of which were based within China itself, 90 were based in Taiwan and 29 were based around the world. Any emails sent from these servers will automatically be blocked from reaching Chinese internet users.
Ren Jinqiang, an ISA official told official State news agency Xinhua: "This has been the first large-scale spammer blockade launched by the Chinese Internet industry."
While the blockade will have little short-term impact on the amount of spam being received in the West it shows a growing acceptance by the Chinese government of the large part it has to play in the war on the worldwide spam problem.
According to Steve Linford from Spamhaus 100 of North America's most prolific spammers are based in the suburbs of Beijing. This tightening of controls in China may encourage the spammers to move on to pastures new, with the long term hope being that they either run out of places to hide or run out of the funds to keep relocating.

Survey: One of every two e-mails is spam

2005-06-14T03:41:00.000-07:00

Unsolicited bulk or "junk" e-mail, commonly called spam, now comprises at least 50 percent of all e-mail being sent through the Internet, according to figures compiled by Brightmail Inc., a San Francisco-based maker of anti-spam software.
"Earlier this year, Brightmail predicted that the volume of spam would reach 50 percent of Internet e-mail by the end of 2003, and it did this July," says Enrique Salem, president and CEO of Brightmail. "In less than two years, spam messages have increased from 8 percent of all e-mail traffic to more than half -- and we expect this trend to continue."
In July Brightmail identified more than half of the 61 billion e-mail messages it filtered as spam. Brightmail claims to filters nearly 10 percent of worldwide e-mail and says its estimates are the most statically relevant e-mail sample available.
Why so much e-mail? Brightmail says it's economics. Individual spammers are capable of sending hundreds of millions of e-mail messages each day -- at essentially the same cost as sending out a single message. Therefore, it takes very few recipients to respond to those messages to make a spammer profitable. And barriers to entry are extremely low with minimal hardware and experience needed.

Spam: Are you part of the problem?

2005-06-14T03:39:00.000-07:00

RECENT surveys indicate that by the middle of 2004, junkmail will make up 60% of the total global e-mail volume.
The battle between network administrators and spam is akin to ongoing guerrilla warfare, but system administrators cannot spend the time to open and filter all incoming e-mail.
In the workplace, it is common to get a hearty laugh out of e-mail jokes and to use the company’s network to forward these items to your friends.
But have you unwittingly become an accomplice to spammers?
Employees often forward what they presume as useful e-mail over the company’s network. This unfortunately contributes to the rise in e-mail volume and a crunch in storage space.
As an example, a mail tagged “high priority” that had “Help a Little Girl with Leukaemia!” as the subject tugged plenty of heartstrings. It was widely circulated, and many concerned employees, out of the goodness of their hearts, forwarded this e-mail to everyone in their group.
Very few people checked out the true source of the message, and no one tried to find out whether the little girl had recovered or not.
Six months later, the e-mail will probably be back in your mailbox.
As e-mail like this continue to deluge your accounts, you will begin to doubt their legitimacy. This means that those who are truly in life-or-death situations and need help may well be ignored because of the lack of trust caused by malicious junk e-mail.
Malicious e-mail is nothing new, and best way to counter them is through education and training.
Cute lil' bear
Remember the e-mail that went around, saying: “Quick, check your hard drive and see whether jdbgmgr.exe is there. It’s the newest virus, you’ve got to get rid of it right away!”
Recipients of this e-mail forwarded it to everyone, as though a great enemy was camped at the door. More “enthusiastic” employees answered: “That jdbgmgr.exe file really is there! There’s also a cute little bear icon, it must be a virus all right. Get rid of it, quick!”
Later, that e-mail too was forwarded all over the place.
Poor innocent bear! That bear icon was actually Microsoft’s Internal Java error handler, and once removed it will be impossible for Java to run normally on your system.
But what should worry people more about e-mail being forwarded is that unscrupulous people could use this to harvest e-mail addresses for profit.
Unless you are positive that a virus alert comes from a reputable vendor, you should confirm the source as there have been instances where viruses have also used security company addresses to send e-mail. Last September, the virus Swen A falsely used Microsoft’s name to send huge quantities of “update patch” notifications.
The e-mail from “ms inet mail storage service” and “MS Program Security Section” caused many users to become infected with viruses. Since users thought Microsoft had issued an update or attachment notice, they opened the attachment and hence infected their computers.
The virus took advantage of Microsoft’s vulnerabilities to automatically run itself and used various means of infection to broadcast a large-scale virus attack.
So what does it mean to “be sure” of the source of such e-mail? Well, the quickest and safest way is to ask the manufacturer or your company’s service department.
Harder to manage employees
Jokes and pornographic photos no doubt account for a high percentage of e-mail forwards.
Such e-mail may be more harmful than you think. It can infringe upon the rights of other, and can exact an even higher price in terms of IT.
A well-known publicly traded company in the United States once had a female employee object to the subject line “25 Reasons Why Bears are Better than Women.” The company had to shell out more than US$1mil (RM3.8mil) to buy a mail management software system.
When objections come from within the company, it might not be so difficult to manage them – but when legal questions arise, it is not always so easy.
In recent years, employees have begun to rely more on the Internet. Survey results show that 40% of broadband enterprise bandwidth is used to download MP3 music files or audio-visual files unrelated to work.
Reacting to this technology proliferation, employers are continuously trying to exert a stronger supervision against the use of the Internet.
However, freezing or limiting Internet use is naturally a very controversial area. The majority of corporate policymakers who have made this difficult and necessary decision did so because they saw it as a way to stem the tide of worms coming in by e-mail and to avoid legal problems related to employee download of MP3 files.
Unfortunately, they have also unfortunately sunk into a morass of lawsuits.
Brotherhood of spam, viruses
The majority of firewalls are not effective enough to stop e-mail from coming in. This means that spam and worms can easily break through the first line of defence and get onto the e-mail server. From there, they move to the client workstations.
Junkmail means extra loads on mailserver bandwidth; they sit on top of legitimate e-mail, perhaps even covering up business opportunities. Sandwiched amid advertisements, pictures of puppies, “true stories” from voluptuous women, and joke animations, it is hard to predict how long a real piece of e-mail will take to reach its recipient.
Each e-mail that reaches the client may also carry a worm that will cause the recipient to unwittingly give up all the addresses in his address book. Then the worm starts its cycle of destruction again.
This year’s highly infective big virus, “Sobig,” is a good example of the partnership between viruses and spam. Sobig used e-mail with the subject lines “Thank you!,” “Details,” “My details,” “Approved,” “Your application,” “Wicked screensaver” and “That Movie” to spread itself worldwide.
Network security and antivirus experts are now in a dilemma with users relying heavily on the Internet and e-mail. Must safety-conscious IT departments force workers to give up the Internet, with its growing array of treasures?
That’s refusing to eat for fear of choking.
Therefore, the best thing is to have a network safety expert put a barrier in place for you.
Set up a united front
Since most firewalls only provide basic filtering capabilities, they are not well suited for advanced intrusion techniques. in response to the trend toward large-scale input of networks in companies.
Viruses and spam are arriving in droves via e-mail. That’s why protection at the network gateway, where an alarm is sounded by security filtering software even before the virus actually attacks, is so important.
With the increasing trend of convergence between junkmail, security vulnerabilities, websites, file sharing and other areas where enterprises are threatened, a complete enterprise security system must take into consideration how to protect the company from “combo” attacks or attacks in multiple modalities.
What is required is a solution capable of cutting off invalid or malicious mail at the gateway, preventing these items from disturbing the company, while also keeping out any viruses they might harbour.
The best software protection should also solve the thorny problem of virus protection and spam management once and for all, so that companies will no longer need to purchase two separate products.
Ever-changing spam kings
To stop the spam problem, we must first of all understand the structure of spam.
The most frequently-encountered form uses an automatic mailer so that the same message is tirelessly sent out over and over. Improvements in the tools used to send these e-mail messages is one reason for the recent explosion in spam. It’s now possible to send out millions of these messages in just an hour.
The so-called “Spam King,” Alan Ralsky from Detroit, Michigan, pumped out 650,000 e-mail messages per hour, which adds up to almost one billion messages a day.
One thing is sure: Ralsky could not have filtered all those messages to make sure they didn’t carry viruses before sending each one out.
As a result, it’s very possible that the enduser may encounter an unwanted gift with the mail.
Today, there are two ways to filter spam. One is to set up a virtual mailbox as a decoy; if this phantom mailbox receives any message, it means that it may be junkmail.
However, since spam engines are constantly evolving, you may not be be able to track down the spammers.
To avoid these problems, businesses are using a second method to directly analyse the spam mail structure. Using this method, it is possible for an enterprise to more efficiently handle its junkmail.
Avoid turning gold into junk
E-mail filtering software can help IT professionals avoid unwanted information hassles.
The definition of junkmail may vary from one person to the other because one man’s spam is another man’s filet mignon. For example, you may have received various commercial e-mail messages claiming assistance in “sexual enhancements.” To many it is merely junkmail, but for that someone who is seeking such information, it helps.
Consequently, spam filtering still faces the need for greater flexibility, and there are still many technical challenges to be overcome.
An effective antivirus solution is the one that locks spam outside the gateway and uses an intelligent heuristic engine to evaluate, identify and monitor existing new messages. The solution must be capable of a high accurate spam capture rate with low false positives.
The package must also effectively stem the tide of junkmail while reducing productivity losses associated with handling and filtering duties. This should translate to a lighter load on IT personnel in monitoring and processing e-mail that comes in.
What is required is a package that offers a high degree of integration with existing antivirus software to provide a comprehensive gateway sentinel.
But endusers should also be held more responsible with better education. They should be more selective of e-mail that is forwarded, and more careful of opening e-mail when its source is questionable.

How To Stop Spam

2005-06-14T03:37:00.000-07:00

Spam. Those annoying, time-consuming emails that clog your Inbox and ruin your day. You wonder: How did it ever get so bad? While it's not possible to completely eliminate spam, there are quite a few things you CAN do about the problem to reduce your burden.Spam is defined as an unsolicited email trying to get you to buy something. In addition, it's email that tries to get you to give up something: your credit card number, social security number, login ID, etc., by pretending to be a legitimate email. Here are some tips for stopping the current spam you're getting, and avoiding getting on new spam lists.1. Maintain two email addresses: a Personal Email Address (that you give to family, friends and business associates) personal one, and a Safe Email Address (one you use whenever you're ordering something online, signing up for an email newsletter, or creating a profile on a website). For instance, I use a Hotmail account for my Safe Email Address. If a spammer were to get a hold of that address, fine. All the spam will go into my Hotmail account, which I only look at once a week. Hotmail has a great anti-spam filter built in, so it's easy to see what's spam and what's not. This practice leaves my personal email account relatively spam-free (maybe I get two spam emails a day to mypersonal account). Some free email services include Hotmail, Yahoo and GMail (Google's new email service). 2. Use your Safe Email Address to send emails to companies who might be harvesting email addresses from incoming emails. For example, say you want to write to a company to ask them about their products. Some companies will harvest your email address from the email you send to them, and put you on their mailing list. By using your Safe Email Address, you can avoid seeing messages from these companies come to your personal email address.3. Stop giving your email address to everyone who wants it. Does your local bank really need your email address? Does your grocery store need it? Just because someone asks for it doesn't mean you have to give it to them. If it's a non-local company, or you are signing up for a mailing list, then they probably do need it. But it's okay to leave the email address blank when filling out forms. Always ask yourself, Do I want to be contacted by this company via email? (Speaking of mailing lists, make sure the companies you subscribe to have a public, posted Privacy Statement on their website.)4. Do not put your Personal Email Address on your website. Instead, use a form so that your email address is hidden. However, some spammers use special software that looks at the HTML code hidden in the form to steal your email address, so using a form by itself isn't always the safest route. Better yet, use a free Form Processor so that your email address is never even in the HTML coding on your pages. The service I use is Bravenet's Form processor http:// www.bravenet.com . You can see ours in action here: http://www.passionforbusiness.com/send-email.htm5. Never buy anything that's sent through a spam email. First, it just encourages them to continue to spam. Second, it tells them that your email address is accurate, and they can then sell that address to someone else.6. Never reply to spam and ask to be unsubscribed. They'll just ignore it anyway, and it tells them that your email address is accurate, which just keeps you on the list. Note: many legitimate emails newsletters and mailing lists use automated unsubscribe links at the bottom of their emails, and you CAN use these to get off of mailing lists.7. Use anti-spam software, like Norton Internet Security, on your own PC to filter spam as it comes into your email system. You still receive the spam, but it gets filtered to a Junk Mail or Bulk Mail folder, and segregates the spam from the legitimate email. Most anti-spam filters need to be trained, however, so you'll have to occasionally tell the filter that something is NOT spam that it inadvertently put into the Junk Mail folder. Many of these anti-spam filters work on the principle of White Lists (legitimate emailaddresses that you DO want to receive email from) and Black Lists (spammer email addresses that you do NOT want to receive email from). Learn how to train your anti-spam software and it will work wonders for you.8. Check to see if your ISP or hosting company has anti-spam technology in place, to catch spam before it even hits your Inbox. Be careful, though, because sometimes these filters are over-zealous and you have to train it to accept emails from mailing lists that you have subscribed to.9. Do not use a catch-all email address. A catch-all email address is set up if you have your own website, and it is intended to catch all of the incoming emails sent to your domain even if there is no legitimate mailbox by that name. For example, your email address might be http://mary@mydomain.com. If that mailbox is set up as a catch all, and someone sends an email to http://marie@mydomain.com (with a spelling mistake in the email name), it will be forwarded to http://mary@mydomain.com. However, spammers know about catch-all email addresses, and will take your domain name (mydomain.com) and add common prefixes to it, like info@ or admin@. If you have a catch-all, then those spamming emails will come to you, even if you don't have a legitimate mailbox of http://info@mydomain.com or http://admin@mydomain.com set up with your hosting company. See how easy it is for spammers to get to you?10. Finally, if spam is really bad, create a new personal email address for yourself, tell everyone about the new address (give them several reminders that you are changing email ddresses), then delete the old personal email address. This may seem a little drastic, but if you receive 200 spam emails a day, it might be time to time this final step to eradicate it.You are not powerless against spam. But you do have to take action to fight back. Don't let them bully you into accepting hundreds of unwanted emails a day! Take action now to reclaim your Inbox!Karyn Greenstreet. is a Self Employment expert and small business coach. She shares tips, techniques and strategies with self-employed people to boost clarity and focus, create sustainable motivation, and increase sales and profits.

Go Bayesian to keep spam mails off

2005-06-14T03:35:00.000-07:00

The term ‘Spam’, however, originated in 1937, when Jay Hormel of Austin, Minnesota, in the United States, sent nearly two million 50-lb crates of Hormel’s Spiced Ham to soldiers in WW II. Soldiers quickly developed a love-hate relationship with the pink product.
The issue of e-mail spam has only gotten bigger over the years, and the spam business is now valued at around $20 billion per year. Hardly a day passes without us finding mails peddling, among other things, Viagra, debt, porn sites, insurance rates and online degrees in our mailbox. Even as security and mail companies offer various solutions to combat this menace, spammers themselves are becoming smarter by the day, finding means to bypass existing anti-spam tools.
One of the most promising antidotes to spam is so-called Bayesian filtering, which calculates the probability that a given message is spam, based on analysis of messages previously identified as being spam or not being spam.
Most of the spam filters available in the market are keyword-based, that use word and phrase lists to trap spam. These only look for occurrences of the ‘banned’ words to determine if a given mail is spam or not.
Bayesian filters, on the other hand, see casual connections, and can evolve with spam. A Bayesian filter would learn from experience. So while they know that the phrase ‘insurance rates’ is spam, they can also learn, without human assistance, that ‘get the best rates of insurance’ is also spam.
The Bayes in Bayesian was an 18th-century British clergyman and amateur mathematician, Thomas Bayes, who suggested in a posthumously published paper that the probability of some event occurring in the future is related to the proportion of times that event occurred in the past under the same circumstances. Later, mathematicians refined Bayes' ideas and, in the 20th century, built a formal system of classification and decision-making and began applying it to many tasks in science and engineering.
In a sense, Bayesian filters are practically human. Think about how you detect spam. A quick glance is often enough. You know what spam looks like, and you know what good mail looks like. This knowledge of course, comes from our past experience with spam. The probability of spam looking like good mail is basically zero, once we know what to look for.
A Bayesian filter does something like this, it learns from past experience. While we learn to recognise spam from the subject and sender’s names, a Bayesian filter goes even further. It analyses the entire message, so has a lot more to draw on. Once they ‘learn’, they can actually get better than humans at detecting spam.
There are a number of software products available which have implemented some form of Bayesian technique or the other. SpamBayes effort has produced an Outlook add-in. Another free Outlook spam filter using a Bayesian technique is Spammunition (download now), currently in beta. Spam Bully provides a commercial solution. PopFile is an open-source spam filter.
Bayesian spam filters are here to stay. That they are efficient and the future of spam filtering is proved by the fact that the software monolith Microsoft set up a department to develop software that implements the Bayesian technique as far back as 1997.
So here’s wishing you luck with your mailbox, may it never have more spam than actual mail, as is now the case with most of us. With Bayesian filters, such a thing will hopefully just be a bad memory. Tell us what you'd like to read next in this feature.

German hate mail spam attack stuns experts

2005-06-14T03:31:00.000-07:00

Mailboxes in Germany and the Netherlands were flooded yesterday with spam containing German right-wing propaganda. Spammers used the Sober.G virus - a mass mailing worm that sends itself to email addresses harvested from infected computers - to spread their messages as widely as possible.
Analysts think the spammers may have worked in tandem with virus programmers to hijack PCs and use addresses found there to build large distribution lists. This is believed to be the first time that right wing extremists have used spamming systematically to reach a broad audience. The sheer size of the operation stunned many experts.

Although none of the mails referred to it specifically, the European election may well have triggered the flood of racist emails. Some of the messages, with taglines such as "What Germany needs are German children", complained about the increasing numbers of immigrants from Turkey and Belarus, who are "driving criminality up" and are entering into "mixed relationships" with German women. Other mails, Deutsche Welle reports, warned of the rising cost of medical care on foreigners who increasingly travel to Germany as "medical tourists".
German magazine Der Spiegel reported that 80 per cent of the spam it received came from a server at the University of Rostock. The university says it will work with IT experts to trace the spam back to its original source.
According to the German news site Heise Online, the Sober G. virus seems to get its instructions from servers at home.arcor.de, people.freenet.de, home.pages.at, scifi.pages.at en free.pages.at, but there is still no conclusive evidence as to who orchestrated the unprecedented flood of hate emails.
Some suspect that the German newspaper Junge Freiheit ("New Freedom"), which seeks political respectability for a right-wing conservative body of thought, may have something to do with it, as some of the messages explicitly refer to it.

Insiders Weigh Prospect Of Wireless Spam

2005-06-14T03:28:00.000-07:00

less than a month, it will be illegal to send commercial messages to any Internet domain associated with wireless messaging subscription services.
The ban is the result of rules adopted by the Federal Communications Commission in August to implement the Can-Spam Act. The commission's goal is to protect consumers from spam on their wireless phones and pagers. With the exception of a few provisions that require approval from the Office of Management and Budget, the rules will become law Oct. 18.
To assist marketers in determining where they can send spam, the FCC is creating a public list of domains used for mobile-service messaging. Individual addresses in those domains won't be listed.
"I think the FCC ruling is a great step in the right direction," says Alex Campbell, CEO of Vibes Media, a text-messaging marketing company. "There are people out there who will look at cell phones and say, 'there are 169 million of them out in the U.S. What if I build this program on my PC that sends an E-mail to your phone number and let it run?' It'll stop that, as well it should."
The ban doesn't prohibit short-message-service messages transmitted solely to phone numbers (as opposed to those sent to Internet addresses).
Though Campbell approves of the ban, he questions the need for it, noting that from a marketing perspective, spamming text messages doesn't work.
"The cell phone is a very personal device," he says. "If you're going to do marketing with cell phones, you have to do it right." To Campbell, that means sending text messages only to those cell phone users who have requested it.
Spammers have no such scruples. At the end of August, Verizon Wireless was granted a permanent injunction against a Rhode Island-based spammer who sent spam to Verizon customers. The unsolicited short-text-messages offered mortgage loans and directed individuals to adult Web sites. The spammer and his associates distributed their messages with spoofed addresses so that unsuspecting people appeared to be the senders of the spam. Verizon has filed suits against other wireless spammers as well.
While spam on the Internet remains a far larger problem than wireless spam, mobile providers are nonetheless concerned.
"It's one of those low-probability, high-outcome events," explains Jeff Popoff, VP of marketing for Redknee Inc., a maker of mobile network apps. "In certain markets, we see that less than a 100 sources are generating 90% of the spam. But the nuisance factor is quite high for business people who rely on short messaging."
"It only takes a small burst of spam to really turn people off quickly," Popoff says. "So there's not a huge window to address the problem."
As to whether the FCC regulation will have the desired effect, Popoff quips that Can-Spam will probably do for mobile subscribers what it has done for E-mail users. Which is to say, very little.
"I think it will get worse before it gets better," he says. "I know carriers are very, very sensitive to stopping this problem as soon as possible without inhibiting the business usage, which is quite important to their revenue stream."
It's an open question, however, as to whether the carriers can protect their revenue stream and their customers at the same time. Six of the seven major wireless carriers in the United States plan to introduce a wireless directory service as soon as 2005, according to testimony before a Senate committee this week. Critics say the directory could post a threat to customers' privacy.
The only carrier opposed to the plan, Verizon Wireless, called it a terrible idea. Testifying before the Senate Commerce Committee, Dennis Strigl, CEO of Verizon Wireless, said that his company doesn't publish customer phone numbers to preserve subscribers' privacy and prevent them from getting spam calls, which they would have to pay for.
"In fact, we see more reason today than ever to protect customers' privacy," Strigl said. "The floodgates are open to spam, viruses, telemarketing, and other unwanted, unsolicited messages on land-line phones, computers, and in mail boxes. We think our customers view their cell phones as one place where they don't face these intrusions, where they have control over their communications."

Who opens e-mail spam?

2005-06-14T03:24:00.000-07:00

Canadians admit to being stressed by spam e-mails, but can't resist responding to the junk.
The annual Internet review by Yahoo Canada reports that about one out of three Yahoo e-mail users said they opened spam messages because they had interesting subject lines. Forty-eight per cent of users respond to spam messages by unsubscribing. Others say they respond to the junk messages to give spammers a "piece of their mind.

Search Engines Try To Block Blog 'Comment Spam'

2005-06-14T03:23:00.000-07:00

Key search engine companies Google (Nasdaq: GOOG) , MSN and Yahoo (Nasdaq: YHOO) as well as Weblog tool provider Six Apart have united to stop "comment spam," but one search engine expert does not think the effort will slow the practice.
Most bloggers allow reader responses to entries. This also opens the door to spammers, who use automated programs to post links to their own Web sites in the comments sections of blogs. The links, and the words within them, have some effect on the spammers' site ranking within search engines.
The measure announced late yesterday supports an HTML tag called "nofollow." When attached to the end of the spammed hyperlink, it signals search engine crawlers to ignore that link. The goal is to take away the incentive for posting such links.
The tags would be added automatically to posts through updated blogging software. If you don't want the tag there, you would have to remove it manually.
"It may help," Danny Sullivan, editor of SearchEngineWatch.com, told TechNewsWorld. "It isn't going to stop comment spam. What it may do is make it a little less attractive. It's not a magic bullet."
There are many holes in the solution, he said.
Bloggers must each set up their sites to accommodate the nofollow tags, for one, he said. Sullivan has written an article describing how to do that.
"People want the links even if they don't affect their Web rankings," he said. "And they may think, 'I'm running automatic tools, so why not keep placing the links?'"
In other words, generators of comment spam are unlikely to change their habits because automatic tools make mass postings effortless. Even if the percentage of untagged links is low, the spammers would still get benefit from them. And even the tagged links still work, so they could still get click-throughs from their placement.
Implementation Coming
The rel="nofollow" tag is already a part of HTML, and Google's crawlers already recognize the code. Yahoo said it will begin support within a few weeks, and MSN will follow later this year with the switch to its own search engine.
Six Apart will release a plug-in for its software, Movable Type.
Many factors play into search engine rankings, so while one extra link won't change a ranking, a 1,000 is likely to, Sullivan said.
Individual bloggers can do a lot to limit the amount of comment spam, he said, first by adding the nofollow tag, but also by taking such steps as requiring registration in order to post, creating a black list of those banned from posting and adding a graphical code that must be viewed and retyped as confirmation that a real person is attempting to contribute.

Sober Worm Spawns German Spam

2005-06-14T03:14:00.000-07:00

-mail users perplexed by the barrage of German-language spam waiting in their inboxes Monday morning can point the finger of blame at the latest version of the Sober mass mailing worm which began rapidly spreading over the weekend.
Sober.q uses both German and English-language messages to direct recipients to Web sites with right-wing German nationalistic content, according to an advisory from e-mail security company MX Logic. One of the URLs points to the Web site of the right-wing German NPD party, it says.
The security firm says that it had seen over 125,000 instances of Sober.q overnight Saturday and into Sunday, and labeled it as a high severity threat. The variant is downloaded by computers already infected by the Sober.p worm, which began circulating earlier this month, MX Logic says. The virus writers appear to have remote control over the Sober.p infected machines, giving them a network from which to launch future spam and denial of service attacks, it adds.
Spreading Propoganda
The latest Sober variant is one of a relatively new type of "propaganda spam," meant to spread political messages rather than sell a product or service, MX Logic says. Circulation of the worm coincides with ceremonies marking the 60th anniversary of the end of World War II in Europe and examples of subject lines it sends include "Dresden 1945" and "Du wirst zum Sklaven gemacht!!!" ("You are made slaves!!!"), according to MX Logic.
"We are certainly seeing more propaganda spam," says Graham Cluley, senior technology consultant with Sophos. Security researchers began detecting religious spam selling a particular view of life last year, Cluley says.
Although Sophos is seeing a lot of German-language spam sent by the new Sober variant, the worm itself doesn't appear to be spreading anymore, Cluley says.
E-mail users are advised to update their spam filters to guard against the new Sober spam

CAN-SPAM not seen to be effective

2005-06-14T03:07:00.000-07:00

Most vendors of antispam products have charted an increase in the amount of spam since the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act went into effect on Jan. 1.
CAN-SPAM includes criminal penalties, ranging up to five years in prison, for some common spamming practices, including hacking into someone else's computer to send spam and using open relays to send deceptive spam. The law allows fines of up to $250 per spam e-mail with a cap of $6 million for aggravated violations.
But some antispam activists assert that the law has aided spammers because CAN-SPAM requires recipients to opt out of unwanted commercial e-mail by contacting each sender, instead of forcing senders to get opt-in permission. The federal law also hurt spam-fighting efforts by pre-empting parts of some tougher state laws, including a California opt-in requirement, said Laura Atkins, president of the SpamCon Foundation.
CAN-SPAM also prohibits private citizens from suing spammers, instead allowing only state attorneys general or ISPs (Internet service providers) to file civil suits. People like Atkins, who operate their own mail servers and receive thousands of spam e-mail, have no recourse against spammers under CAN-SPAM.
"CAN-SPAM has not made it any easier to find spammers," Atkins said. "It has not decreased the amount of spam."
Backers of CAN-SPAM say it provides for the possibility of civil lawsuits and jail time for spammers. ISPs have used CAN-SPAM to file hundreds of civil lawsuits against spammers in 2004, and the key to making the law work is more enforcement, said a spokeswoman for Senator Conrad Burns, a Montana Republican and main sponsor of CAN-SPAM.
"Senator Burns has said from day one that enforcement is key for this legislation to be effective," said Jennifer O'Shea, his spokeswoman. "We have seen several big lawsuits, which have been helpful, but we need to continue to see more of these lawsuits in order to keep up with big time spammers and keep spam out of inboxes."
Burns believed businesses should have an opportunity to market over e-mail, instead of having to get opt-in permission from all e-mail recipients, she added.
"The opt-out provision … gives the e-mail user the responsibility of opting out if there is something they do not want to receive messages about," O'Shea said in an e-mail.
Statistics supplied by vendors of antispam products seem to bear out the criticism of CAN-SPAM. Postini (Profile, Products, Articles) Inc., an e-mail security service provider, said the percentage of legitimate nonspam e-mail it sees dropped from 22 percent of all e-mail at the beginning of 2004 to just 12 percent by December. The company processes 2.4 billion e-mail messages a week.
MX Logic Inc., another antispam vendor, found 67 percent of all e-mail to be spam in February. By November, 75 percent of all e-mail was spam, according to MX Logic.
Spammers, apparently in response to CAN-SPAM, changed tactics this year, said Andrew Lochart, director of product marketing at Postini. More spammers are using so-called zombies networks -- computers hijacked with Trojan horse programs -- to send spam, and spammers are using increasingly sophisticated directory harvest attacks to spam corporate mail servers, he said.
About 30 percent to 50 percent of spam came through zombie spam relays in April, MX Logic estimated. In a three-week survey in November and December, the company found 69 percent of spam sent through zombies.
"I think CAN-SPAM caused spammers to change their tactics significantly," Lochart said. "The spammers got even more creative at hiding, and they've always been pretty good at it."
Although CAN-SPAM hasn't resulted in less spam, the law gives law enforcement agencies a new tool in the fight spam, Lochart said. "It's a good thing we have a law, so when we find some of these roaches, we can prosecute them," he said. "It's a good thing that the federal government recognizes how important spam is.”
ISPs and law enforcement agencies have used CAN-SPAM provisions, including requirements to include a valid postal address and an unsubscribe option in commercial e-mail, to go after spammers. Four large U.S. ISPs filed hundreds of lawsuits against spammers this year, and the U.S. Federal Trade Commission filed criminal CAN-SPAM charges against two companies in April.
Despite these efforts, antispam vendors predict more spam in 2005, not less. "Even from a service provider perspective, after all the lawsuits and convictions, we still have not seen a deterrence effect happen," said Scott Chasin, chief technology officer at MX Logic. "Spam has continued to increase and saturate inboxes, and we've not seen a decline whatsoever. From that perspective, CAN-SPAM is pretty toothless."

Got Spam? It probably came from the U.S.

2005-06-14T03:05:00.000-07:00

Got Spam? It probably came from the U.S.
The United States topped the list of spam-sending countries in 2004, according to a list produced by anti-spam and anti-virus software company Sophos.
Almost half of all spam e-mail messages sent in 2004, roughly 42 percent, came from the United States, Sophos researchers said.
Sophos compiled the list of the top twelve spam producing countries by scanning all spam messages received at its worldwide network of honeypots during 2004. In a distant second to the U.S. was South Korea, with an estimated 13.43 percent.
The United States also claimed the spam-sending crown when Sophos' first list was released in February of this year. In that tally the U.S. was responsible for a whopping 56.74 percent of unsolicited e-mail barrages. But that was before the CAN-SPAM law, which went into effect in January of 2004, could have shown much progress.
CAN-SPAM has had a year to prove its worth, and is now largely viewed as be ineffective, as the latest Sophos list and statistics from other vendors such as Postini and MX Logic show.
IDG News Service reporter Grant Gross wrote a story this week looking at CAN-SPAM and the view isn't pretty. One of the biggest criticisms is that the legislation forces recipients of unwanted e-mail to opt-out of receiving spam by contacting each sender, rather than requiring spammers to receive opt-in permission.

Search Engines Try To Block Blog 'Comment Spam'

2005-06-14T03:02:00.000-07:00

Most bloggers allow reader responses to entries. This also opens the door to spammers, who use automated programs to post links to their own Web sites in the comments sections of blogs. The links, and the words within them, have some effect on the spammers' site ranking within search engines.
//-->
on error resume next
For mp_i=11 To 6 Step -1
If Not IsObject(CreateObject("ShockwaveFlash.ShockwaveFlash." & mp_i)) Then
Else
mp_swver=mp_i
Exit For
End If
Next

Adding a Tag
The measure announced late yesterday supports an HTML tag called "nofollow." When attached to the end of the spammed hyperlink, it signals search engine crawlers to ignore that link. The goal is to take away the incentive for posting such links.
The tags would be added automatically to posts through updated blogging software. If you don't want the tag there, you would have to remove it manually.
"It may help," Danny Sullivan, editor of SearchEngineWatch.com, told TechNewsWorld. "It isn't going to stop comment spam. What it may do is make it a little less attractive. It's not a magic bullet."
There are many holes in the solution, he said.
Bloggers must each set up their sites to accommodate the nofollow tags, for one, he said. Sullivan has written an article describing how to do that.
"People want the links even if they don't affect their Web rankings," he said. "And they may think, 'I'm running automatic tools, so why not keep placing the links?'"
In other words, generators of comment spam are unlikely to change their habits because automatic tools make mass postings effortless. Even if the percentage of untagged links is low, the spammers would still get benefit from them. And even the tagged links still work, so they could still get click-throughs from their placement.
Implementation Coming
The rel="nofollow" tag is already a part of HTML, and Google's crawlers already recognize the code. Yahoo said it will begin support within a few weeks, and MSN will follow later this year with the switch to its own search engine.
Six Apart will release a plug-in for its software, Movable Type.
Many factors play into search engine rankings, so while one extra link won't change a ranking, a 1,000 is likely to, Sullivan said.
Individual bloggers can do a lot to limit the amount of comment spam, he said, first by adding the nofollow tag, but also by taking such steps as requiring registration in order to post, creating a black list of those banned from posting and adding a graphical code that must be viewed and retyped as confirmation that a real person is attempting to contribute

What, Exactly, is Search Engine Spam?

2005-06-14T03:00:00.000-07:00

There's a subtle boundary that separates acceptable search engine optimization practices from the shadier techniques used by spammers. How can you recognize the difference between white-hat and black-hat techniques?
A special report from the Search Engine Strategies 2004 Conference, December 13-16, Chicago.
This panel was somewhat controversial among the purist search engine optimizers attending the conference, who object to any session that offers insight into black-hat techniques. But the session was not intended to teach tricks to fool the engines but to show how using spammy tactics can hurt a site, and ultimately do not pay in the long run.
Search engine spam defined
The first step to determine if you are playing with fire is to understand the philosophical question, "what is considered spam?" The attendees were presented with a fairly clear definition of search engine spam from Tim Mayer, Director of Product Management for Yahoo Search. Yahoo! defines spam as "pages created deliberately to trick the search engine into offering inappropriate, redundant, or poor-quality search results." This is similar to the definitions offered by Google and MSN as well.
Shari Thurow, Webmaster/Marketing Director from GrantasticDesigns.com suggested various questions that site owners should ask themselves related to content and their optimization techniques. While acknowledging that these were "obvious" questions, Thurow said "they just don't get asked enough." She strongly suggests that site owners make sure that the content benefits the target audience—site visitors—and is not just thrown on a page to skew the search engine ranking algorithms.
Sixteen flavors of search engine spamThurow next presented a slide that contained a comprehensive list of sixteen tactics that are considered search engine spam. These techniques include:
Keywords unrelated to site
Redirects
Keyword stuffing
Mirror/duplicate content
Tiny Text
Doorway pages
Link Farms
Cloaking
Keyword stacking
Gibberish
Hidden text
Domain Spam
Hidden links
Mini/micro-sites
Page Swapping (bait &switch)
Typo spam and cyber squatting
Yahoo's Mayer echoed Thurow's warnings about spamming the engines. He explained that Yahoo! (and the other engines) take spam very seriously and spend a great deal of time and effort trying to eliminate spam techniques.
There is a fine line that exists between "optimization" and "over optimization," said Mayer. However, he clearly has both feet firmly planted in reality and understands that, in many product categories, it is the norm to use more aggressive techniques and those who "need" to legitimately compete in that space, may have to venture into the grey zone themselves.
Mayer summed up this sentiment providing what I believe was the quote of the conference: "If you're being entirely organic and going after 'Viagra,' it's like taking a sword to a gunfight. You just aren't going to rank."
Tim has since clarified that his comment was not—and is not—a license to use spam techniques, but simply an acknowledgement that in hyper-competitive categories like gambling and travel, aggressive optimization exists and isn't as overtly obvious in those situations than in less-competitive categories.
How to report abuseThere are two schools of thought when it comes to reporting search engine spam to the engines. There are those that report every occurrence they come across and those who don't report it because they believe it will only be replaced by a spammy site that's simply using subtler techniques. Either way you look at it, Mayer indicated that Yahoo takes spam reports very seriously. He said they helps keep Yahoo! clean, and assists the company in tuning its algorithms to detect new spam techniques as they are adopted.

Stopping Spam

2005-06-14T02:54:00.000-07:00

Stopping Spam
The ScientificAmerican writes: The phenomenon of spam afflicts more than just e-mail. Inside chat rooms lurk "robots" that pretend to be human and attempt to convince people to click on links that lead to pornographic Web sites. Instant messaging (IM) users suffer from so-called spIM--e-mail spam cognates. Blogs can be corrupted by "link spammers" who degrade Internet search engine operations by adding misleading links to sites that distort the utility ratings of Web sites and links.

Spam's a Nuisance That Can Be Managed, Up to a Point

2005-06-14T02:52:00.000-07:00

Spam's a Nuisance That Can Be Managed, Up to a Point
Washingtonpost.com writes: Microsoft's Outlook 2003 has a non-learning spam filter, while its free Outlook Express includes no spam block at all. You can add a learning filter to either program with various add-ons; some, such as POPFile and SpamPal , are free but may require tricky configuration; others, such as SpamBully cost money.

Polesoft declares birth of its new edition of Lockspam!

2005-06-14T02:30:00.000-07:00

Polesoft Inc., the world's professional developer of anti spam software, today announced its new "Lockspam for Outlook" Version 2.0 is available. "Lockspam for Outlook" Version 2.0 is now on store shelves. Since 1st of May, 2004, Lockspam is not free to use any more. However, we encourage users to try our software for 30 days, before they finally place their orders. Users seeking more attentive services and more frequently updates of Anti Spam Engine, will be delighted to find these are available after registration. Attentive services Our high-quality technical support team will always be there for you. They are quick, attentive, helpful and they provide this service for Free! Constant Updates of Anti Spam Engine More constant updates of Polesoft's Anti Spam Engine will assure you that your mail box is against the latest epidemic spam. Free Updates to further editions of "Lockspam for Outlook" Legal users of Lockspam can enjoy the free updates to further editions of "Lockspam for Outlook" in the future. Legal users may either "Check for Updates" or update from our website directly. Also, with a registered Lockspam, you won't get the annoying "Please register" pop ups periodically. Preferential policies for legal users Legal users of Lockspam will also enjoy favorable discounts for further purchases. Polesoft will carry out promotional activities in the future, and paid users will benefit from that. And the following are eight key features of this edition. Safety and Stability: Lockspam focuses on protecting your innocent mails in addition to killing the spam. Polesoft Anti Spam Engine is adopted to provide double defense for your mailbox. Lockspam performs anti email harvesting automatically to prevent the spammers from obtaining your email address. Your privacy is guaranteed with maximum level. Lockspam further improved its stability. And it works with MS Outlook more harmoniously. Accuracy: Over 90% PSK (Percentage of Spam Mail Killed) based on Near-Zero PIK (Percentage of Innocent Mail Killed). By analyzing the information of Polesoft anti-spam engine of the Email's content, Lockspam hits the Achilles' Heel of the spam so as to assure its accuracy. Self-adaptive protection: Automated filtering and live updating Polesoft server has the newest spam resources. Therefore live update of Lockspam could guarantee your mailbox up-to-date to the realtime spam. Polesoft Anti-spam Engine will optimize itself by continuously self-learning your local mails and provide personalized protection with more and more perfect algorithms. Easiness: Easy installation and maintenance save your valuable time Easy Installation: Lockspam is seamlessly integrated into Microsoft Outlook. It operates right after installation without account setting necessary. Easy Maintenance: Completely automated spam filter. No additional manual rules needed. Multi-user support: Lockspam also support modes of multi-users, like Windows XP, so that users won't be bothered to have Lockspam installed twice. Error-tracking log files: When an error occurs, Lockspam will automatically generate log files to keep records of it, so that the users will know the solution to the problem within a day after sending those log files as attachments to Polesoft support at support@polesoft.com. Data backup: Lockspam allows its users to backup their personal data, like Whitelist, Blacklist and General Settings in the Options. Editable Blacklist and Whitelist: Each time activated, Lockspam checks against the addresses in the Whitelist and blacklist, making sure that spam killed and innocent protected. In answer to the repeated voices of Lockspam users, Polesoft has newly developed an editable Blacklist, where users can add, edit or remove the list of unwanted mail sources. Likewise, an editable Whitelist is a list of addresses that users want to hear from. Both Blacklist and Whitelist can be backed up and restored by the button of Export and Import. And with the following enhanced features, "Lockspam for Outlook" Version 2.0 is an effective catcher and killer of spam. Enable Registration. Registered Users may type their Registration keys into the key box to enjoy free updates of filter engine and free updates of "Lockspam for Outlook", as well as the free high-quality technical support. Anti Spam Filter Engine updated. The latest Anti Spam Filter Engine is more effective in catching spam. Stability improved. "Lockspam for Outlook" works more harmoniously with MS Outlook. Your preferential Settings are remembered even after updates and reinstallations. Lockspam will remember your settings in the Options. And it will restore them after your updates and reinstallations. To summarize, "Lockspam for Outlook" Version 2.0 answers the urgent safe anti spam needs with a considerately solution to relieve the pain of Outlook users from being spammed. Lockspam is well suited for use with Outlook automatically after the easy installation. Users need no extra setups or maintenances to get the perfect spam killing and innocent email protecting effect, and neither do they need to worry about the privacy issue. The CEO of Polesoft, Lytton Liou said, "We hope our patent-pending technology could give the masses a safe and light-hearted mood to use email from now on, so that they could really enjoy the pleasure of communication and no need to worry about the intrusion of spam any more." This edition of "Lockspam for Outlook" can only work with Microsoft Outlook, while its sibling Universal Lockspam can work with more mail clients like Outlook Express, Eudora, Formail and so on.

The Economics of Spam

2005-06-14T02:23:00.000-07:00

Tennessee resident K. C. "Khan" Smith owes the internet service provider EarthLink $24 million. According to the CNN, in August 2001 he was slapped with a lawsuit accusing him of violating federal and state Racketeering Influenced and Corrupt Organizations (RICO) statutes, the federal Computer Fraud and Abuse Act of 1984, the federal Electronic Communications Privacy Act of 1986 and numerous other state laws. On July 19, 2002 - having failed to appear in court - the judge ruled against him. Mr. Smith is a spammer.Brightmail, a vendor of e-mail filters and anti-spam applications warned that close to 5 million spam "attacks" or "bursts" occurred in June 2002 and that spam has mushroomed 450 percent since June 2001. This pace continued unabated well into the beginning of 2004 when the introduction of spam filters began to take effect. PC World concurs. Between one half and three quarters of all e-mail messages are spam or UCE (Unsolicited Commercial Email) - unsolicited and intrusive commercial ads, mostly concerned with sex, scams, get rich quick schemes, financial services and products, and health articles of dubious provenance. The messages are sent from spoofed or fake e-mail addresses. Some spammers hack into unsecured servers - mainly in China and Korea - to relay their missives anonymously.Starting in 2003, malicious hackers began using spam to install malware - such as viruses, adware, spyware, and Trojans - on the unprotected personal computers of less savvy users. They thus transform these computers into "zombies", organize them into spam-spewing "bots" (networks), and sell access to them to criminals on penumbral boards and forums all over the Net.Spam is an industry. Mass e-mailers maintain lists of e-mail addresses, often "harvested" by spamware bots - specialized computer applications - from Web sites. These lists are rented out or sold to marketers who use bulk mail services. They come cheap - c. $100 for 10 million addresses. Bulk mailers provide servers and bandwidth, charging c. $300 per million messages sent.As spam recipients become more inured, ISPs less tolerant, and both more litigious - spammers multiply their efforts in order to maintain the same response rate. Spam works. It is not universally unwanted - which makes it tricky to outlaw. It elicits between 0.1 and 1 percent in positive follow ups, depending on the message. Many messages now include HTML, _JavaScript, and ActiveX coding and thus resemble (or actually contain) viruses and Trojans.Jupiter Media Matrix predicted in 2001 that the number of spam messages annually received by a typical Internet user will double to 1400 and spending on legitimate e-mail marketing will reach $9.4 billion by 2006 - compared to $1 billion in 2001. Forrester Research pegs the number at $4.8 billion in 2003.More than 2.3-5 billion spam messages are sent daily. eMarketer puts the figures a lot lower at 76 billion messages in 2002. By 2006, daily spam output will soar to c. 15 billion missives, says Radicati Group. Jupiter projects a more modest 268 billion annual messages this year (2005). An average communication costs the spammer 0.00032 cents.PC World quotes the European Union as pegging the bandwidth costs of spam worldwide in 2002 at $8-10 billion annually. Other damages include server crashes, time spent purging unwanted messages, lower productivity, aggravation, and increased cost of Internet access.Inevitably, the spam industry gave rise to an anti-spam industry. According to a Radicati Group report titled "Anti-virus, anti-spam, and content filtering market trends 2002-2006", anti-spam revenues were projected to exceed $88 million in 2002 - and more than double by 2006. List blockers, report and complaint generators, advocacy groups, registers of known spammers, and spam filters all proliferate. The Wall Street Journal reported in its June 25, 2002 issue about a resurgence of anti-spam startups financed by eager venture capital.ISPs are bent on preventing abuse - reported by victims - by expunging the accounts of spammers. But the latter simply switch ISPs or sign on with free services like Hotmail and Yahoo! Barriers to entry are getting lower by the day as the costs of hardware, software, and communications plummet.The use of e-mail and broadband connections by the general population is spreading. Hundreds of thousands of technologically-savvy operators have joined the market in the last five years, as the dotcom bubble burst. Still, Steve Linford of the UK-based Spamhaus.org insists that most spam emanates from c. 80 large operators.Now, according to Jupiter Media, ISPs and portals are poised to begin to charge advertisers in a tier-based system, replete with premium services. Writing back in 1998, Bill Gates described a solution also espoused by Esther Dyson, chair of the Electronic Frontier Foundation:"As I first described in my book 'The Road Ahead' in 1995, I expect that eventually you'll be paid to read unsolicited e-mail. You'll tell your e-mail program to discard all unsolicited messages that don't offer an amount of money that you'll choose. If you open a paid message and discover it's from a long-lost friend or somebody else who has a legitimate reason to contact you, you'll be able to cancel the payment. Otherwise, you'll be paid for your time."Subscribers may not be appreciative of the joint ventures between gatekeepers and inbox clutterers. Moreover, dominant ISPs, such as AT&T and PSINet have recurrently been accused of knowingly collaborating with spammers. ISPs rely on the data traffic that spam generates for their revenues in an ever-harsher business environment.The Financial Times and others described how WorldCom refuses to ban the sale of spamware over its network, claiming that it does not regulate content. When "pink" (the color of canned spam) contracts came to light, the implicated ISPs blame the whole affair on rogue employees.PC World begs to differ:"Ronnie Scelson, a self-described spammer who signed such a contract with PSInet, (says) that backbone providers are more than happy to do business with bulk e-mailers. 'I've signed up with the biggest 50 carriers two or three times', says Scelson ... The Louisiana-based spammer claims to send 84 million commercial e-mail messages a day over his three 45-megabit-per-second DS3 circuits. 'If you were getting $40,000 a month for each circuit', Scelson asks, 'would you want to shut me down?'"The line between permission-based or "opt-in" e-mail marketing and spam is getting thinner by the day. Some list resellers guarantee the consensual nature of their wares. According to the Direct Marketing Association's guidelines, quoted by PC World, not responding to an unsolicited e-mail amounts to "opting-in" - a marketing strategy known as "opting out". Most experts, though, strongly urge spam victims not to respond to spammers, lest their e-mail address is confirmed.But spam is crossing technological boundaries. Japan has just legislated against wireless SMS spam targeted at hapless mobile phone users. Many states in the USA as well as the European parliament have followed suit. Ideas regarding a "do not spam" list akin to the "do not call" list in telemarketing have been floated. Mobile phone users will place their phone numbers on the list to avoid receiving UCE (spam). Email subscribers enjoy the benefits of a similar list under the CAN-Spam Act of 2003Expensive and slow connections make mobile phone spam and spim (instant messaging spam) particularly resented. Still, according to Britain's Mobile Channel, a mobile advertising company quoted by "The Economist", SMS advertising - a novelty - attracts a 10-20 percent response rate - compared to direct mail's 1-3 percent.Net identification systems - like Microsoft's Passport and the one proposed by Liberty Alliance - will make it even easier for marketers to target prospects.The reaction to spam can be described only as mass hysteria. Reporting someone as a spammer - even when he is not - has become a favorite pastime of vengeful, self-appointed, vigilante "cyber-cops". Perfectly legitimate, opt-in, email marketing businesses and discussion forums often find themselves in one or more black lists - their reputation and business ruined.In January 2002, CMGI-owned Yesmail was awarded a temporary restraining order against MAPS - Mail Abuse Prevention System - forbidding it to place the reputable e-mail marketer on its Real-time Blackhole list. The case was settled out of court.Harris Interactive, a large online opinion polling company, sued not only MAPS, but ISPs who blocked its email messages when it found itself included in MAPS' Blackhole. Their CEO accused one of their competitors for the allegations that led to Harris' inclusion in the list.Coupled with other pernicious phenomena - such as viruses, Trojans, and spyware - the very foundation of the Internet as a fun, relatively safe, mode of communication and data acquisition is at stake.Spammers, it emerges, have their own organizations. NOIC - the National Organization of Internet Commerce threatened to post to its Web site the e-mail addresses of millions of AOL members. AOL has aggressive anti-spamming policies. "AOL is blocking bulk email because it wants the advertising revenues for itself (by selling pop-up ads)" the president of NOIC, Damien Melle, complained to CNET.Spam is a classic "free rider" problem. For any given individual, the cost of blocking a spammer far outweighs the benefits. It is cheaper and easier to hit the "delete" key. Individuals, therefore, prefer to let others do the job and enjoy the outcome - the public good of a spam-free Internet. They cannot be left out of the benefits of such an aftermath - public goods are, by definition, "non-excludable". Nor is a public good diminished by a growing number of "non-rival" users.Such a situation resembles a market failure and requires government intervention through legislation and enforcement. The FTC - the US Federal Trade Commission - has taken legal action against more than 100 spammers for promoting scams and fraudulent goods and services."Project Mailbox" is an anti-spam collaboration between American law enforcement agencies and the private sector. Non government organizations have entered the fray, as have lobbying groups, such as CAUCE - the Coalition Against Unsolicited Commercial E-mail.But, a few recent anti-spam and anti-spyware Acts notwithstanding, Congress is curiously reluctant to enact stringent laws against spam. Reasons cited are free speech, limits on state powers to regulate commerce, avoiding unfair restrictions on trade, and the interests of small business. The courts equivocate as well. In some cases - e.g., Missouri vs. American Blast Fax - US courts found "that the provision prohibiting the sending of unsolicited advertisements is unconstitutional".According to Spamlaws.com, the 107th Congress, for instance, discussed these laws but never enacted them:Unsolicited Commercial Electronic Mail Act of 2001 (H.R. 95), Wireless Telephone Spam Protection Act (H.R. 113), Anti-Spamming Act of 2001 (H.R. 718), Anti-Spamming Act of 2001 (H.R. 1017), Who Is E-Mailing Our Kids Act (H.R. 1846), Protect Children From E-Mail Smut Act of 2001 (H.R. 2472), Netizens Protection Act of 2001 (H.R. 3146), "CAN SPAM" Act of 2001 (S. 630).Anti-spam laws fared no better in the 106th Congress. Some of the states have picked up the slack. Arkansas, California, Colorado, Connecticut, Delaware, Idaho, Illinois, Iowa, Kansas, Louisiana, Maryland, Minnesota, Missouri, Nevada, North Carolina, Oklahoma, Pennsylvania, Rhode Island, South Dakota, Tennessee, Utah, Virginia, Washington, West Virginia, and Wisconsin.The situation is no better across the pond. The European parliament decided in 2001 to allow each member country to enact its own spam laws, thus avoiding a continent-wide directive and directly confronting the communications ministers of the union. Paradoxically, it also decided, in March 2002, to restrict SMS spam. Confusion clearly reigns. Finally, in May 2002, it adopted strong anti-spam provisions as part of a Directive on Data Protection.Responding to this unfavorable legal environment, spam is relocating to developing countries, such as Malaysia, Nepal, and Nigeria. In a May 2005 report, the OECD (Organization for Economic Cooperation and Development) warned that these countries lack the technical know-how and financial resources (let alone the will) to combat spam. Their users, anyhow deprived of bandwidth, endure, as a result, a less reliable service and an intermittent access to the Internet;"Spam is a much more serious issue in developing countries...as it is a heavy drain on resources that are scarcer and costlier in developing countries than elsewhere" - writes the report's author, Suresh Ramasubramanian, an OECD advisor and postmaster for Outblaze.com.ISPs, spam monitoring services, and governments in the rich industrialized world react by placing entire countries - such as Macedonia and Costa Rica - on black lists and, thus denying access to their users en bloc. International collaboration against the looming destruction of the Internet by crime organizations is budding. The FTC had just announced that it will work with its counterparts abroad to cut zombie computers off the network. A welcome step - but about three years late. Spammers the world over are still six steps ahead and are having the upper hand.

Stop spam and viruses before they reach the Inbox

2005-06-10T01:02:00.000-07:00

G-Lock SpamCombat kills 99.5% of spam and viruses before they even get to the Inbox. In fact, the program does not even download unwanted correspondence by deleting it on the server directly. To achieve this astonishing efficiency and accuracy, G-Lock SpamCombat uses all known anti-spam measures - Whitelist, Blacklist, HTML Validator, DNSBL filter, and the Bayesian filter. G-Lock SpamCombat is e-mail client independent, supports POP3 and IMAP, and can be configured to work with popular web-based e-mail services, like Hotmail and Yahoo. AOL users can use it as well. The price of registering the program is 35 US Dollars. The trial version is available as well. While the trial version works with one e-mail account only, it never expires and has no other functional limitations. G-Lock SpamCombat features and benefits:•Self learning. SpamCombat learns from the spam and good email you receive to provide you with great precision and accuracy in solving your spam problem.•Deletion of unwanted emails without downloading them into your inbox. You can preview the message in a quite safe and secure mode to decide if you want to delete this email or keep it. A great way to stop viruses, tracking codes, and large attachments.•Whitelist. Add known sources, from which you receive legitimate emails to the Whitelist and these emails will be always recognized as good.•Blacklist. Solid SpamCombat Blacklist provides you with the efficient way to stop most common types of spam and virus emails. You are also able to add your own items to the Blacklist.•Filtering. Can simultaneously filter emails from multiple email accounts and automatically delete spam so you will not even see it on the screen.•Automatic mode. Can check mail at different time intervals.•Recovering emails. If you accidentally deleted a good message, SpamCombat provides you the ability to recover it from the trash for further receiving with your email client.•Statistics. Shows you the statistics on processed messages in comprehensive tables in graphs.•Easy customizable interface. You can customize the menus, toolbars, grids and message preview screen as you want: add/remove buttons and options from the toolbars and menus, show/hide columns within the grids, and choose the format of the message preview screen by yourself.•Simplicity. In spite of its sophisticated interface, SpamCombat is easy to use and doesn't require you to be a very experienced user. You just check your mail, mark unwanted messages for deletion and let SpamCombat delete them from the server.•Economy. Saves your bandwidth and money by cutting down unproductive email traffic.•Other features: E-mail client independence. Can work minimized to the system tray. Plays a sound when a new email arrives, or notifies you visually. Comprehensive Help documentation provided with software.

Everyone who works in technical support knows the feeling of dread when someone asks what they do for a living, only for an immediate response of "Oh

2005-06-10T00:57:00.000-07:00

Everyone who works in technical support knows the feeling of dread when someone asks what they do for a living, only for an immediate response of "Oh my PC has been running slowly recently, any ideas?". This book is meant for those people who don't know their worms from their trojans, and who've been having a strange problem where they click on a link to one page, but end up at another.
It starts with the simplest but most important step on cleaning up your PC, sorting out your email client. With dozens or hundreds of viruses and spam emails arriving every day, you need a good email program, and Degunking takes you through the various choices from Web-based email from Yahoo or Hotmail, Outlook Express, Outlook, to Mozilla Thunderbird. It gives an excellent chart listing the capabilities of the main email clients, letting you easily choose which matches your requirements, from ease of use, spam protection, HTML support, and so on.
Degunking also provides lots of useful tips on using email, such as deleting everything not required to keep your email client running quicker, using notifiers to prioritise emails, and sorting emails into folders. It also explains the differences between POP3 and IMAP email, and gives some suggestions for how to access email on the move.
Next the book moves onto avoiding spam, giving lots of information and advice on dealing with spam, how to avoid it, and how to get rid of it if you already receive it. It starts by recommending the installation of the free open source program PopTray, which acts as a mail proxy on your local PC, filtering out spam before it arrives in your inbox. It then moves onto helping you to build filtering rules to allow through the mails you want, and to discard the ones you don’t. Helpfully, it provides screenshots from various email clients on how to do this, not just for Outlook Express.
It then moves onto training a spam filter using the new Bayesian learning technique, where rather than running self-written rules, you simply tell your email client as mails arrive that an item is spam or not. The client should quickly learn and start to automatically filtering correctly.
Dunking also discussing the less successful methods of spam filtering, and where the future might be, such as peer-to-peer spam filtering.
We then move onto the final section of the book, dealing with viruses, trojans, worms and spyware. The book provides a simple explanation of the various types of malicious software you can get on your PC if you're not careful, and then deals with cleaning up and avoiding each one in turn.
It gives an excellent explanation of dealing with each one, such as disabling Microsoft Office macros if you never use them, and installing a hardware firewall to stop worms. It then goes onto recommend some good anti-virus programs. The book then moves onto the spyware side of computer problems, and goes through various sensible Internet Explorer settings, and installing Mozilla Firefox as a replacement browser. Next, it explains the functions of firewalls and the various kinds available.
Chapter 15 is slightly out of place in that it deals with phishing, the practice of setting up fake websites and trying to entice users to enter their username and password, or by sending hoax emails. The chapter itself is excellent, but perhaps it should be nearer the front, especially with the current surge in phishing.
The final chapter is dealing with the aftermath of a malware attack, talking users through the steps of cleaning up an infected PC, and preventing it happening again.
Overall, this is an excellent book for non-technical people, providing them with both a set of tasks to go through to clean up their PC, and also a reference for if they ever have a problem with their PC that they think might be caused by an email they received or webpage they visited. It will never completely replace the phone calls to parents, friends, or neighbours who you know work in computers, but it will definitely help cut down on them.

Cloudmark Recognized With Two Coveted Awards for Outstanding Protection From Messaging Threats

2005-06-10T00:50:00.000-07:00

Since 2001, Cloudmark has been leading the effort to protect consumers, businesses and service providers in the fight against spam and phishing attacks. At the core of Cloudmark's approach is a unique technology which leverages sophisticated technology and millions of experienced end users to identify and shut down new attacks instantly before they spread. This provides what no other vendor can offer -- the ability to continuously protect against threats while automatically adapting in real-time. And by leveraging this trusted data from the world's largest anti-spam and fraud-fighting community, Cloudmark preserves the security and productivity of email and the Internet by enabling its customers to block over 99% of spam and phishing attacks while achieving the industry's lowest false positive rate.
"Cloudmark is honored to have won not one, but two PC World World Class awards," said Gary Iwatani, president and COO of Cloudmark. "These awards are a testament to our unique approach to messaging security as well as our commitment to delivering the most effective, easy-to-use solution for our customers seeking relief from messaging security threats."
Cloudmark SafetyBar is Cloudmark's award-winning desktop toolbar for protection against email-based threats such as spam, phishing and fraud. SafetyBar is easy to install into Microsoft Outlook or Outlook Express email clients, and is the only solution to achieve zero false positives in industry reviews. In addition to email protection, Cloudmark brings safety to navigating the Internet with its Anti-Fraud Toolbar for Internet Explorer. The Cloudmark Anti-Fraud Toolbar warns users of known fraudulent and phishing web sites before the user is exposed to the potential dangers of identity theft or phishing attacks as well as the risks of being infected by Internet-based viruses, spyware and worms. Both products are available via a simple download from http://www.cloudmark.com/products/safetybar/download/ .
Celebrating its 23rd year, the respected World Class Awards honor products that meld practical features with innovation and reflect the rapidly changing technology marketplace. To select the winners, PC World's editors examined hundreds of products, including those that have appeared in the magazine over the past 12 months. The winning products were selected for their exemplary design and usability, features, performance, innovation, and price.
"The ultimate buyers guide, World Class Awards set the standard for excellence in the high-tech and consumer electronics industries," stated Harry McCracken, editor-in-chief of PC World. "From desktop publishers to travel routers to satellite radio and video instant messenger services, the editors reward the finest products and most outstanding performers in this annual award program. Congratulations to Cloudmark."

Spam-blocking technology reaches maturity

2005-06-09T02:23:00.000-07:00

MessageLabs' decision to offer all its customers a spam-blocking service level agreement is a sign that the e-mail security market is approaching maturity, according to analysts.
The company said on Wednesday it would offer an SLA to its customers guaranteeing that 95 percent of their spam would be blocked, with a false positive rate of less than 0.0004 percent.
MessageLabs provides an outsourced e-mail security service that filters all incoming messages before they reach the customer's internal network. The company claims it is the first to offer an SLA that guarantees to capture the majority of spam with a minute false positive rate.
Analysts said that MessageLabs' confidence in its products was a sign that the anti-spam market was finally getting on top of the problem.
Megan Dahlgren, senior analyst for software at International Data Corp (IDC), said although there is a greater volume of spam being sent, the technology used by anti-spam companies is now able to confidently identify unwanted e-mails.
"Catching spam is about identifying a certain class of e-mail. There are lots of different types of fish in the sea but if there was a huge growth of salmon, you would know the right type of net to catch the salmon. Similarly, spam is highly identifiable and easy to catch. It wouldn't be so easy if all the spam out there was different," said Dahlgren.
James Turner, security analyst at Frost & Sullivan, said companies had come to see e-mail as a commodity and so were more likely to pass over responsibility for separating legitimate e-mail messages from spam to a third party.
"For many companies e-mail is a business tool and very much a commodity service -- they are used to it. This is helping streamline that and it is a trend we are going to see a lot more of -- third parties stepping in and helping clean up the Internet. MessageLabs is taking responsibility away from the end user," said Turner.
IDC's Dahlgren said MessageLabs' SLA was more "a confidence and marketing thing than anything else. If you compare product for product they are pretty similar in the amount of spam they collect.
Joe Lombardo, marketing manager for MessageLabs Asia Pacific, said the company had always claimed to provide high levels of spam capture with a low false positive rate, but, following some independent testing last year, the company believed it was in a position to guarantee those levels.
"We have always been above a 90 percent capture rate but what we wanted to do was have an independent verification of it,' said Lombardo, referring to a test carried out by The VeriTest Anti-Spam Benchmark Service in November 2004.
"The testing coincided with us being able to go to market and say this is a level we can now guarantee," said Lombardo, who emphasised that MessageLabs already guaranteed its customers would not be infected by a virus, "We guarantee that firms will not be affected by any virus -- new or existing -- if they are using the MessageLabs service. This is just the next step."
Lombardo said that the spam SLA would apply to both existing and new customers and would not be part of a premium service. However, he was unable to state the amount of compensation that will be offered should the service fall below the agreed level.
"[Compensation] is on an individual basis but there is a credit that is offered on the service. We bill on a monthly basis so dependent on the level service degradation we would compensate on an individual basis," said Lombardo.

BigPond rejects six million spam e-mails a day

2005-06-09T02:19:00.000-07:00

BigPond has moved to boost its anti-spam systems as the Internet service provider revealed its existing network filters were rejecting six million spam or virus-infected e-mails every day. Managing director Justin Milne said in an e-mail to BigPond users last night he had given the go-ahead "to further boost" the filters as spam continued to be a "common problem" for Internet users. A BigPond spokesperson said the upgrade would increase filtering capacity by a further 15 percent. Spam zombies would be targeted and additional content-based spam classifications implemented under the project. Milne said all mail entering or leaving the BigPond network had been filtered since April last year. The managing director also used the e-mail to highlight customer growth and the need to employ sturdy systems to cope with BigPond's data traffic volumes. The provider -- Australia's largest -- is moving about 1.3 trillion kilobytes each month across its network and more than 20 million e-mails every day. Milne added the provider was about to sign up its two-millionth Internet customer "so you can see why we need robust systems to keep things ticking over!" It is believed the carrier is around two weeks away from reaching that milestone. He said improvements in the wings included the already-mooted billing system upgrade which would allow customers to combine all their Internet charges with their Telstra single bill. He said the current pilot was "working well" and full rollout was expected later this year. A new BPay facility for BigPond users was attracting extensive use. Milne also said BigPond had put "a lot of time and effort" into upgrading its cable network through adding capacity and backups, removing old infrastructure and standardising its wired and wireless modems. The provider has also implemented additional self-serve options to its My BigPond section of BigPond.com.

Toshiba to Adopt IIJ's Anti-spam Solution; Ensuring email protection and security with a multi-tiered filtering technology

2005-06-09T02:08:00.000-07:00

Internet Initiative Japan Inc. (IIJ, NASDAQ: IIJI), one of Japan's leading Internet access and comprehensive network solutions providers, today announced that it will provide Toshiba Corporation (Toshiba) with an anti-spam solution.
The anti-spam solution being provided to Toshiba consists of two components: IIJ Edge Filter and IIJ Spam Mail Filter. The IIJ Edge Filter identifies and restricts mass spam mail that is sent to a single server in a short period of time, as well as mail that clearly contains suspicious content. The IIJ Spam Mail Filter determines a spam rating for all incoming mail messages and filters them on that basis. IIJ Edge Filter was implemented in December of last year, while IIJ Spam Mail Filter will be implemented in June of this year.
Every year, mountains of spam are sent to users without their consent, and every year the perpetrators devise more devious and vicious methods to send even more. The problem has become so critical that more than 70% of the mail sent in the U.S. is said to be spam. The problem is becoming more serious in Japan as well, and for businesses in particular, responding to the growing flood of spam mail is a drain on budgets and systems, not to mention a drag on productivity for entire companies.
Toshiba maintains tens of thousands of mail accounts on it's Group network, which makes resolving the spam mail problem a priority. IIJ has worked with Toshiba in the past when it decided to implement IIJ's Web Gateway Service to provide securely managed Web access. With IIJ's advanced Internet technology, the IIJ Web Gateway's record of high performance, and IIJ's pioneering efforts in anti-spam solutions, it was natural choice for Toshiba to enlist IIJ's help again on this project.
After implementing IIJ Edge Filter, Toshiba saw a 30% drop in mail traffic, and this performance is expected to increase once the IIJ Spam Mail Filter is brought on-line.
The IIJ Anti-spam Mail Solution
The IIJ Anti-spam Mail Solution consists of the components described below, and these components create a multi-tiered filtering structure that achieves better filtering rates on spam mail with far fewer false positives, and removes the need to waste money on additional equipment.
IIJ Edge Filter
IIJ's proprietary anti-spam solution uses a three-pronged approach to stop large mass mail transmissions before they reach a customer's system: (1) Mail volume control, which checks the number of messages received in a certain unit of time to determine when large volume mail transmissions are occurring, (2) Access control, which uses IP addresses and sender/receiver information to interrupt or restrict mail from specific sources, and (3) File extension filtering, which interrupts or restricts messages with file attachments that have certain file extensions. This service prevents damage that is caused by large volumes of mail hitting a user's system at once, and improves system availability.
Future developments will make the system compatible with the up and coming sender authentication technology for fighting spam.
IIJ Spam Mail Filter
U.S.-based MX Logic's filtering engine provides the spam filtering features that determine the spam rating of all incoming messages. The spam level is then used to filter out spam. Messages with a high spam rating are put into quarantine automatically on a remote folder where they can be deleted en masse, thus greatly reducing the load on the customer's servers.
E-mail has become an indispensable tool in our daily lives, and IIJ will continue working to develop services that make it easier to use.
About IIJ
Founded in 1992, Internet Initiative Japan Inc. (IIJ, NASDAQ: IIJI) is one of Japan's leading Internet-access and comprehensive network solutions providers. The company has built one of the largest Internet backbone networks in Japan, and between Japan and the United States. IIJ and its group of companies provide total network solutions that mainly cater to high-end corporate customers. The company's services include high-quality systems integration and security services, Internet access, hosting/housing, and content design.
The statements within this release contain forward-looking statements about our future plans that involve risk and uncertainty. These statements may differ materially from actual future events or results. Readers are referred to the documents furnished by Internet Initiative Japan Inc. with the SEC, specifically the most recent reports on Forms 20-F and 6-K, which identify important risk factors that could cause actual results to differ from those contained in the forward-looking statements.

Life After Spam

2005-06-09T01:58:00.000-07:00

Things looked pretty gloomy for e-mail marketing when lawmakers, regulators and Internet service providers took steps several years ago to ban the most abusive practices of spam marketers. Online merchants worried that the anti-spam measures would limit the effectiveness of their e-mail marketing campaigns. Indeed, many retailers found their messages diverted into junk mail boxes simply because they used graphics or coding that triggered a red flag.
Over the same time period, the volume of e-mail messages exploded. EMarketer Inc. estimates e-mail volume in the U.S. will hit 2.1 trillion this year, up from 1.2 trillion in 2001. That increases the chances that customers weary of e-mail inboxes gorged with messages will send the retailer’s e-mail message straight to the trash bin.
More sophistication
But a funny thing happened on the way to e-mail marketing’s funeral: E-mail marketing refused to die. And today, with retailers adopting more sophisticated approaches to e-mail marketing—and possessing a better understanding of how they should use e-mail—e-mail has become a valuable weapon in marketers’ arsenal.
“If you’re in the e-commerce business, you have two things to really drive your sales—search, which is the ability to get somebody to come to your web site for the first time, and e-mail, which gets them to repeat,” says Arthur Sweetser, vice president of professional services and marketing for e-mail marketing company e-Dialog.
Getting to this point in understanding how to use e-mail wasn’t easy. In fact, it required a change of mindset by marketers—one that required sending what the customer wanted and not what the retailer wanted. Today at American Eagle Outfitters, for instance, e-mail messages are tailored to appeal to different customer groups, says David L. Brumback, director of operations at AE Direct. “It’s not about what I want to talk about so much as it is about what the customer wants to hear,” he says. “That requires understanding the data I have about that customer to make what I say more relevant.”
The industry still faces plenty of obstacles, but e-mail still can be an effective marketing tool, even in the post-CAN-Spam world. A recent Jupiter Research survey found that 10% of 2,229 online consumers reported they opened a promotional e-mail and made a purchase online immediately. Additionally, 17% said they opened a promotional e-mail and later made an online purchase as a result.
Everybody’s concerned
But the resistance hasn’t evaporated. The Jupiter Research survey also found that 73% of consumers have deleted promotional e-mails without opening them and 42% unsubscribed to e-mail newsletters in the past 12 months.
In today’s e-mail environment, to run a successful e-mail marketing campaign, online merchants need to build relationships and trust with their customers, experts say. “Everybody is concerned about e-mail—whether or not it’s going to survive because of spam, because of filters, because of all that,” says Reid Carr, president of Red Door Interactive. “But it comes down to basic principles, which is a matter of getting your target to trust you.”
To build trust, merchants need to gather as much information as possible about customers so they can personalize messages. “It’s all about relevancy and how we develop relevancy,” Sweetser says.
That’s the approach that American Eagle takes as its e-mail strategy has become more sophisticated, Brumback says. “When we started doing this five years ago, the vast majority buying online were male,” Brumback says. “Today, the vast majority is female. All of that information that comes with direct marketing changes how you talk to people.”
In fact, appealing specifically to what the customer wants is a key to e-mail marketing success, marketers say. “E-mail is about learning, it’s not a single event,” says David Baker, vice president of e-mail marketing and analytic solutions for agency.com. “The value of e-mail is learning the response patterns of your customers.”
Following the path
Tracking the path of e-mail messages can give Internet retailers deep insight into their customers, Baker says. That information can include which ISP the consumer uses, which links the consumer selected, and which products the customer bought, he says.
One of the best ways to gain access to that customer information is through an opt-in form, in which a consumer signs up to receive information from the merchant. Some e-mail marketers recommend double-opt-ins, a process in which a consumer registers at a retailer’s site and then responds to an e-mail from the retailer asking the customer to verify the opt-in.
“Numbers go up and down in terms of whether people open your e-mail, whether they’re going to act on anything that you send to them, so one factor in all of this is making sure they really want to receive your e-mail,” Carr says. “Companies that do double opt-ins have higher open rates, higher click-through rates and higher deliverability.”
What’s more, if retailers only offer opt-out marketing, they’ll run into problems with spam filters and other anti-spam measures, says Ziv Yaar, director of strategies for Molecular.com. “It’s an opt-in world these days,” he says.
Yaar says the best time for a merchant to get opt-in permission is at the time the customer makes a purchase. “At that point, they’ve made an investment in the product and they’re really a retention customer,” he says.
Another way to forge ties with consumers is through e-mail newsletters, Carr says. “We communicate to our clients to be generous with information rather than sending their prospects a weekly ad for their services,” he says. “They’ve got to think about their targets and what they’re concerned about, then tailor newsletters and e-mails that are going to enrich their lives.”
It’s about brevity
To make it more likely that consumers will open an e-mail, retailers should display their name, rather than their address, in the From field of the e-mail message, says Mike Adams, president and CEO, Arial Software, an e-mail software company. “The number-one way a customer is going to trust you from day one is looking at the From name in the e-mail,” he says. “They recognize that, yes, they ordered something from you, you’re a trusted company.”
The body of the e-mail message also affects whether the consumer acts on the message. “E-mail is about brevity,” Baker says, adding that people make a decision on e-mail in about three seconds. “I can’t tell you exactly what content works and what doesn’t. But if the intent of the message is promotional and you can’t push that impression in three to five seconds, you’re failing.”
A recent Arial survey found that by an eight-to-one ratio, customers preferred a table of contents with a web link to a text message. “They don’t want the e-mail to be full of content, where they have to scroll down,” Adams says. “That finding surprised me because a couple of years ago it was about 50-50.”
Adams attributes the change in attitudes to the heavy volume of e-mail consumers have to contend with. “People have such a short amount of time to spend on each e-mail,” he says. “If it’s not right there in the preview pane, they’re going to trash it.”
What a retailer puts in the subject line of an e-mail also can make a difference. “The subject line is extremely important, and it will continue to be,” Carr says. “Make sure it’s consistent, make sure it’s informative so they know what you’re sending.”
Prominently displaying information about opt-out lists and other CAN-Spam requirements on web sites also can help online merchants win the trust of their customers, Carr says. “When a user sees all this information, sees that you’re making your best effort to protect them, they’re more likely to trust you,” he says. “When they trust you, they’re going to be more open and respond.”
The importance of frequency
Starting off messages with a statement that the customer requested e-mail updates also can increase the effectiveness of the message, Yaar says. “We’ve seen some fairly substantial—high single to low double-digit—increases in click-throughs when you include sentences like ‘you’ve requested that we inform you once a week about the following things.’”
Placing instructions in large print on how to unsubscribe to a newsletter also can make consumers more comfortable with an e-retailer, Yaar says. “You are sending your customer the implicit message that we understand you may not want this information so we’re going to make it easy for you to remove yourself.”
The frequency of e-mail also can make or break a campaign. Carr counsels merchants to send e-mails only once a month or every few weeks, unless they have something really powerful to offer consumers, for example, coupons or a link to a daily news site. Indeed, more frequent mailings could drive consumers away because they will be perceived as junk mail.
Still there are customers who want to get daily e-mail updates, Sweetser says. “There’s a loyal customer base that wants to get their deal of the day,” he says. “That type of frequency is really dependent on the audience.”
For the retailers e-Dialog works with, customers select the frequency via a permission-based pop-up box on a weekly or monthly newsletter, Sweetser says.
Once retailers establish a relationship with customers via e-mail, they still face another challenge: getting through the spam filters of ISPs. Getting past those barriers is a combination of science and art, Sweetser says. E-Dialog does spam reviews of clients’ e-mail campaigns to head off problems. “Content with the word ‘free’ capitalized and bolded twelve times is just screaming to be filtered and put into bulk mail,” he says.
e-Dialog , like other e-mail marketers, has mailboxes with the major ISPs and checks them daily to see whether clients’ e-mails were delivered, he adds.
Despite all the obstacles, e-mail marketing will continue to be an important tool for online retailers, observers say. For one thing, it’s cheaper than other types of advertising—about a penny per name compared with 50 cents to $1 per piece of direct mail or catalogs.
It also gives online retailers the ability to change messages on short notice, as opposed to print and other ad campaigns where changes take weeks or even months.
Strategy focus
It appears that more online retailers are beginning to take the advice of e-mail marketers, Sweetser says. “Clients are more strategy focused,” he says. “It’s not about just getting it out the door, but who are we sending it to, what are we trying to learn, what deeper insight are we trying to get, and then applying that.”
As for now, online retailer’s heavy reliance on e-mail marketing continues.
In fact, e-mail marketing has the most value as a retention tool, Yaar says. The use of e-mail to acquire customers is losing effectiveness—as much as a 20% to 30% drop—as search engine optimization increases, Yaar says. “But as a retention tool, e-mail is still very, very powerful, because it can draw customers back to sites,” he says.

As spam filters improve, attention shifts to containment

2005-06-09T01:45:00.000-07:00

There’s a new strategy in the spam battle: Call it containment.Filters for blocking junk e-mail from inboxes have improved to the point that doing much more will needlessly kill legitimate e-mail, said Carl Hutzler, America Online Inc.’s anti-spam coordinator. So e-mail gatekeepers are shifting gears.Now they’re getting more aggressive at keeping spam from leaving their systems in the first place.EarthLink Inc., for instance, is phasing in a requirement that customers’ mail programs submit passwords before it will send out their e-mail.Like most Internet providers, EarthLink previously made sure only that a computer was associated with a legitimate account. Now that viruses can co-opt computers and use them to send spam, that’s no longer secure enough.So Earthlink sent out new software, made automated tools available for download and walked customers through manually changing their mail settings when they called tech support for other reasons. A year into the initiative, EarthLink has 80 percent of its customers converted.“Any action can be a little daunting when you’re trying to migrate millions of people,” said Stephen Currie, EarthLink’s director of communications products.It also costs time and money — not insignificant considering that direct benefits don’t necessarily go to EarthLink but to its competitors, whose customers might otherwise receive more spam.But more than altruism was involved.“If there’s a lot of spam or abusive mail coming from a particular network, in the future you’re going to see that e-mail having low rates of deliverability,” Currie said.In other words, other Internet service providers, or ISPs, might start blocking EarthLink e-mail if it doesn’t adopt the outbound controls.The pressure to improve outbound controls comes as viruses infect more and more home computers and convert them into spam-relayng “zombies.”These zombies allow spammers to pose as legitimate customers and get around blocks that Internet providers might have had in place.Although antispam advocates say Internet providers can do more to stop spammers from signing up for accounts — sometimes fraudulently, but too often because they mean revenues and sales commissions — Hutzler blames zombies for 90 percent of the spam problem.Traditional spam controls, the inbound filters, don’t work as well with zombies because they can block mail from legitimate customers, too. Outbound controls can target specific zombies.“The best place to stop spam is before it’s sent,” said John Reid, a volunteer with The Spamhaus Project anti-spam group. “If you can keep it in the bag, bottled up, that’s where it’s the least expensive.”Outbound controls aren’t entirely new.For years, anti-spam advocates have been pressuring Internet providers to configure mail servers so spammers can’t use them to relay junk e-mail. The leading vendor of mail server software, Sendmail Inc., closed such relays by default in 1998, and most ISPs now have the newer software.EarthLink and AOL also have long implemented a technique that forces customers to route e-mail through the providers’ own mail servers, instead of sending messages directly to the Internet.Other ISPs are starting to adopt it as well, giving them the ability to monitor outgoing mail, trace any problems to specific accounts and even block or place speed limits on e-mail that exceeds some hourly or daily threshold.ISPs can also run the spam and virus filters on outbound mail.And when users of Microsoft Corp.’s Hotmail try to send a large number of messages, they are prompted to type in random letters displayed on the screen. Presumably, spammers with automated tools wouldn’t be able to do it.If all ISPs were to implement outbound controls, spam wouldn’t be such a headache.But outbound measures are often difficult to justify because they don’t directly pare down the junk in customers’ inboxes as inbound filters do, said Anne Mitchell, who runs the Institute for Spam and Internet Public Policy, an antispam consultancy.Mitchell said ISPs are businesses and “have to look at the bottom line and their profitability.”Besides implementation costs, outbound measures can hurt legitimate customers.Businesses and some individuals might have a legitimate need to access third-party mail servers, and being forced to go through their providers’ systems might cause their e-mail to be mistakenly tagged as spam by the recipient.Anytime ISPs make changes, they will invariably discover a few customers who use their service in an unanticipated, but legitimate manner, said John Levine, co-author of “Fighting Spam for Dummies.”Martin Deen, manager of messaging engineering at Cox Communications Inc., likens outbound measures to vaccination. They may be good for the overall health of the Internet if all ISPs do it, Deen said, but individual ISPs take a personal risk.ISPs sometimes grant exceptions for businesses and power users.AOL has a few thousand customers, out of more than 28 million, who are exempt from caps on multiple mails.Desert Express Internet Services, a small ISP serving California and Nevada, waived its restrictions for one of its business customers — but only if it agreed in writing to run spam filters on outgoing mail and meet other requirements.Ultimately, ISPs may require customers with special needs to buy a premium service.“We don’t do that, (but) that would be a possibility certainly,” EarthLink’s Currie said. “EarthLink and other ISPs are just going to define their services, and certain things will be permitted and certain won’t.”

Telewest email blocked by spam filters

2005-06-09T01:41:00.000-07:00

Cable operator Telewest has had the email addresses of its one million or so Internet customers blacklisted by the anti-spam organisation the Spam Prevention Early Warning System. The organisation says that it has taken the decision to blacklist all of Telewest's Blueyonder customers because so many of them have been hijacked and used as spam servers.
As spam filters have become more sophisticated and their own email servers have been blocked by spam filters, the spammers have turned to other methods to get their messages across. Increasingly this has meant that spammers have turned to the methods used by virus writers to hijack machines with malicious code.
Often hundreds or thousands of machines are recruited into these armies of 'bots' which can be used to generate thousands of email messages. A recent survey says that up to a million PCs have been compromised in this way. Machines are often compromised by a lack of a firewall and antivirus software designed to prevent intrusions.
Spam filters have no way of checking whether these thousands of machines are all legitimate or not. Hence, Spew has used the rather blunt weapon of blocking all of Telewest's email traffic. As a consequence, the move is likely to severely restrict the mail sent out by Telewest's customers.
The SPEW system, used by a range of ISPs and spam filters, checks the sender field of each email. If it comes from an email address known to be sending spam, it is simply blocked.
In a statement, Telewest said 'We are aware of the increase in e-mail volumes due to customers' PCs which have been infected by worms and viruses . We are currently contacting affected customers to help them clean their PCs which, as you can imagine, is a time-consuming task'
The decision is likely to prove an embarrassment to Telewest. After several years of financial woes, the company is finally moving towards its long anticipated merger with rival NTL. What it does not need is customers deserting its broadband service because their mail is bouncing.

Ipswitch announces breakthrough hand-tuned anti-spam protection in Ipswitch Collaboration Suite 2.0

2005-06-09T01:34:00.000-07:00

Ipswitch, Inc, the leading developer of messaging, network management and file transfer solutions for small to medium businesses (SMBs), announces the release of Ipswitch Collaboration Suite (ICS) 2.0. New anti-spam technology, available in ICS Premium and ISP editions, features spam profiles handcrafted by human editors to thwart the latest efforts in spam attacks.
"We have incorporated sophisticated anti-spam technology into Ipswitch Collaboration Suite 2.0 that is so easy to use, the only configuration administrators must perform is to turn on the protection," said Alex Neihaus, Ipswitch vice-president of marketing.
"By combining the best of automated spam catching methods with hand review by multilingual human editors, we are restoring the reliability of messaging infrastructures. Collaboration is a cornerstone of doing business and companies cannot do enough to protect this vital part of their business communications."
More than 60 million people worldwide use Ipswitch messaging products to communicate over the Internet. Ipswitch Collaboration Suite is based upon IMail Server, a proven, scalable messaging server ideal for companies with tens to thousands of workers. ICS also includes secure instant messaging, server-based shared calendaring capabilities and free/busy functionality for Microsoft Outlook users, as well as anti-spam and anti-virus protection. ICS Premium edition users are protected by Symantec carrier-class anti-virus technology, which combines automatic, non-disruptive updates with advanced customisation capabilities to allow administrators fine control of their anti-virus defences.
Users of ICS Standard edition receive anti-virus technology using the BitDefender scanning engine.
ICS Premium Anti-Spam is powered by Mail-Filters.com's Star Engine on the ICS server, which receives dynamic Bullet Signature Database updates from Mail-Filters. Bullet Signatures are continuously created and updated at Mail-Filters' data centre via automated means and with a final review in over 30 languages by human editors.
Every five minutes, ICS 2.0 Premium Anti-Spam checks for new Bullet Signatures, which are then used by the Star Engine to catch incoming spam. The Star Engine component of ICS identifies spammer tricks by spotting suspicious misspellings, phishing attacks and other unique spam-identifying characteristics. ICS Premium Anti-Spam is tuned to look for very specific tricks and ignores general factors that can generate false positives. This sophisticated processing results in superior throughput at the ICS server, maximum catch rates and extraordinarily low false-positives. More impressively, administrators need only check one check box on the ICS server to effectively protect their messaging infrastructure from spam attacks and restore confidence in the delivery of business-critical e-mail.

Spam can be managed

2005-06-09T01:26:00.000-07:00

Stalker Software Lines Up CommuniGate Pro Updates

2005-06-07T01:10:00.000-07:00

Companies looking for less expensive alternatives to Microsoft Exchange and IBM Domino may want to check out Stalker Software's CommuniGate Pro. Last month, the company rolled out version 4.3 of the product, which brings new encryption and collaboration capabilities. In about a month, Stalker hopes to release the beta of version 5.0, which will bring additional voice over IP (VoIP) and "rich media" conferencing capabilities.

Stalker's CommuniGate Pro covers all the bases when it comes to messaging and groupware, and offers some cutting-edge functionality, too. The software supports the basic SMTP, POP3, and IMAP e-mail standards, features a MAPI connector (for using the CommuniGate Pro server in conjunction with Microsoft Outlook clients), works with an array of major anti-spam and anti-virus products, and runs on more operating systems than you care to shake a stick at, including Windows Server 2003.
Beyond e-mail, Stalker offers add-ons for turning CommuniGate Pro into a groupware server, enabling users to share contact information and collaborate on their calendars. Stalker also sells software that turns CommuniGate Pro into a hub for voice, video, and instant messaging, via the session initiation protocol (SIP). Connecting SIP-enabled devices, such as VoIP phones and PDAs, is an area where Stalker is dedicating a lot of its development energy for version 5.0.
CommuniGate Pro version 4.3, which became available in early May, also includes new SIP features. The release included a new Presence Server component that enables it to communicate with multiple SIP clients, and resolves a common problem that occurs when a single user has more than one SIP device, such as desktop phone and a soft client on his PC.
Having multiple SIP-enabled devices can lead to conflicts when they try to announce their user's presence simultaneously. Stalker says it has addressed the issue by basing its presence functionality on two standards: SIMPLE, which is short for SIP for Instant Messaging, and XCAP (or XML Configuration Access Protocol) standards. Together these protocols will help CommuniGate Pro maintain server-based information about SIP user agents, Stalker says.
CommuniGate Pro version 4.3 also makes it easier for users to encrypt their e-mail, while still complying with "key escrow" laws that require some businesses, government organizations, and hosting companies to enable encrypted e-mail to be intercepted by law-enforcement organizations. The new software lets users encrypt some or all of their e-mail, while designating an escrow key holder that will have access to the encrypted email.
The new encryption capability was implemented through a standard S/MIME public key infrastructure (PKI), and works with Stalker's Web client interface, with Outlook using the CommuniGate Pro MAPI client, and other e-mail clients, including Microsoft's Outlook Express, Entourage and Mozilla Thunderbird.
Originally slated for availability in early March, CommuniGate Pro 4.3 was delayed, and became available in early May. CommuniGate Pro version 5.0, which Stalker originally planned to ship in the early spring, has also been delayed, and now the beta of that product should become available towards the end of June or the beginning of July.

MedReview Selects Tumbleweed to Protect Highly Sensitive Emails; MailGate Email Firewall and Secure Messenger Provide Outbound Email Encryption and Bl

2005-06-07T01:02:00.000-07:00

Tumbleweed(R) Communications Corp. (Nasdaq:TMWD), a leading provider of email and file transfer security solutions, announced today that MedReview Inc., a leader in medical reviews and programs for prospective, concurrent and retrospective monitoring, has implemented the Tumbleweed MailGate Email Firewall(TM) and Secure Messenger(TM) products to protect critical information, meet regulatory compliance requirements, and significantly reduce IT costs.
MedReview, a subsidiary of the New York County Health Services Review Organization (NYCHSRO) which was established in 1974 as one of the first physicians' peer review organizations in the United States, provides its clients with guaranteed cost-effective case management and utilization analysis approaches that can assist them in developing or negotiating more cost-efficient benefit plan strategies. As businesses like MedReview aggressively expand the use of email to help streamline communications and cut costs, the privacy and security of personal and confidential information shared via email is a top concern. This concern, combined with regulations like the Health Insurance Portability and Accountability Act (HIPPA) and Sarbanes-Oxley, imposes email security and management requirements which most email systems don't meet.
To address regulatory issues and ensure client privacy, MedReview implemented the Tumbleweed's MailGate Email Firewall and Secure Messenger solutions to protect, filter and secure email traffic throughout the organization's communications network. MailGate Email Firewall supports and protects more than 300 email users and scans over 1 million messages a month, blocking spam and viruses before they reach the email server.
"HIPAA was a real challenge, but with Tumbleweed there was no need for additional training. Tumbleweed integrates seamlessly with Microsoft Outlook, so people just sent their emails," said Vlad Safyanovskiy, senior technology officer of MedReview.
MailGate Secure Messenger also meets high security requirements by encrypting the more than 2,500 outgoing messages per month to address PHI-related concerns. MedReview now relies on Tumbleweed to inspect every incoming and outgoing email communication to detect and disinfect potentially damaging messages. As an added benefit, the Tumbleweed solutions also protect MedReview against worms, Trojan horses and other malicious threats in all major file types, including mobile code and compressed file formats.
"We understand that the benefits of fully utilizing email within the healthcare industry carry significant risks if the traffic is not properly secured and managed. We've optimized our MailGate solutions for highly confidential, mission-critical applications to ensure that our customers meet both regulatory requirements and their user's expectations," said Joe Fisher, VP of Marketing, Tumbleweed Communications. "As a leader in the healthcare industry, MedReview turned to the leader in email security to provide them with the most reliable, customizable and cost-effective email solution to address not only security but also compliance related issues."
About Tumbleweed MailGate Email Firewall
Tumbleweed MailGate Email Firewall has been recognized as having the best email security product functionality by META Group, and was rated the #1 enterprise software solution for fighting spam, according to Network World (http://www.nwfusion.com/reviews/2003/0915spam.html). Tumbleweed MailGate Email Firewall protects, filters and secures email traffic at the Internet gateway with an integrated set of anti-spam, anti-virus, anti-hacker, content filtering, email relay and encrypted messaging capabilities -- minimizing email communications risks and reducing email management costs. Tumbleweed MailGate Email Firewall is used by more than 650 of the world's largest, most demanding messaging infrastructures, and is available in both appliance and software editions.
About Tumbleweed's Secure Messenger
MailGate Secure Messenger(TM), now in its sixth generation, is the leading software solution for securing email communications. Currently deployed at some of the most demanding enterprises in the Global 2000, MailGate Secure Messenger enables organizations to meet their own unique security needs -- from compliance with government privacy regulations in Healthcare (HIPAA) and Financial Services (GLBA) to enforcement of corporate policies (SOX) and protection of intellectual property.
Secure Messenger works with the MailGate Email Firewall to inspect all outbound email at the network gateway. Based on policies that your organization defines, it automatically identifies violations based on the content of the email, and redirects suspect messages to a secure, encrypted channel for further action. This perimeter-based design ensures that all users comply with enterprise privacy and security policies all the time -- without the need to install software on every desktop.
About MedReview Inc.
MedReview is a subsidiary of New York County Health Services Review Organization (NYCHSRO), which was established in 1974 in New York State as one of the first physicians' peer review organizations in the United States. The company's goals were then, and continue to be, improvements in the quality, appropriateness, and cost-effectiveness of health care services.
About Tumbleweed Communications Corp.
Tumbleweed provides security solutions for email protection, file transfers, and identity validation that allow organizations to safely conduct business over the Internet. Tumbleweed offers these solutions in three comprehensive product suites: MailGate, SecureTransport, and Validation Authority. MailGate provides protection against spam, viruses, and attacks, and enables policy-based message filtering, encryption, and routing. SecureTransport enables business to safely exchange large files and transactions without proprietary software. The Validation Authority is the world-leading solution for determining the validity of digital certificates. Tumbleweed's enterprise and government customers include ABN Amro, Bank of America Securities, Catholic Healthcare West, JP Morgan Chase & Co., The Regence Group (Blue Cross/Blue Shield), St. Luke's Episcopal Healthcare System, the US Food and Drug Administration, the US Department of Defense, and all four branches of the US Armed Forces. Tumbleweed was founded in 1993 and is headquartered in Redwood City, Calif. For additional information about Tumbleweed go to www.tumbleweed.com or call 650-216-2000.
Safe Harbor Statement
Tumbleweed cautions that forward-looking statements contained in this press release are based on plans and expectations as of the date of the press release, and that a number of factors could cause the actual results to differ materially from the guidance given at this time. These factors are described in the Safe Harbor statement below.
Except for the historical information contained herein, the matters discussed in this press release may constitute forward-looking statements that involve risks and uncertainties that could cause actual results to differ materially from those projected, particularly with respect to Tumbleweed products and Tumbleweed's Healthcare business. In some cases, forward-looking statements can be identified by terminology such as "may," "will," "should," "potential," "continue," "expects," "anticipates," "intends," "plans," "believes," "estimates," and similar expressions. For further cautions about the risks of investing in Tumbleweed, we refer you to the documents Tumbleweed files from time to time with the Securities and Exchange Commission, particularly Tumbleweed's Form 10-K filed March 16, 2005 and Form 10-Q filed May 10, 2005.
Tumbleweed assumes no obligation to update information contained in this press release, which represents the Company's expectations only as of the date of this release and should not be viewed as a statement about the Company's expectations after such date. Although this release may remain available on the Company's website or elsewhere, its continued availability does not indicate that the Company is reaffirming or confirming any of the information contained herein.

Spam can be managed, to a point

2005-06-07T00:59:00.000-07:00

It starts taking its toll long before it lands in your inbox. First, spammers employ spyware and viruses to hijack home and office computers for use as unwitting relays for junk e-mail. Then your Internet provider must spend time and money running filters, lest its computers be swamped.
The junk e-mail that inevitably leaks through wastes your time and bandwidth as you wait for each message to download. Almost all of it insults your intelligence and good sense; spam assumes we're drug-addicted, money-grubbing, porn-addled fools ready to click on any stupid offer.
And the single worst thing about spam? Enough recipients do click on those stupid offers to keep spammers in business.
Nobody has found a technological fix for spam. The Internet's design puts a priority on the free flow of data. Internet providers, too many of which still whore themselves out to spammers, and spammers' own cockroach-like tenacity all but ensure there won't be.
Because the Internet spans the world, laws aren't likely to solve this problem either, although I am always delighted to see spammers being litigated into poverty, fined into bankruptcy or imprisoned until senility sets in.
Spam can, however, be managed. You can make your e-mail address a smaller target for spammers, and you can shunt aside a healthy chunk of the spam that does find you.
If you can keep your address off spammers' lists, you will get little or no junk e-mail. So never post your e-mail address on any public spot on the Web, and be choosy about giving it to strangers or companies.
Instead, create a second, throwaway account at any of the free Web-mail services, such as Yahoo Mail, Hotmail or Gmail, and use that for online commerce. Most Web sites won't share your address with the world - but a few might, so why chance it?
This method will not, however, defeat a dictionary attack, in which spammers send messages to randomly chosen names at popular Internet providers. Having an address with an unusual spelling or at a lesser-known provider can reduce vulnerability.
When spam arrives, never respond to it. And make sure your mail software isn't doing that for you: If it displays a picture in a spam message, it often does so by downloading the image from the spammer's Web site, which tells the sender you just read the spam.
Current releases of the major mail programs - Microsoft's Outlook Express and Outlook, Apple's Mail, Qualcomm's Eudora and Mozilla's Thunderbird - won't display pictures in mail from strangers. But older versions will, so upgrade now.
You can try forwarding your spam to the authorities: Send a copy to the Federal Trade Commission at spam(at)uce.gov, or via the link at www.ftc.gov/spam. Forwarding another to the "abuse" address of the Internet provider that relayed the message (abuse(at)aol.com, for example) is also smart. But to do that right, you'll need to use your mail program's "show full headers" option, which is often hidden.
You'd think that writing a program to delete spam would be easy, since even an Internet beginner can tell spam from real mail. But that hasn't happened - yet another way in which the computer can't match the human brain.
Your Internet provider's spam filtering will usually sweep the worst offenders out of sight, but some adopt an excessively strict policy that wrongly tags innocent e-mails as spam. Last winter, for example, Verizon's filtering suddenly began flushing away many legitimate e-mails sent from parts of Europe and Asia.
If you use your own mail program instead of a Web interface such as Hotmail or Yahoo, you can run your own spam filters. The best learn from your use, watching what mail you label as spam and adjusting their screening to match. Mozilla Thunderbird (www.mozilla.org) and Apple's Mail, both free, include this type of filter, as does the $50 edition of Qualcomm's Eudora (www.eudora.com).
Microsoft's Outlook 2003, by contrast, has a non-learning spam filter, while its free Outlook Express includes no spam block.
You can add a learning filter to either program with various add-ons; some, such as POPFile (popfile.sourceforge.net) and SpamPal (www.spampal.org), are free but may require tricky configuration; others, such as SpamBully (www.spambully.com) cost money.
A more stringent defense, "challenge-response" filtering, requires would-be correspondents to pass a simple test online that a bulk mailer can't or won't bother to complete - usually, visiting a Web page and typing in letters shown in an image. Some Internet providers - notably, EarthLink — and such add-on software as ChoiceMail (www.digiportal.com) and SpamArrest (www.spamarrest.com) offer it.
But although these systems wave through mail from people in your address book, other legitimate senders must perform extra work. Challenge-response has not been widely adopted.
All of these techniques can only treat spam. A cure will have to be economic: When no money can be made from spam, nobody will send it. Filters, lawsuits and fines can raise the costs of sending junk e-mail, but there's still money to be made by defrauding the gullible.

Program allows spam removal from Webmail

2005-06-06T01:48:00.000-07:00

Program allows spam removal from Webmail By Taylour BurtonSummer Reporter
If spam is in your Purdue Webmail inbox, you can fix that problem.
The Purdue Webmail server can receive around one million spam messages in a day.
But the PureMessage system filters out most of them.
Students are automatically put on the spam filter system, said Jade Cloud, ITaP technical writer.
"(The program) learns how to filter as more spam goes through it," Cloud said.
The Purdue students who were questioned about spam mail said that they hardly receive spam messages.
However, it is still possible to receive spam.
Purdue students can go to Purdue's online directory and look up their own contact information.
After clicking the edit button, they can go to a spam-scanning link that will allow them to turn on the spam filter for their account.
If the spam filter is already on and there is still spam mail in an inbox, Cloud suggests using Microsoft Outlook 2003 because it has a junk-mail holder, or a program called Spam Assassin.
Despite legislative acts to fight it, the amount of spam has grown in the past few years.
According to Postini.com, the amount of spam mail has increased 65 percent since January 2002.
The Can-Spam Act of 2003 required unsolicited commercial e-mail messages to have labels and prevented the use of deceptive subject lines or false headers.
According to Cloud, the PureMessage system filters out labels containing the words "new products," "free" or "you have been approved."
Sometimes the system filters out messages that aren't spam.
Every few weeks a student will get an e-mail titled "Quarantined Spam Messages." This e-mail has a list of all the messages that were filtered.
Cloud said students might want to check that list to make sure nothing important was filtered out.

Spamming Outside the Box

2005-06-06T01:36:00.000-07:00

Recently a publicist offered me a nice little scoop involving two of her clients, who planned to post a list of 10 U.S. advertisers that have been flouting the Can-Spam Act of 2003 by ignoring consumers' demands to unsubscribe. Instead of cutting down on spam, attempted delisting just generated more mounds of e-mail. Would I be interested?
Sure, I said. I hate spam as much as the next guy -- provided the next guy thinks spammers should be forced to visit every single person they have bombarded with junk e-mail and manually delete each ad. I also knew just how murky a world spam is, and how difficult it is to police, since nothing and no one is what it seems to be. After all, on the internet, just about everyone wears a mask, especially shameless hawkers trying to cram your inbox with come-ons for penile enhancements and lower mortgage rates.
First, the law: In addition to banning false or misleading advertisements (like putting fake messages in subject boxes to get around spam filters), the Controlling the Assault of Non-Solicited Pornography and Marketing Act gives marketers 10 days to stop sending e-mail after a consumer opts out, with each violation subject to a fine of up to $11,000. It also puts the onus on the advertisers to make sure their ads are in compliance, since they are the ones who ultimately benefit from online marketing.
But with many spammers concealing their identities, the Federal Trade Commission has had a rough time enforcing the Can-Spam Act (prompting cynics to dub it the U-Can-Spam Act). Not only that, but many of the ads for modern American staples like porn, pills, casinos and software don't even originate from the Pfizers and Microsofts of the world. They come from offshore front companies peddling ostensibly pirated goods, online gambling sites based in the Caribbean or hard-to-police affiliate marketers who follow their own rules.
With the government sitting on the sidelines, individuals have begun to take action. For example, Hypertouch, a small, California-based internet service provider, filed an $11.7 million lawsuit against Kraft in April for spamming 8,500 unwanted Gevalia coffee ads at its customers, citing violations of federal and state antispam statutes. A month earlier Hypertouch hit BobVila.com with a similar suit.
And that's where Joshua Baer and Brandon Phillips, the ones who created the list of "Top Ten U.S. Unsubscribe Violators," come in. (The list was recently posted, so as to coincide with the publication of this column.) Baer, CEO of UnsubCentral, which helps companies manage e-mail opt-out lists, and Phillips, president of LashBack, which sells a toolbar that can be added to Microsoft Outlook or Outlook Express that automatically unsubscribes the user from unwanted junk e-mail, say they did it because spam causes headaches for their customers.

CA releases latest version of its anti-spam solution

2005-06-06T01:33:00.000-07:00

According to recent research, it is estimated that 40% of e-mail is unsolicited, unwanted spam while two-thirds of this is either false or violates the law. In light of this, Computer Associates Africa has released the latest version of eTrust Anti-Spam solution, r2.1.
eTrust Anti-Spam is an effective and easy-to-use spam filter that ensures companies and individual users only receive messages from people they know while redirecting unknown messages.
Indeed, the solution blocks 100% of all spam while at the same time protecting multiple e-mail accounts. It also integrates seamlessly with Microsoft Outlook (2000, 2002 and 2003) or Microsoft Outlook Express 5.5/6.0 and later.
"Spam is undoubtedly one of the most pervasive problems faced by global and local companies today which is why deploying an anti-spam solution is no longer a luxury but a necessity," comments Karel Rode, business technologist, security management at Computer Associates Africa.
CA's eTrust Anti-Spam r2.1 also offers spoof-proof fraud protection as well as international language support. Combined with CA EZ Armor (Antivirus and a Personal Firewall) as well as CA PestPatrol personal edition, CA is the first company to market with a complete personal protection suite, providing active protection against malware, remote access Trojans, spyware, adware, keystroke loggers.