Introductions - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

Introductions

Description:

Don't provide your e-mail address without knowing how it will be used (e.g. ... a fake email address, or, use a free email address available from Hotmail or ... – PowerPoint PPT presentation

Number of Views:53
Avg rating:3.0/5.0
Slides: 18
Provided by: dave64
Category:

less

Transcript and Presenter's Notes

Title: Introductions


1
Introductions
  • Kika Barr barr_at_wiscnet.net
  • Craig Stephenson craig.stephenson_at_wiscnet.net
  • Resources
  • Whiteline (printed copy the FTC web site)
  • Slides will also be available at the FTC web site
  • Yall

2
Spam
  • Title of this session is Spam How to
    eliminate / reduce
  • Who thinks its possible to completely eliminate
    spam?
  • Assuming its possible, what are the likely
    trade-offs for completely eliminating spam?

3
Possible costs of eliminating spam
  • Slow message delivery and queuing
  • High processor utilization on mail server
  • A more fragile mail system (more points of
    failure)
  • Additional licensing fees
  • Possible loss of legitimate email
  • More staff time

4
Yikes!
  • Spam is on everyones mind, and everyone is
    proposing their own solution
  • States new Virginia law
  • WSJ opinion, Sunday, May 4
  • Pending Federal legislation
  • Many technical approaches
  • Recently the Federal Trade Commission (FTC)
    finished a three day summit on spam.

5
Yikes!
  • FTC Commissioner Orson Swindle said No single
    law, no single new technology, no new initiative,
    no new meetings are going to solve this problem
    alone.
  • ?spam is an issue that needs to be attacked from
    many different angles.

6
What is spam?
  • What is spam to you?
  • What is spam to your users?
  • What is spam to your family and friends?
  • U.S. Supreme Court Justice Potter Stewart in 1964
    said of obscenity I know it when I see it.

7
Why is spam such an issue?
  • Landscape enablers of spam
  • Spam makes people money
  • E-mail works too well (standard based)
  • E-mail crosses political boundaries /
    jurisdictions
  • Ease of obtaining email addresses
  • Ease of obtaining open mail relay to send
  • (Jaron Lanier) paraphrase There is no program
    that can exercise judgement.

8
Legislative / Regulatory fixes
  • No real regulatory or legislative fixes yet
  • Once they are passed, expect them to languish in
    court for a decent period of time

9
Technical Fixes
  • Keyword searches
  • Black lists
  • White lists
  • Hashes / signatures
  • Heuristics
  • Reverse dns lookups
  • Header analysis
  • Bayesian filtering
  • Image scanning

10
What to do?
  • Once weve identified spam, what do we do with
    it?
  • Bit bucket
  • Bounce back
  • Junk folder
  • Tag and let user client move to junk folder

11
Role of the user
  • 1.      Never reply-to spam, that will only
    confirm to the spammer that the responders
    e-mail address is valid
  • 2.      Dont trust the opt-out or unsubscribe
    features included in spam messages, because
    usually these are invalid
  • 3.      Dont post your e-mail address on
    websites, newsgroups, discussion groups, etc
  • 4.      Dont provide your e-mail address without
    knowing how it will be used (e.g. online
    registration to access online resourceconsider
    using a fake email address, or, use a free email
    address available from Hotmail or Yahoo, which
    you can use specifically for that purpose)
  • 5.      Dont participate in Internet chain
    e-mails, since these are often used to harvest
    e-mail addresses
  • 6.      Dont use your mail clients preview pane
  • 7.      If you receive spam in your inbox,
    forward it to uce_at_ftc.gov (with all the mail
    headers intact)

12
WiscNet and Spam
  • What does WiscNet do about SPAM
  • Contribution to banning SPAM
  • Acting on complaints to the abuse list
  • Following up on open relay/proxy issues with tech
    reps
  • Creation of internal processes for Technical
    Support to handle complaints more efficiently

13
WiscNet and Spam
  • User education
  • http//my.wiscnet.net
  • FAQs on SPAM, Open Proxy and Open Relay
  • Tips on how to identify a server with Open
    Proxy/Relay

14
Case Study
15
Case Study
  • Approximately 300 users
  • Two week implementation time
  • 5,000-6,000 messages / day
  • Catching approximately 800 pieces spam / day

16
Case Study
  • Quarantining the spam (i.e. not delivering to
    addressee, holding in an administratively
    accessible holding area). The user does not know
    they received the spam, no feedback possible
    better be very sure of no false positives.
  • In this situation some important email files were
    quarantined. This behavior will be updated
    shortly.
  • Sophos mail monitor does not work well managing
    incoming mail, but appears to work well from
    behind Vipuls Razor and procmail.
  • Roughly 10 of the email accounts receive
    approximately 90 of the total spam volume
    detected.
  • Wednesday is the day that consistently sees the
    highest volume of spam messages caught.

17
What do you need?
  • Ineed_at_wiscnet.net
Write a Comment
User Comments (0)
About PowerShow.com