Tuesday, October 23, 2007

Free Challenge Response Software Overview

The Free Challenge Response based Anti SPAM software available at www.SpamResearchCenter.com is extremely easy to install and configure. The software basically acts as a local POP3 server that retrieves your email from your service provider (e.g. Comcast, COX etc.), processes the email and makes available the "clean" emails for delivery to your local email client (e.g. Outlook Express). You simply configure your email client to go to 127.0.0.1 (localhost) instead of your email provider.

ISP email -> Local POP3 (Challenge/Response) -> Local Email Client (Outlook Express)

Monday, October 15, 2007

Sender Address Verification (SAV)

We've discussed how to stop SPAM just before it gets to your INBOX by sending a challenge to the sender's email address. However, there is an event that, depending on your anti-SPAM software, can occur at the very moment the email message reaches your mailserver. This SPAM fighting mechanism is called Sender Address Verification (SAV).

Sender Address Verification is the relatively simple process of probing each mailserver, MX record, listed for a given sender's email address. The probe basically asks the mailservers whether or not the given sender's email address is actually handled by that server. This probe is performed until one of the mailservers gives a definite positive or negative reply.

In general, here's how the probe works. Let's say your mailserver (SMTP) receives an email that indicates that it's from "somebody@abcdomain.com". In trying to deliver the email to you, the remote mailserver connects to your local mailserver and issues a "MAIL FROM: somebody@abcdomain.com" command. However, if you have Sender Address Verification enabled, your mailserver doesn't just trust and take for delivery the email. Instead, it uses the domain portion of the originating email address (i.e. abcdomain.com) and queries the Domain Naming Service (DNS) about the Mail Exchange (MX) records for that domain. The DNS query would return something like the following:

10 mail.abcdomain.com
20 mail2.abcdomain.com

The Sender Address Verification would start by connecting to the first MX server (i.e. mail.abcdomain.com) using Simple Mail Transport Protocol (SMTP). It would then go through the steps of trying to send an email to the originating address (i.e. somebody@abcdomain.com). This "conversation" with the remote mailserver is the "probe" mentioned earlier. If the remote mailserver accepts the recipient address as valid for receiving emails, your local mailserver accepts the original email for delivery. Conversely, if the remote mailserver rejects the recipient address, your mailserver simply discards the email. This probe continues through the list of servers listed in the MX records until either a positive or negative response is received.

So, Sender Address Verification (SAV) stops SPAM at the mailserver level and, in turn, reduces the number of emails that have to be handled at the anti-SPAM Challenge/Response level.

Monday, October 1, 2007

AntiSpam - Filters vs. Challenge Response

Here is a quick comparison of the Filter (Rule Based) and Challenge Response AntiSPAM methods.