Unwanted e-mail is more than a nuisance: apart from the irritation, offence and time-wasting it causes, it can be a vector for viruses and Trojans. Nor is it sufficient to worry only about messages with attachments: thanks to the "features" built in to just about all e-mail clients in general use, it`s not just attachments that can spell trouble.
Your e-mail software and operating system will smoothly and dangerously cooperate to allow html-formatted messages to open connections to the outside world, execute scripts, and possibly export information unbeknown to you.
We can rail all we like against such design decisions, and deplore the ignorance and gullibility of users, but the facts are that the software is built as it is and users are not all techies. After all, there is no more reason for the average computer user to understand the mechanics of Web bugs and html scripts than there is for the average motorist to understand fuel injection and ABS brakes. It is neither reasonable nor practical to rely on users practising safe e-mail: systems need to be put in place to make e-mail safe.
There are two main requirements for anti-spam software: high reliability of detecting and blocking spam, and extremely low or zero probability of blocking legitimate mail.
Cirrus Techvue has released version 3.1 of Spam Sleuth that incorporates several new analysers and an enhanced Web interface. Spam Sleuth`s extensible architecture allows for simply plugging in additional analysers as the nature of spam changes, making for rapid reaction to fresh spam-filter evasion techniques from the spammers. However, even the best spam filters run the risk of blocking legitimate mail, which could have consequences ranging from minor annoyance to a serious problem if the mail was truly important. Spam Sleuth can safeguard against this with an analyser it has had from the first release: the Turing Test.
The Turing Test consists of an immediate challenge that is sent to an unrecognised sender if the mail looks suspect. The sender immediately gets a polite request to click on a link and fill in a simple edit box with a few characters. Once they have done this, their mail is released, and, optionally, they can be added to the Friends list so as not to be challenged in future. The entire process completes in seconds, and effectively ensures that legitimate mail from a human sender is not quarantined.
Colyn Dee, director of Cirrus Techvue, explained: "Virtually all spam comes from automated systems that spit out literally millions of e-mails a day, and usually from bogus e-mail addresses. In most cases, the challenges sent to spam will not reach a valid address, and the message will in due course be deleted without every wasting the intended recipient`s time. Even if the return address is valid, the spammers will not take the time to respond to the Turing Test - it`s just not worth their while to do it manually, and it cannot be automated."
"The recent spate of e-mail-borne attacks, such as MyDoom, would have fizzled out if decent anti-spam software were widely deployed," he continued. "Spam filtering does not replace virus filtering, but adds to it and can make it several times more efficient - an important consideration for the larger businesses where anti-virus servers are often the bottleneck in the e-mail system."
Cirrus Techvue is the sole representative for Africa for Spam Sleuth. For more information, contact Colyn Dee at colyn@cirrus.co.za or on (011) 783 1508.
Share
Editorial contacts