Sciweavers

ACSW
2006

Catching spam before it arrives: domain specific dynamic blacklists

14 years 1 months ago
Catching spam before it arrives: domain specific dynamic blacklists
1 The arrival of any piece of unsolicited and unwanted email (spam) into a user's email inbox is a problem. It results in real costs to organisations and possibly an increasing reluctance to use email by some users. Currently most spam prevention techniques rely on methods that examine the whole email message at the mail server. This paper describes research that aims to deny spam entry into the internal network in the first place. Examination of live amalgamated audit logs from a Linux kernel firewall, the PortSentry intrusion detection system and the Sendmail mail transfer agents has shown that it is possible that automated mailing programs send characteristic probes to the network gateway just before launching an avalanche of mail. Similarly it seems possible to detect precursor activity from some potential zombie machines. A real time system that could detect such activity needs to be certain that a particular IP address is about to send spam before blocking all of its packets...
Duncan Cook, Jacky Hartnett, Kevin Manderson, Joel
Added 30 Oct 2010
Updated 30 Oct 2010
Type Conference
Year 2006
Where ACSW
Authors Duncan Cook, Jacky Hartnett, Kevin Manderson, Joel Scanlan
Comments (0)