[Eng]       [Rus]      
Home Description Forum License FAQ More...
How to restrict spam?

About spam protection



    When we try to restrict spam, the main problem, it is difficult to discriminate between the spam and normal message. Too match difficult to find this difference before receive message. Lot of popular method in really are inadmissible because, when we use it we lost good messages. Also, an example, the checking spf1 DNS record method prove useless because an example, lot of popular Internet mail service, (like GMail, HotMail, etc.) enable to send messages from all IP addresses -- and it is right, -- each user can send message through SMTP server of his provider, or through his own office SMTP server. In companies, enabling to send message through office SMTP server only, it is one way to protect network from internal spamming, -- sometime an users (beginner or just not careful) can run a virus or bad program that send spam.

    Popular method it is using DNSBL servers. This method in really may be well, but big problem is finding good DNSBL servers. Once I'm self (my IP address) has been included in DNSBL list, because somebody from subnet of my provider send spam. In frequency owner of DNSBL servers add to list full subnet instead address of spammer only. It is very incorrect. Usually the provider give the IP addresses to different independent organizations and private persons. If someone of them run virus it is not reason to block all. To exclude the risk of lost important message, in my program provide possibility to check DNSBL servers from gray-list. If any condition from gray list will true, the server will not receive the message immediately, but it remember attributes of message, and will receive it next time after a time. (If you choose the option, the server will check if SMTP server of sender is valid and if it send this message, the message will be receiving immediately) Not all spam program repeat sending to the same address, and usually in the time, spam activity are detecting and blocking by network administrator on the side of sending. The gray list give possibility to restrict big part of spam, exclude risk of lost message, but some spam message may be passed.

    Another method, now not very popular yet, but by my opinion it is most effective method, -- it is using fake addresses. Spam is easy and cheap because primitive robot can scan web, find e-mail addresses on the pages, and make the base of e-mail. Idea of protection, it is public fake addresses in invisible areas of the pages. In SMTP server options direct these addresses, and when somebody try to send message to these addresses server will sure that it is spammer, the IP will be added to internal bad list, and blocked. Also build-in DNSBL server may public internal bad list for another server. Using fake addresses and exchange information about spammer's IP between few servers may very force restrict the count spam.