sendmail Milters: A Guide for Fighting Spam

3 avg rating
( 1 ratings by Goodreads )
 
9780321213334: sendmail Milters: A Guide for Fighting Spam

"Bryan and Marcia have not only provided tips and tricks for detecting and blocking spam and email fraud but have also written the first of its kind Milter reference guide. This book will help you start writing your own special-purpose mail filters quickly and easily."

--Gregory Neil Shapiro, coauthor of the Milter interface

As a Mail Administrator You Need to Understand How to Successfully Monitor and Fight Spam.

Milters are among the most powerful antispamming tools available. Until now, there has been no clear and helpful resource for you to learn how to set up and use Milters. sendmail Milters: A Guide for Fighting Spam is the first in-depth guide to writing powerful Milters to block even the most clever spammers.

Inside this definitive new reference, you will find

  • An exhaustive description of the Milter interface
  • Insightful details on what spam is, its harmful effects, and the diverse techniques used by spammers
  • A step-by-step guide to luring spammers using a honeypot network
  • Ways to decode the common encoding methods used in spam email
  • A reference on the Milter library and its use
  • Techniques for expanding software to deal with future spamming methods

This book is an indispensable aid to combating spam, now and in the future. If you administer a sendmail server, you need to own a copy.

All of the program code described in the book is available for download at http://spambook.bcx.org.



"synopsis" may belong to another edition of this title.

About the Author:

Bryan Costales has been involved with sendmail for more than fifteen years. He is the author of sendmail, Third Edition, (O'Reilly, 2003) and books on C programming and UNIX communications.

Marcia Flynt has twenty-five years of experience in software engineering, including managing e-mail development for opt-in custom e-mail businesses.



Excerpt. Reprinted by permission. All rights reserved.:

Some have likened the fight against spam email to a war in which each side strives to outgun the other. Others use a cops-and-robbers analogy in which the robbers use their ill-gotten gains to buy better technology, while the cops must wait for voters to approve new budget items.

Still others have found the spam email problem so intractable and cancerlike that they have given up in despair. Many government offices, for example, have eliminated email altogether and adopted web forms in its place.

Unfortunately, spam email is a moving target. Books (once published) become etched in time and are no longer able to adapt to a world that continues to change--and spam email continues to change. Spammers will even use this book to learn the techniques being used against them and, like rats, adapt.

But someone must write a book like this. The spam email problem is too serious to let it run unopposed. Spam can be successfully fought only after it is fully understood and when knowledge of its techniques can be collected and collated for use in countermeasures. It is our hope that this book will represent a significant advance in the fight against spam.

Audience

This book targets users of the UNIX, Linux, and BSD family of operating systems. It presumes that sendmail is running as the mail transfer agent (MTA), but running the sendmail program is not strictly required (Parts I and II, for example, provide general lessons).

The bulk of this book (Parts III and IV) targets the sendmail administrator and the C language programmer. Milters are written in C and are specifically interfaced to sendmail. Although Milters can also be written in Perl, this book focuses exclusively on C as the language of choice.

No book can be all things to all people, so we recommend that you read this book with other books by your side:

  • sendmail, 3rd edition, by Bryan Costales and Eric Allman, O'Reilly & Associates, 2002.
  • sendmail Cookbook, by Craig Hunt, O'Reilly & Associates, 2003.
  • sendmail Performance Tuning, by Nick Christenson, Addison-Wesley, 2002.
  • UNIX System Administration Handbook, 3rd edition, by Evi Nemeth, Garth Snyder, Scott Seebass, and Trent R. Hein, Prentice Hall, 2000.

This book targets many potential groups that may prefer to write their own software rather than buy commercial software. Here are examples:

  • A business that sells antispam software and can benefit from creating products that fit with existing MTAs.
  • Small sites that can benefit from the low cost of self-written and self-maintained software.
  • Large sites that can benefit from the ease of upgrading an open source solution versus the high cost of commercial updates.
  • Financial institutions that require open source so that filtering behavior can be audited.

Whence Spam?

SPAM (all uppercase) is a trademark of Hormel Foods. SPAM is most often followed by "Luncheon Meat."

In contrast, the term "spam" (lowercase or lexically capitalized as at the start of a sentence) refers to unsolicited email. This latter term, "spam," is attributed to a Monty Python skit in which a group of Vikings sang "Spam, spam, spam," increasing in power and volume until it eventually overpowered all other conversation. The slang term "spam" was first used to describe commercial postings to Usenet (a global bulletin board system). Over time, the word "spam" became associated with unsolicited email.

In this book, when we use the terms "spam," "spamming," and "spammers," we refer to unsolicited email and not to the product described by the trademark SPAM.

Are Milters the Only Answer?

This book is primarily about how sendmail Milters can be used in the fight against spam. We have tended to gloss over other techniques in favor of a Milter approach. Although this can be viewed as a deficiency in a book about spam, a book about sendmail Milters should rightly focus on sendmail Milters.

In all fairness, however, there are many other techniques in use today, and many of them do a remarkably fine job of filtering out unwanted email. In the broadest terms, these other techniques can be grouped into five categories:

  • Domain Name Services (DNS)-based services that identify offending spam sites using IP numbers
  • DNS-based services that validate the identity of the sender
  • Products that employ Bayesian filtering to recognize and eliminate spam
  • Services that hand-screen URLs to eliminate spam
  • Companies that use postage as a means to fight spam

DNS-Based Services

When a site connects to sendmail for the purpose of sending email, sendmail can easily discover the IP number of the sending site. There are several Blackhole List (BL) sites on the Internet that allow sendmail to look up the connecting site's IP number to discover whether the IP number is that of a spam-sending site. Some BL sites use domain names, instead of IP numbers, to perform the same kind of screening. Both approaches can be very effective, but the complaint is often heard that they are too effective, often blocking legitimate email.

In addition to BL sites, there are sites that list the addresses of open relays and the addresses of hijacked PCs. Some also list all the IP numbers that are used by machines without fixed IP numbers. These sites store lists of thousands of entries and are used by mail-receiving servers all over the world.The trouble with all these DNS-based approaches is that it takes only one complaint to cause a site or address to become listed as bad, but it takes a great deal of effort for a legitimate sender to get removed from a list. Thus, the chief flaw with BL screening is that it presumes a sender is guilty until proven innocent.

See http://www.mail-abuse.com and the other sites listed in the Bibliography for additional information.

DNS Sender Information

Recently there have been a number of proposals to identify the machine that sends the email from a given domain as the official machine that is allowed to send email for that domain. Referred to as sender identification, these proposals are discussed in section 1.3 of this book.

Note that none of these proposals has yet seen wide acceptance, so it is too early to determine how effective they might be.

Bayesian Filters

A Bayesian filter divides email messages into small, well-defined units and then computes a signature and a spam rating for each unit. Some use individual words as the units, whereas others have discovered more efficient ways to categorize text to achieve a better recognition rate. But whatever the method, each unit is rated based on the likelihood that it is spam email.

Thereafter, all future pieces of email can be divided into units and their appropriate units compared to those previously rated. If the new email scores a significant spam rating, it can be branded as spam.

Bayesian filtering requires constant upkeep so that new patterns can be added to its history, but as spam email evolves and matures, classification becomes more difficult. When it is well maintained, Bayesian filtering can be very effective. But without constant upkeep, its efficiency quickly dwindles, consequently placing Bayesian filtering into the hands of a few specialty businesses that can perform the upkeep on behalf of customers.

See http://www.paulgraham.com/spam.html for a description of this technique, and http://www.mozilla.org/mailnews/spam.html for an example of its application to spam filtering.

Services That Screen URLs

In section 2.8 we describe the many ways spammers try to obscure URLs embedded in spam email.

We know of only one company that uses this technique to recognize and suppress spam, largely because URL detection, like Bayesian filtering, requires constant human monitoring and updates. Still, when frequently updated, URL detection can be extremely accurate.

See http://www.miavia.com for additional information about this approach.

Email Postage to Fight Spam

Some claim that the chief cause of spam is that sending email costs too little. Essentially, anyone with a low-cost DSL connection and a cheap PC can easily spam tens of millions of email addresses, and all the cost is borne by the receiving sites. The receiving site must pay not only for greater capacity (typically nine times the size that might be needed in a nonspam world) but also for spam-fighting software.

Email postage involves charging a small amount to send each piece of email. If it cost US$ 0.001 to send a message, for example, a spammer that sends ten million messages (small by today's standard) would find the total cost to be US$ 10,000.00--not a trivial amount. Yet for the home user who sends only perhaps 10 messages per day, the daily cost would be only a penny.

See http://www.goodmailsystems.com for more details about this approach.

The Organization of This Book

This book is organized into four parts. Part I provides an overview of spam email, its impact, and the techniques used to fight it. Part II shows how to set up a bait site to gather spam email for analysis. Part III is a reference that describes the milter-library and explains how to use it. Part IV illustrates the code used to screen email for spam. Appendix A describes the source code featured in this book, and the Bibliography lists a number of useful references.



0321213335P01192005

"About this title" may belong to another edition of this title.

Top Search Results from the AbeBooks Marketplace

1.

Costales, Bryan; Flynt, Marcia
Published by Addison-Wesley Professional
ISBN 10: 0321213335 ISBN 13: 9780321213334
New PAPERBACK Quantity Available: 1
Seller:
Your Online Bookstore
(Houston, TX, U.S.A.)
Rating
[?]

Book Description Addison-Wesley Professional. PAPERBACK. Book Condition: New. 0321213335 Ships promptly. Bookseller Inventory # Z0321213335ZN

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 22.95
Convert Currency

Add to Basket

Shipping: FREE
Within U.S.A.
Destination, Rates & Speeds

2.

Costales, Bryan, Flynt, Marcia
Published by Addison-Wesley Professional (2005)
ISBN 10: 0321213335 ISBN 13: 9780321213334
New Paperback Quantity Available: 1
Seller:
Murray Media
(North Miami Beach, FL, U.S.A.)
Rating
[?]

Book Description Addison-Wesley Professional, 2005. Paperback. Book Condition: New. Never used!. Bookseller Inventory # P110321213335

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 68.09
Convert Currency

Add to Basket

Shipping: US$ 1.99
Within U.S.A.
Destination, Rates & Speeds

3.

Costales, Bryan, Flynt, Marcia
Published by Addison-Wesley Professional (2005)
ISBN 10: 0321213335 ISBN 13: 9780321213334
New Paperback Quantity Available: 1
Seller:
Save With Sam
(North Miami, FL, U.S.A.)
Rating
[?]

Book Description Addison-Wesley Professional, 2005. Paperback. Book Condition: New. Brand New!. Bookseller Inventory # VIB0321213335

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 68.09
Convert Currency

Add to Basket

Shipping: US$ 3.00
Within U.S.A.
Destination, Rates & Speeds