The Inquirer-Home
Hardware

Boffins come up with a spam fighting tool

Spammers are their own worst enemies
By Nick Farrell
Tue Jan 26 2010, 10:37

A TEAM of computer boffins have emerged from their smoke filled labs with an "effectively perfect" method for blocking the most common kind of spam.

The system, developed by a team at the International Computer Science Institute in Berkeley, California, and the University of California, San Diego, looks at a trick that spammers use to defeat email filters.

According to New Scientist, as a spam email is made by a botnet it is changed to confound spam filters. However each message is generated from a template that specifies the message content. The team worked out that analysing such messages could reveal the template that created them and then it would provide a watertight method of blocking spam from that bot.

Testing the idea, the team installed a previously captured software bot onto a machine. After analysing 1,000 emails generated by this compromised machine the researchers were able to reverse-engineer the template.

Once they had identified the template then it was possible to enable filters to block further spam from that bot with 100 per cent accuracy.

The research will be presented in March at the Network and Distributed System Security Symposium in San Diego. µ

 

Share this:

< Previous article| Next article >
Comments
Bloody Hell

Even SPF won't work. I have a client who uses two services which forge senders from a pool of mail servers to claim they are coming from his domain. The continual stream of forwarded failure messages is annoying to both him and me. BUT, if they were doing this properly the SPF record permitting only the "real" mail server wouldn't be an issue.

posted by : Chris, 26 January 2010 Complain about this comment
@Svetoslav Vladov

You hit it right on the head.

If you can't be part of the solution, there's plenty of money to be made in prolonging the problem.

posted by : Jon, 26 January 2010 Complain about this comment
Don't tell the bots..

That's great, but bots don't make bots, people do and they can read too.

The best way of countering spam other than by SPF is not to tell anyone how you do it and just keep doing it.

posted by : Jammed, 26 January 2010 Complain about this comment
How much non-spam will it block?

Here's another idea... block all email that contains consonants. That wll also block 100% of (current) spam.

posted by : mike, 26 January 2010 Complain about this comment
Pure bullshit.

The only effective way to stop spam is SPF. However domainadmins are too lazy or ignorant to put SPF records in their DNS, so as of today we have only about 10% of total domains on board. Less than enough for effective spam fight.

But after all Spam is just like viruses - there is too much money in it to "fight" it for real.

posted by : Svetoslav Vladov, 26 January 2010 Complain about this comment
for about half an hour i suspect

great stuff until the template is automatically constantly changed enough to confound the anti-template etc....

posted by : daa ddda daammmm!, 26 January 2010 Complain about this comment
Spam

Sounds promising.

posted by : caig, 26 January 2010 Complain about this comment
aboutus
Advertisement
Subscribe to INQ newsletters
Click here to sign up Existing user
INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage
Advertisement
INQ Jobs
INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

View other polls
Follow us:
Business & Technology websites:
Business research resources:
Products:
Investment Market IT websites:
Find out what you are worth:
Search for a job:
Recruitment Agency A-Z Directory
Accreditations: