The SPAM War Escalates
A recent spam hoax is a tough reminder of how vigilant we must be in the battle against unwanted mail.
May 7, 2004
![Network Computing logo Network Computing logo](https://eu-images.contentstack.com/v3/assets/bltde8121fc52c5c8f3/blt3f3d0318f746b1c2/65a530e4187606040a1d8b8c/placeholder.png?width=1280&auto=webp&quality=95&format=jpg&disable=upscale)
Can IT nip this in the bud by implementing antispam tools with an overly aggressive rule set? Theoretically, yes--but a policy of "better to bounce than be spammed" is too draconian. Users don't like finding their e-mails in quarantine (see page 42 for our analysis and reviews of spam filters).
There's nothing wrong with configuring your spam- and malicious content-prevention tools to drop blacklisted IP addresses, require PTR records, bounce executables, sanitize URLs and do some Bayesian scanning. But beware: Vulnerabilities are discovered every day, and miscreants are endlessly inventive.
A belt-and-suspenders approach to security will minimize damage from all attacks. "Least privilege" configurations for inbound and outbound traffic--"permit what is allowed, but deny all else"--can stop many Trojan attacks. Ultimately, this type of network hardening will make your system safer from all attacks, not just mal-spam.
You May Also Like