Spam protection. Spam protection tools Spam and anti-spam protection

Spam is the mass mailing of messages to users who have not given their consent to receive them. Carried out for the purpose of advertising certain products, spreading information, identity theft, etc. This is an intrusive advertisement for something. In most cases, spam is presented in the form of sending emails, but in fact it is used wherever there is open access to the dissemination of information: social networks and media, forums, comments on websites, instant messengers, emails, SMS to the phone. Even offline, there is spam. For example, advertising brochures in your mailbox. People who send spam are called spammers. Spam advertising is one of the cheapest methods of promotion on the Web, but not the most effective. Such mailing is negatively perceived by the audience, which does not allow all companies to use it. Those who care about reputation and image do not use spam.

Where did the word "spam" come from?

The word "spam" first appeared in the 40s of the 20th century, in the post-war period. Initially, it meant the name of canned food included in the meat diet of soldiers. After the war, they had to be urgently sold before the expiration date had expired and they had not deteriorated. This led to the fact that advertising of this product was everywhere: on the streets, in newspapers, in transport. It was deliberately made aggressive, imposing on people the need to purchase these canned food. It was this event that was remembered when this kind of advertising began to be actively used on the Web. Aggressive and intrusive distribution of advertising messages received the corresponding name - spam. Since then, the word "spam" means "mass mailing of intrusive advertising." The user did not ask, did not subscribe, but they send him letters, in the content of which he is not interested. In the early days (as soon as the Internet and e-mails appeared), spam advertising on the Web was more effective than it is now. People are not used to this, and there was no advertising "blindness" then. But it still remains one of the most inexpensive ways to reach the maximum audience, which allows it to stay afloat as one of the most popular ways to promote your services and products.


A spam attack is the distribution of spam messages with an increased concentration on certain sites or channels. For example, spammers have found that a particular forum has a high bounce rate. This information spread in spam circles, and a huge wave of messages with intrusive advertising hit the site. Such an event is called a spam attack. Spamming attacks are not always made due to the high return of the site. Sometimes they happen due to someone's malicious intent in order to harm the site and its owner. For example, they are carried out by unscrupulous competitors.

Types of spam

All spam can be classified according to several criteria.

By area of ​​distribution:

    online spam - distributed in the online space;

    offline spam - distributed in offline space.

Distribution method:

    manual – messages are sent manually.

According to the degree of danger:

Most popular websites and email accounts are adequately protected against dangerous spam. They use spam filters. Messages that can cause real harm are blocked automatically. The most dangerous of them are permanently deleted, the less dangerous or just dubious ones are placed in the Spam folder. Often, the system mistakenly places messages in the Spam folder that do not carry any harm to the user, for example, a letter confirming registration on some site. For the system, these are unfamiliar sources, therefore, it does not trust them. Therefore, regularly check your Spam folder and remove the necessary letters from there.

Safe

    commercial advertising. It includes sending messages advertising various kinds of goods, services, websites, etc. As mentioned earlier, spamming is one of the most inexpensive ways to promote on the Web. Hence, it is in demand among internet entrepreneurs. They simply chose spam as one of their promotion channels;

    advertising that is prohibited by law. In Russian legislation, there is a list of goods and services that are prohibited from advertising. Most popular channels (search engines, social networks) adhere to these requirements, and sometimes add their own. This causes some difficulties for advertisers. E-mailing does not have such restrictions, which allows advertisers to freely advertise any goods and in any form;

    manipulation of public opinion. Often spam is used as a tool to influence the public opinion of the audience. These are not only political motives, but also commercial ones. For example, someone decides to send compromising material to a competitor or send mailings on behalf of someone in order to get a negative reaction in response. Such mailing does not harm users, but can cause certain moods in society;

  • mailing with a request to forward the message. A particularly popular form of social media spam. As a rule, it does not carry any semantic load and does not pursue any goals. These are messages in the spirit of "Forward this letter to 20 friends and next year you will find the love of your life." Oddly enough, but there are people who continue to do this. Rarely may contain hidden advertising.

Dangerous (malicious)

This type of spam can cause real harm to users - steal their personal data (logins, passwords), gain access to electronic wallets, infect a computer with viruses, etc. Most often, the content of such emails includes links or attachments. In no case do not go through them and do not download. Types of dangerous spam:


Places of distribution

Where can you find spam?

    In email, this is the most common place for spam messages. Letters are not moderated before being sent, therefore, their content is not limited in any way. As a rule, spam filters are used after sending.

    Forums - those sites where there is no moderation are very popular among spammers, as this allows you to freely publish any information. Forums where all messages are verified are not used at all or are used to post hidden advertising.

    Comments on sites - similar to forums, those sites where there is no moderation are highly popular among spammers.

    Social Media – The number of spam messages on social media has only grown in recent years. Private messages and comments are the most popular communication tool. Spam in social networks is characterized by greater "friendliness". Senders, as a rule, do not just send you an advertising message, but try to enter into a dialogue, get to know each other. Of course, such an unexpected desire to communicate is caused only by commercial goals - to sell a product or service.

    Messengers - in recent years, with the growing popularity of messengers (Viber, Telegram, WhatsApp), the number of spam messages in them has also grown.

    SMS - probably, everyone received SMS with advertising from unknown numbers on their phone. This is spam.

How spammers find email addresses

One of the most popular questions is “How do spammers know my address or phone number?” Finding user contacts is not a big problem. You can get them in several ways.


Based on the above, the conclusion suggests itself: do not leave your contact details anywhere. Create several email addresses - one for important correspondence and important services, the other for everything else. If spam catches up with you, then let it be in the second mailbox.

How to disable spam

In some cases, it is easy to turn off spam - just click the "Unsubscribe" button in the letter. The method works if you yourself once subscribed to the source. Sometimes a subscription is issued automatically after registration on the site.

But be careful. Sometimes spammers design links in the form of an unsubscribe button. Of course, after clicking, no unsubscribe will occur. You will simply be moved to the promoted resource. If the source seems unfamiliar to you, it is better to use the following method and block it to get rid of annoying emails. In most mail services, as well as in social networks, you can block addresses and users from which unwanted letters come. How to block spam (using Gmail as an example):


Ready! After the actions taken, the selected address will not be able to send you letters. Now he is blacklisted. Similar actions can be performed on social networks.

Spam protection methods

In order not to have to block each spammer manually (after all, there can be hundreds of sources), it is enough to follow simple tips and recommendations for protecting against spam.

    Do not publish your address and contacts in public and questionable places.

    Get a second box for unimportant messages and use it.

    Do not download attachments.

    Use only popular mail services (they have the maximum level of protection against spam).

    Create a more complex postal address. The lighter the address, the easier it is for spammers to generate it.

The most secure mailboxes

From the point of view of protection against spam mailings, the safest mailboxes are:

    Google mail (gmail);

    Yandex mail;

    Mail.ru-mail.

It is important to understand that no service will provide 100% protection. There will always be promotional emails. After all, spam methods are improving every year, becoming more sophisticated and secretive, spammers are constantly finding new ways to bypass filters. But the above services are capable of minimizing the number of unwanted messages.

Dear friends and users of our site, I am with you again, SpaceWolf, and today we will talk about the urgent problem of “SPAM”. The way to solve this problem will get rid of spam on the contact form, spam comments or spam on online orders.

I would like to immediately note the pros and cons of this method:

  1. Works well against bots.
  2. Quick installation in the form of sending messages
  3. Minimum code (3 lines)
  4. It does not require special knowledge, except for the location of the main files.
  5. Users who do not have java will not be able to pass the verification and therefore send a message.

Basically everything. Let's proceed with the installation:

1) Add an additional hidden field to your form (this is a comment form, a feedback form, a product order form) with the name name=”check” meaning value="" leave empty. Example:

2) In the same form, but only in the button (“send”, “write”, “Leave feedback” or whatever you call it), add the following code:

If ($_POST["check"] != "stopSpam") exit("Spam decected");

Spam protection - how it works

The principle is as simple as the code itself. It is designed to prevent spam bots from running programs on JavaScript. At the time when a regular user clicks on the “order” button in our hidden field, the word “stopSpam” will fit in, and in the case of a robot, this field will remain empty. Let me explain at the moment why it will remain empty ?. The robot fills in all fields except for our hidden field with an identifier id=”check” and variable check will remain blank, hence the mail will not be sent. And when the user clicks on the button, our JavaScript, which we added to the button.

I advise you to use this method in conjunction with captcha, the effect will be better.

Well, that's all. If the article helped you, write comments, repost and do not forget to say "Thank you" in the comments.

If someone has other problems or questions, leave them in the comments, we will be happy to find a solution together. We are waiting for your messages!

What are the anti-spam methods?

There are two main methods to protect a mail server from spam: spam protection at the stage of receipt by the mail server and "separation of spam" from the rest of the mail after it is received by the mail server.

Among the first method, the most popular methods are the use of DNS Black List (DNSBL), Greylisting and various delays in sending mail; the use of various technical means, such as checking the existence of a user on the sending side (callback), checking the “correctness” of the sending server by such methods as the presence of an entry in the reverse DNS zone, the legality of the name when establishing an SMTP session (helo), checking the SPF record (for work the DNS host record uses the corresponding legal sender server record).

Among the email content analysis methods, the most popular methods are checking using various algorithms, such as searching for specific keywords of an advertising nature or based on the Bayes theorem. The algorithm based on the Bayes theorem contains elements of probability theory, is initially trained by the user on letters that, in his opinion, are spam and further separates the messages containing spam by characteristic features.

So, let's take a closer look at these email filtering methods.

Blacklists or DNSBL (DNS Black Lists)

Blacklists include addresses from which spam is sent. Lists such as "open relays" and "open proxies" and various lists of dynamic addresses that are allocated by providers to end users are widely used. Due to the ease of implementation, the use of these blacklists is done through the DNS service.

Greylisting or Greylisting

Greylisting is based on spamming tactics. As a rule, spam is sent in a very short time in large quantities from any server. The job of the greylist is to deliberately delay the receipt of emails for some time. The address and forwarding time are entered into the greylist database. If the remote computer is a real mail server, then it must keep the letter in the queue and repeat the forwarding within five days. Spam bots, as a rule, do not keep messages in the queue, therefore, after a short time, they stop trying to forward the letter. It has been experimentally established that the average time for sending spam is a little over an hour. When resending a letter from the same address, if the required amount of time has passed since the first attempt, the letter is accepted and the address is added to the local white list for a sufficiently long period.

Performance analysis

The first two methods allow you to filter out about 90% of spam at the stage of delivery to the mailbox. Already delivered mail can be marked by means of analyzing the contents of the letter, for example, using the SpamAssassin program. This product allows you to add appropriate lines to the message headers based on special algorithms, and the user, based on mail filters in the mail client, can filter mail to the desired folders of the mail program.

Conclusion

Of course, there are other ways to protect against spam, the most effective, unfortunately, at the moment are preventive measures, such as not leaving your real email box on websites, forums and bulletin boards, using temporary addresses for such needs, which subsequently can be deleted, if it is necessary to publish a mailbox on the site, instead of text, use a graphic image and similar measures.

You can connect and configure GreyListing through the ISPmanager panel in the "Features" section

You can learn more about configuring anti-spam methods through the control panel here DNSBL and here Greylisting.

This is a new product of Kaspersky Lab designed for comprehensive protection of a home computer. This program provides simultaneous reliable protection against viruses, hackers and spam. The Kaspersky Anti-Spam module is one of the elements of this home computer protection system. First of all, it should be noted that Kaspersky Anti-Spam is not a standalone product and does not work separately from Kaspersky Personal Security Suite. To some extent, this can be called a disadvantage, since users cannot use Kaspersky Anti-Spam separately, but complex protection also has its undoubted advantages.

Anti-virus protection and a firewall from more than once were considered on the pages of our publication. Therefore, in this article we will consider only the work of the anti-spam module.

The basis of Kaspersky Anti-Spam is the intelligent SpamTest technology, which provides: fuzzy (that is, it works even if there is an incomplete match) comparison of the message being checked with samples - messages previously identified as spam; identification of phrases characteristic of spam in the text of the letter; detection of images previously used in spam emails. In addition to the criteria listed above, formal parameters are also used to identify spam, including:

  • "black" and "white" lists that the user can maintain;
  • various features of the mail message headers that are characteristic of spam - for example, signs of falsifying the sender's address;
  • techniques used by spammers to deceive mail filters - random sequences, substitution and doubling of letters, white-on-white text, and others;
  • checking not only the text of the letter itself, but also attached files in plain text, HTML, MS Word, RTF and others formats.

Installing the anti-spam module

The module is installed during the installation of Kaspersky Personal Security Suite. When choosing installation options, a user using other mail clients other than Microsoft mail programs may not install the plug-in for Microsoft Outlook.

It should be noted that Kaspersky Anti-Spam checks any correspondence received via the SMTP mail protocol. Thanks to this, it can filter out spam in any mail program, but more on that below.

Integration into Microsoft Outlook Express

The program does not have its own interface as such. In Microsoft Outlook Express, the Kaspersky Anti-Spam module is integrated as a menu and as an additional panel.

You can note some inconvenience when using this panel, however, it has nothing to do with the anti-spam module itself. Due to the operating principles of the Microsoft Outlook Express program, the Kaspersky Anti-Spam panel cannot be fixed in a place convenient for the user. Each time you start the program, the panel will appear third in a row. You will have to constantly transfer it to a convenient place or put up with this state of affairs.

Program operation

When receiving mail, Kaspersky Anti-Spam analyzes incoming mail. When spam is detected, the message is marked with a special label [!! SPAM] in the "Subject" field and placed in the "Deleted Items" folder. Letters recognized as not spam are not marked with anything and are processed by the mail program in accordance with the established rules. If the program is not sure that the message is spam, then the [?? Probable Spam] and the email is placed in the Inbox for the user to make a final decision. In addition, the program uses two more types of labels: - for messages with obscene content and - for automatically generated letters, such as letters from mail robots.

Thanks to these labels, you can organize the work of Kaspersky Anti-Spam with any other mail program. It is enough to create rules in the mail client to sort messages by these labels. In Microsoft Outlook itself, such folders are created at the click of a button in the settings window of the anti-spam module.

Program training

The program can be trained in two ways: by classifying messages received by the user as spam - not spam, and by downloading updates from the "Laboratory" server. The first method allows you to train the program for the user's personal mail, the second - to quickly respond to massive spam phenomena on the Internet.

When launched for the first time, Kaspersky Anti-Spam will extract all addresses from the Microsoft Outlook address book in order to place them in the "Friends List". All messages from these recipients will be treated as non-spam by the anti-spam module and will be skipped without checking. Subsequently, the user can edit this list by adding or removing recipients to it. In addition to the "List of Friends" there is also a "List of Enemies". Any correspondence received from recipients on the Enemy List will be unequivocally assessed as spam.

Adding recipients to the lists of friends or enemies is done by simply pressing a special button on the panel of Kaspersky Anti-Spam. There is also training. If you skip a spam email, you just need to click the "This is spam" button. A window will appear in which the user must tell the program what to do with this message.

The "Send as spam example" command generates a letter to Kaspersky Lab with a message about spam for further training. This command can be ignored. You can neglect adding the author to the enemies, but you should definitely add the letter to the spam samples. This is how the program is trained for personal correspondence.

Since Kaspersky Anti-Spam is not integrated into other mail clients, it can be trained in these programs only through updates received from the Lab's server. Unfortunately, this training option does not make it possible to train the program for the features of personal mail.

Settings

In the program settings, you can: specify the location of the module databases, if the user wants them to be stored in a non-standard location; disable or enable filtering; set update options and view statistics.

The Kaspersky Anti-Spam module provides fairly complete protection of user mail from spam. Like any other program, it requires training. And while this learning is going on, it is possible to mistakenly recognize correct emails as spam and vice versa. A relative disadvantage is that the module does not allow deleting letters on the server that are obviously spam. The user still has to spend his traffic on these unnecessary letters. On the other hand, with this approach to spam filtering, not a single valuable message will be lost. In all other respects, Kaspersky Anti-Spam deserves the most serious attention, especially considering the integration of the module with other programs that ensure the security of the user's computer.