4 filtering ways of spam help your network safety

E-mail is a communication method that provides information exchange by electronic means and is the most used service on the Internet. Through the network's e-mail system, users can communicate with network users in any corner of the world at a very low price and very fast.

E-mail can be in various forms such as text, image, and sound. At the same time, users can get a lot of free news and special emails, and easily realize easy information search. The existence of e-mail greatly facilitates the communication and exchanges between people and promotes the development of society.

There are many email formats, such as SMTP, POP3, MUA, MTA, etc.

Spam refers to emails sent forcibly without the user's permission. The emails contain advertisements, viruses, and other content. For users, in addition to affecting normal mail reading, spam may also contain harmful information such as viruses; for service providers, spam can cause mail server congestion, reduce network efficiency, and even become a hacker attacking mail server. tool.

Generally speaking, a dedicated server is used to send spam. Generally speaking, it has the following characteristics:

1. Emails sent without the consent of the user are not relevant to the user.

2. Criminals obtain email addresses through deception.

3. The email contains false advertisements, which will spread a lot of spam.

The anti-spam method is basically divided into technical filtering and non-technical filtering in terms of technology, mainly technical filtering, active filtering, and establishing a filtering mechanism in the process of mail transmission;

Non-technical filtering includes: legal and regulatory documents, unified technical specifications, or social moral advocacy, etc. In the process, mail filtering is divided into server-side filtering and receiving-side filtering. The receiving-side filtering is to check the received mail through the server system program after the mail is sent to the mail server. It is passive filtering, mainly by IP address and keywords. As well as filtering for other obvious characteristics of spam, it is feasible and has a low error rate of normal mail. It is currently one of the main anti-spam methods.

From the beginning of spam, the majority of network providers and Internet companies have begun to make trouble for this. However, it is clear that 30 years of development have not produced effective anti-spam technologies or methods. One of the important reasons is that the situation is huge. The amount of spam and high-complexity filtering technology has not been until recent years, the development of artificial intelligence, machine learning and other disciplines has made progress in anti-spam work.

Common spam filtering methods:

1. Statistical method:

Bayesian algorithm: Based on statistical methods, using the method of marking weights, using known spam and non-spam as samples for content analysis and statistics to calculate the probability that the next email is spam, and generate filtering rules.

Connection/bandwidth statistics: anti-spam is achieved by counting whether the number of attempts to connect to a fixed IP address within a unit time is within a predetermined range, or limiting its effective bandwidth.

Mail quantity limit: Limit the number of mails that a single IP can send in a unit time.

2. List method:

BlackList and WhiteList respectively record the IP addresses or email addresses of known spammers and trusted email senders. This is also one of the more common forms of email filtering. At the beginning of anti-spam activities, this This kind of designated mail filtering is very limited because of the lack of list resources.

3. Source method:

DomainKeys: Use to verify whether the sender of the email is consistent with the claimed domain name and verify the integrity of the email. This technology is a public key + private key signature technology.

SPF (SenderPolicy Framework): The purpose of SPF is to prevent forgery of email addresses. SPF is based on reverse lookup technology to determine whether the specified domain name and IP address of the email correspond exactly.

4. Analysis method:

Content filtering: Filter spam by analyzing the content of emails and then using keyword filtering.

Multiple picture recognition technology: Recognize spam that hides malicious information through pictures.

Intent analysis technology: Email motivation analysis technology.

The sending and receiving of mail generally needs to go through the SMTPServer, and the SMTP server transfers messages through the SMTP (Simple Mail Transfer Protocol) protocol.

The email transmission process mainly includes the following three steps:

① The sender PC sends the mail to the designated SMTPServer.

②The sender SMTP Server encapsulates the mail information in an SMTP message and sends it to the receiver SMTP Server according to the destination address of the mail.

③The recipient receives the mail.

POP3 (Post OfficeProtocol 3) and IMAP (Internet Mail Access Protocol) stipulate how the computer manages and downloads e-mails on the mail server through the client software.

Spam prevention is an IP-based mail filtering technology that prevents the flood of spam by checking the legitimacy of the source IP of the sender's SMTP Server. The proliferation of spam brings many problems:

① Occupy network bandwidth, cause mail server congestion, and reduce the operating efficiency of the entire network.

②Occupy the recipient's mailbox space, affecting the reading and viewing of normal mail.

When the firewall is used as a security gateway, all external mails need to be forwarded through the firewall. By checking the IP address of the sender's SMTP Server, spam can be effectively filtered.

The above is the news sharing from the PASSHOT. I hope it can be inspired you. If you think today' s content is not too bad, you are welcome to share it with other friends. There are more latest Linux dumps, CCNA 200-301 dumps, CCNP Written dumps and CCIE Written dumps waiting for you.