Language Selection

English French German Italian Portuguese Spanish

Retracing spam steps could halt mass emails

Filed under
Security

The deluge of spam that pours into email inboxes each day could by curtailed using software that learns to identify the routes taken by unwanted messages, researchers say.

A team from IBM and Cornell University in New York state, US, developed the anti-spam technique, which they call "SMTP Path Analysis". It involves examining information embedded in email messages about the route it has taken across the internet. This allows it to make a good guess as to whether or not a new message is electronic junk mail.

The algorithm at the heart of SMTP Path Analysis studies Simple Mail Transfer Protocol (SMTP) information, which is added to an email message "header" as it is passed between servers on the internet. This remains hidden when a message arrives in a recipient's inbox but can be used retrace its steps between different mail servers.

Most spam filters try to catch spam by looking at the content of a message, rather than its hidden header. Many already learn to identify new spam by examining previous message. But spammers are constantly coming up with new tricks in an effort to outwit such content-filtering techniques.

Full Article.

More in Tux Machines

Linux from Square One

Despite the fact I have a different view of which distros are best for kids — Qimo (pronounced “kim-o,” as in the last part of eskimo, not “chemo”) tops the list, as it should, but the French distro Doudou (add your own joke here) is unfortunately left out — the link there is informative. So for those who are just getting their proverbial feet wet in Linux, this is a godsend. Read more

Explaining Security Lingo

This post is aimed to clarify certain terms often used in the security community. Let’s start with the easiest one: vulnerability. A vulnerability is a flaw in a selected system that allows an attacker to compromise the security of that particular system. The consequence of such a compromise can impact the confidentiality, integrity, or availability of the attacked system (these three aspects are also the base metrics of the CVSS v2 scoring system that are used to rate vulnerabilities). ISO/IEC 27000, IETF RFC 2828, NIST, and others have very specific definitions of the term vulnerability, each differing slightly. A vulnerability’s attack vector is the actual method of using the discovered flaw to cause harm to the affected software; it can be thought of as the entry point to the system or application. A vulnerability without an attack vector is normally not assigned a CVE number. Read more

​EMC partners with Canonical, Mirantis, and Red Hat for OpenStack

Do you want to use OpenStack, but you're afraid of the headaches of getting its architecture just right? Well, EMC is here to help with OpenStack reference architectures for three leading OpenStack vendors: Canonical, Mirantis, and Red Hat. Read more

Proprietary OOXML document format makes you more vulnerable to attacks

Using the proprietary OOXML document format, i.e. docx, pptx and xlsx, makes you more vulnerable to phishing and other attacks. Earlier this month, the Japanese anti-virus company Trend Micro published a blog post describing how the attack group "Operation Pawn Storm" uses spear-phishing mail messages with malicious Office documents to target the military, governments, defense industries and the media. Four years ago, Thomas Caspers and Oliver Zendel from the German Federal Office for Information Security (BSI) already presented research results stating that most spear-phishing attacks targeting specific persons or a small group of victims are using "launch actions" in Office and PDF documents to have their malicious code executed. Read more