Are Botnets Beating Us in the War on Spam? - No End in Sight?
(Page 5 of 5 )
How can we stop the madness? TQMCube’s David Hart, who currently runs a DNS blackhole list as an atonement of sorts for formerly serving as a consultant for a spammer, thinks that ISPs should simply block all unauthorized traffic on port 25, which computers use to send email. He believes that any port 25 traffic not destined for an ISP’s own mail server and accompanied with an authorized user name and password should be rejected.
Brian Livingston thinks the U.S. deserves a lot of the blame for having a weak spam law. The Can-Spam Act actually makes sending spam legal as long as the sender includes a street address and links to an unsubscribe process. While making spam illegal in the U.S. won’t wipe out the problem, “trying to stop shadowy, profitable activities is almost impossible if they aren’t illegal,” Livingston notes. “Only the existence of a Virginia law with real teeth tripped up Jeremy Jaymes [a notorious spammer]. A strong U.S. law could go a long way towards catching even more spammers.”
Meanwhile, some security vendors have released anti-botnet products, such as Trend Micro’s InterCloud Security Service for large network providers. The service identifies zombies on a network and can help stop them in real time. Trend Micro also says it has an anti-spam product that can detect and filter image spam.
But there seems to be a consensus currently that the spammers are winning. What with the increase in botnet use, for example, some old methods of stopping spam, such as blacklisting specific IP addresses, are no longer effective. As a result, there's a notably hollow ring these days to the prediction that Microsoft chairman Bill Gates made in January 2004 that the spam problem would be beaten in two years. Dan Druker, an executive VP with Postini, observed that “Everyone thought this was a solved problem. But now it’s the worst it’s ever been.”
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |