d

Email and Spam: The Complete Documentation

• This category contains 12 Papers
• The last paper was added on 2007-03-26 (YYYY-MM-DD)

Defending Your Site Against Spam

Published on June 26, 2003, by Dru Nelson, ©O'Reilly.

Like so many other people out on the Internet, I get unsolicited commercial email or "spam". Until recently, I could handle spam by just deleting it or using email aliases. Unfortunately, my server was rendered useless by a spam attack launched by an unknown spammer. The experience forced me to improve my spam defenses. In two articles, I will share the research and results of my effort to implement an anti-spam system. In this first installment, I will briefly cover various anti-spam systems and the system I chose, a network level defense. In the next installment, I'll dig deeper into the details of an implementation with qmail. (The information is general enough that it could be applied to other email systems such as Postfix or Sendmail.)

Email Bombing and Spamming

Published on August 14, 2002, by CERT®, ©Carnegie Mellon University.

This document provides a general overview of problems associated with electronic mail bombing and email spamming. It includes information that will help you respond to and recover from this activity.

Encrypted Email Cookbook

Published on September 04, 2003, by Robert Bernier, ©O'Reilly.

In my previous article, we looked at how email started and how it works. In this article we continue with email, but from the security point of view.

Guidelines on Electronic Mail Security

Published on 2007, by Miles Tracy, Wayne Jansen, Karen Scarfone, Jason Butterfield, ©National Institute of Standards and Technology.

Electronic mail (email) is perhaps the most popularly used system for exchanging business information over the Internet (or any other computer network). At the most basic level, the email process can be divided into two principal components: mail servers, which are hosts that deliver, forward, and store email; and mail clients, which interface with users and allow users to read, compose, send, and store email. This document addresses the security issues of mail servers and mail clients, including Web-based access to mail.

Next Step in the Spam Control War: Greylisting (The)

Published on August 21, 2003, by Evan Harris, ©Evan Harris.

This paper proposes a new and currently very effective method of enhancing the abilities of mail systems to limit the amount of spam that they receive and deliver to their users. For the purposes of this paper, we will call this new method "Greylisting". The reason for choosing this name should become obvious as we progress.

Reading Email Headers

Published on 1997, by Ken Lucke, www.stopspam.org.

This document is intended to provide a comprehensive introduction to the behavior of email headers. It is primarily intended to help victims of unsolicited email ("email spam") attempting to determine the real source of the (generally forged) email that plagues them; it should also help in attempts to understand any other forged email. It may also be beneficial to readers interested in a general-purpose introduction to mail transfer on the Internet.

Secure wireless email on Mac OS X

Published on 2005, by stopdesign, ©Stopdesign.

After more than a year of implementing my own measures, I think it's time to help raise awareness of email security. And in doing so, document the way I use SSH to secure email when I'm on a wireless network. If you're concerned about strangers having open access to your usernames and passwords, and all the email you send and receive while connected to a public wireless network — whether you use a Mac™ or not — you'll want to read this.

Security Guidance for Using Mail Clients

Published on 2007, by SNAC, ©National Security Agency.

Increasingly, email is becoming a prime avenue for exploiting vulnerabilities in computer systems. This is a function of both their growing complexity and spreading usage. Since attempts to limit those vulnerabilities have been relatively unsuccessful at best, users must act as the first line of defense.

Spoofed/Forged Email

Published on September 04, 2002, by CERT®, ©Carnegie Mellon University.

This document provides a general overview of email spoofing and the problems that can result from it. It includes information that will help you respond to such activity.

Tracing An Email

Published on 2006-01-19, by Raven, ©Onimoto.com.

The purpose of this guide is to show the process involved in tracing an email. The first step required to tracing an email is finding out the headers of the email. What are headers? Email headers are lines added at the top of an email message that are used by servers as the email goes on route to get delivered. Generally email clients only show the standard To, From, and Subject headers, but there are more.

Tracing the source of an Email

Published on 2001, by Rohas Nagpal, ©Asian School of Cyber Laws.

Examination of the email header is the first step in tracing the source of an email. Most persons set the options in their email account to show brief headers. An incoming email could have a header as below:

Tracking E-mail - Part 1

Published on October 20, 2001, by Gerald E. Boyd, www.expita.com.

Using e-mail header information to track the sender.