Your SlideShare is downloading. ×
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply



Published on

brief presentation on Spamming and its protection …

brief presentation on Spamming and its protection

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Index● Introduction about spamming● Types of Spamming● Email spamming● How mail server works with spam
  • 2. Spammer Technical definition Spam is the use of electronic messaging systems to send unsolicited bulk messages, especially advertising, indiscriminately. Bla bla bla bla bla.................. Reference: wikipedia
  • 3. Types of SpammingThere are many ways of doing spamming.● Comment spamming : eg. In CMS or websites● Chat Spamming : eg. Yahoo,facebook● Microbloging : eg. Twitter● Social networking: eg. Facebook,myspace● Email spamming : eg. All Mail services are targeted
  • 4. Easy targetWho can not recognise the spam (stupid internet people)
  • 5. Comment Spamming
  • 6. CMS and Forums are well targeted for comment spamming
  • 7. Wordpress,joomla and drupal blogs are highly targeted
  • 8. Chat spamming
  • 9. Microbloging spaming
  • 10. Another twitter spam
  • 11. Social networking spaming
  • 12. Method of spaming attack in comment,chat,social networking and microbloging ● Manually : Mostly u can find in forums,social networking sites,twitter etc. ● They offer some lottery win,password reset suggestion in problem,free tickets,free download of music & videos etc.
  • 13. Spamming usingTools
  • 14. How to reduce spaming ,Applicable to all CMS/websites/forum ● Comment moderation ● In Captcha ● Anti spam plugin from reliable source like akismet ● Blacklisting ● Registeration form with - E-mail confirmation Mobile phone confirmation via automated calling or sms etc. ● Bayesian filtering What the hack is Bayesian
  • 15. Bayesian TheoramBayesian spam filtering( Thomas Bayes) is a statistical technique of e-mail filtering. It makes use of a naive Bayes classifier to identify spam e-mail.Bayesian classifiers work by correlating the use of tokens (typically words, or sometimes other things), with spam and non-spam e-mails and then using Bayesian inference to calculate a probability that an email is or is not spam.Bayesian spam filtering is a very powerful technique for dealing with spam, that can tailor itself to the email needs of individual users, and gives low false positive spam detection rates that are generally acceptable to users● Reference :
  • 16. How Bysian Theoram Works
  • 17. Useful links to read about Bysian Theoram●●●●
  • 18. e-m@il sp@mming
  • 19. Mail Server Internet StandardsMail Server must follow internet standards monitored by ICANN,IANA,SPAM listing databaseWhile confguring Server these standard should be followed.(1) setting email for complaints like Mail server must have reverse DNS(3)Using SPF record for mail server(4)Using DKIM for mail server (ADSP)(5) smtp authentication
  • 20. Protecting Mail Server from spamThe mail server also must have antispam softwares. We should use the blacklisted ip to reject the email coming from spammer in your email.The following major open source softwares are used in Antispaming -(1) spamassasin(2) Amavisd(3) clamav(4) dspam
  • 21. Mail Server is exploited, How !?Even if you follow the Internet mailing standardsYour mail server is exploitedReason:(1) It has no smtp authentication(2) mail server is open relay(3) No robust iptables(4) Allowing all network to access(5) no DDOS attack rules in Server
  • 22. identifying spamming ,check header of emailCheck following things in mail client like webinterface,outlook, thunderbird etc.(1) Senders list(2) Content in email(3) SPF(4) DKIM
  • 23. Recognising the Spam emails It is not necessary the spam email will go in spam folder always. When you see in senders address “to undisclosed recipients” that can be spam also
  • 24. Spammer use the well known identity name/ Whenchecked in linkedin no such user has sent the request
  • 25. Check the header of email
  • 26. Spamming blacklisting OrganisationWe have multiple antispaming organisation who keep the track of spaming.Once they blacklist the server,domain or network etc. Either the email will not go out from mail server or if it goes out ,it will be marked as SPAM .Below one are major key player.* SBL advisories* XBL* PBL* Zen* DBL
  • 27. SBLThe Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.The SBL is queriable in realtime by mail systems thoughout the Internet, allowing mail server administrators to identify, tag or block incoming connections from IP addresses which Spamhaus deems to be involved in the sending, hosting or origination of Unsolicited Bulk Email (aka "Spam"). The SBL database is maintained by a dedicated
  • 28. PBLPBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customers use. The PBL helps networks enforce their Acceptable Use Policy for dynamic and non-MTA customer IP ranges.
  • 29. XBLXBL is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies (HTTP, socks, AnalogX, wingate, etc), worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
  • 30. DBLDBL is a realtime database of domains (typically web site domains) found in spam messages. Mail server software capable of scanning email message body contents for URIs can use the DBL to identify, classify or reject spam containing DBL-listed domains.
  • 31. ZenZEN is the combination of all Spamhaus IP- based DNSBLs into one single powerful and comprehensive blocklist to make querying faster and simpler. It contains the SBL, SBLCSS, XBL and PBL blocklists
  • 32. New Arrival : DMARCDMARC, which stands for "Domain-based Message Authentication, Reporting & Conformance", is a technical specification created by a group of organizations that want to help reduce the potential for email-based abuse by solving a couple of long-standing operational, deployment, and reporting issues related to email authentication protocols
  • 33. How DMARC will work
  • 34. How to check blacklisted Server,network or domain :Spamhous is project which has almost key advisories list. : This website provide service to check blacklisting of server The website provides multiple service plus reporting the spammer
  • 35. Big players supporting DMARC
  • 36. Presented By: Sharad Kumar Chhetri