Anti-Spam Tool Kit [Paperback]

Paul Wolfe (Author), Charlie Scott (Author), Mike Erwin (Author)

Book Description

ISBN-10: 007223167X | ISBN-13: 978-0072231670 | Publication Date: March 17, 2004 | Edition: 1

Every year businesses spend billions of dollars combating the overwhelming amount of junk email their employees receive. With the Anti-Spam Toolkit, systems administrators have at their fingertips the tools they need to significantly reduce junk email. Through real-world software and examples, the authors demonstrate how to identify spam, deploy the best-suited anti-spam system for a business, keep legitimate email from being mistaken for spam, adapt and improve anti-spam systems, and stay one step ahead of spammers. They also cover the latest and most popular technologies available on the market for the proactive systems administrator. The CD-ROM includes all the tools discussed in the book.

Editorial Reviews

Amazon.com Review

Long ago, unsolicited commercial email graduated from annoyance to serious problem. The problem won't go away until the nature of electronic mail changes (to include a per-message fee, for example), which means that there's lots of work for administrators in managing spam and keeping its load off their networks. That's what Anti-Spam Tool Kit is all about. With balanced coverage of networks making use of Microsoft Windows and those based on various forms of Unix, this book delivers the goods on blacklisting, filtering, and sorting strategies for reducing spam while minimizing the effect of anti-spam tools on legitimate electronic mail.

Unlike a lot of systems administration books with soft, filler-laden chapters, this one's all business. It combines survey data (that is, broad-based data that helps you compare alternative anti-spam solutions) with policy advice (how much old mail to archive, for example) and fairly detailed administrative instructions (such as how to automatically query databases of open mail relays). Most of the covered software appears on the companion CD-ROM, at least in demo form. You can get it all online, but this is a convenient package, and--taken together with the authors' well-written guidance--it'll help you do about all you can to minimize spam's effects on the servers you manage. --David Wall

Topics covered: How to cut down on unsolicited commercial email (UCE or spam) by using DNS blacklists, filters (mainly Bayesian classifiers), and the anti-spam features of various email clients (for Windows, Mac, and Linux). Particularly extensive coverage of SpamAssassin appears in this book.

From the Back Cover

Annihilate Spam for Good!

Get the tools you need to build a spam-fighting e-mail system and put fathead spammers on the run. This book provides the latest in spam-fighting techniques, including spam-squelching tools, anti-spam best practices, and the secrets about the Internet that the spammers don’t want you to know. With Anti-Spam Tool Kit, you’ll learn to build a spam control system across a broad range of solutions, from open source to proprietary, from basic client-based tools to complex gateway solutions, from simple spam control methods to a full-scale strategy for your war on spam.

Explains how to configure and use these and many other key tools:

• Filtering methods: Rule-based, signature, distributed, and Bayesian
• Blacklist services: SpamCop, MAPS, ORDB, SpamHaus
• Gateway-based solutions: Symantec, Surf Control, Brightmail, CipherTrust
• Provider-based solutions: BindMail, SpamShark, SkyScan, E-Mail Bouncer
• Anti-spam tools in: Eudora, Mozilla Mail, Outlook Express, Outlook
• Windows spam filters: KnockKnock, SpamBayes, SpamNet, SpamButcher
• Mac spam filters: POPMonitor, PostArmor, SpamFire
• Linux/UNIX spam filters—SpamAssassin, Vipul’s Razor, Bogofilter
• Windows Server-based solutions—iHateSpam Server Edition, GFI Mail Essentials

CD-ROM contains popular anti-spam tools from the book

Paul Wolfe is an independent information security consultant for Fortune 500 companies, law enforcement, and government.

Charlie Scott, CISSP, CCNP, is an information security analyst for the city of Austin, Texas, where he helps maintain network security infrastructure and policies.

Mike W. Erwin, CISSP, is the President and Founder of Symbiot, Inc., an information security company specializing in intelligent security management and advanced risk metrics.

See all Editorial Reviews

Product Details

• Paperback: 417 pages
• Publisher: McGraw-Hill Osborne Media; 1 edition (March 17, 2004)
• Language: English
• ISBN-10: 007223167X
• ISBN-13: 978-0072231670
• Product Dimensions: 9.1 x 7.4 x 1.1 inches
• Shipping Weight: 2 pounds
• Average Customer Review: 4.3 out of 5 stars  See all reviews (11 customer reviews)
• Amazon Best Sellers Rank: #2,546,484 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

6 of 6 people found the following review helpful:

4.0 out of 5 stars Actionable spam-fighting tips for users of all types, June 7, 2004

By 

Richard Bejtlich "TaoSecurity" (Metro Washington, DC) - See all my reviews
(REAL NAME)   

This review is from: Anti-Spam Tool Kit (Paperback)

I've never been interested in viruses, worms, or spam. All three represent the lowest end of malware, with spam occupying a particularly disdainful place in the computer security hierarchy. I wasn't very excited when a review copy of "Anti-Spam Tool Kit" (ASTK) arrived in the mail, but I found myself drawn in by the value of the content and tools it described. I highly recommend anyone tasked with fighting spam read ASTK.

This book is the first to follow in the genre defined by "Anti-Hacker Tool Kit." While AHTK examined tools used by intruders and defenders, ASTK focuses on tools and techniques to counter unwanted email. AHTK has slightly more coverage of Windows than UNIX applications; ASTK spends more time on Windows, especially with client configurations. As a desktop FreeBSD user, I still found plenty of helpful information.

Since I'm not directly responsible for enterprise anti-spam defenses, ASTK's comparison of the many block lists was particularly enlightening. Prior to reading ch 5 I knew of many lists but not their particular capabilities. I found the coverage of SpamAssassin in chs 6-8 fairly thorough. Ch 14's overview of email and headers very helpful. I had not heard of server-based greylisting until reading ch 15.

I found a few of the authors' comments odd. On p. 250 they claim "most organizations do not run UNIX-based email solutions." I find this difficult to believe, but no proof for the statement is given. Figure 2.2 in ch 2 shows a mail sender using POP/POP-SSL/IMAP/IMAP-SSL to send email. At least using Mozilla and Firefox on UNIX, I connect to my ISP's SMTP server to send email and then retrieve it with POP or IMAP. In ch 3 the authors advocate IPv6 because it makes "a spammer's identity known and verified even if he or she doesn't want it to be." IPv6 should not change many, or any, spammer tactics. Spammers aren't forging TCP sessions with IPv4 now; they forge information (headers, etc.) transferred within application layer data. I believe some of these weird comments could have been addressed by more diligent technical editing.

Overall, I found ASTK enlightening and practical. The authors give enough details on various server- and client-side tools to make implementation (at least on a trial basis) possible. I look forward to other tool-related books in the "Anti-Hacker" series.

3 of 3 people found the following review helpful:

5.0 out of 5 stars Great book to add to your arsenal against SPAM, April 5, 2004

By A Customer

This review is from: Anti-Spam Tool Kit (Paperback)

I've been looking for a book that could really provide me with real life examples on how to stop SPAM at my company's corporate office. We've tried many software suites that have either been too aggressive, too passive, or too complicated to setup. This book compared many open sourced projects that save us a lot of money and time. The book is exactly what we needed. The authors are incredibly knowledgeable, have an easy-to-read writing style, and the examples are easy to follow.

2 of 2 people found the following review helpful:

4.0 out of 5 stars Good description of state of art in 2003, July 8, 2004

By 

W Boudville (Terra, Sol 3) - See all my reviews
(VINE VOICE)    (TOP 1000 REVIEWER)    (HALL OF FAME REVIEWER)    (REAL NAME)   

This review is from: Anti-Spam Tool Kit (Paperback)

The book was written around the end of 2003, and gives an excellent technical description of the main antispam techniques being used by ISPs, companies and individuals.

Bayesian techniques are heavily covered here, along with mention of several proprietary versions. The other main technique of note is Realtime Blacklists (RBLs).

But note that the above, and indeed other methods mentioned, suffer from the drawback of heavy manual intervention. For example, to periodically retrain a Bayesian on new sample sets of spam or nonspam. Or, when considering RBLs, having to manually judge whether a given domain is that of a spammer or not.

At the corporate or ISP level, this manual effort is expensive and ongoing. At the individual level, some, like Paul Graham, who suggested using Bayesians, are willing and able to take the time to retrain their Bayesians. But most users are not willing to continuously do this.

One portion of the book is already crucially outdated. In 2004, AOL, and possibly other ISPs, started applying an RBL against domains found inside the bodies of messages, and not just against domains from the headers. As far as I can tell on a reading of this book, whilst it describes various means of finding and applying RBLs, it does not mention the important idea of using them against body domains.