Putting the Lid on Spam - PowerPoint PPT Presentation

1 / 32

About This Presentation

Title:

Putting the Lid on Spam

Description:

A hit is each time a rule is detected for an e-mail ... 'Auto Training' Sophos PureMessage. Reporting Spam to Sophos for Analysis. Not ... – PowerPoint PPT presentation

Number of Views:59

Avg rating:3.0/5.0

Slides: 33

Provided by: dho78

Category:

more less

Transcript and Presenter's Notes

Title: Putting the Lid on Spam

1
Putting the Lid on Spam

Managing Spam at JCCC
Daniel Holmes
dholmes_at_jccc.edu

2
Todays Discussion

Lets Talk about Spam
Messaging at JCCC
What is IS doing to fight spam?
Ways for you to help fight Spam
Other helpful resources

3
Lets Talk about Spam

Spamming is the abuse of electronic messaging
systems to send unsolicited, undesired bulk
messages
Spam Comes in Many Flavors
Of Course, E-Mail Spam
Also, Instant Messaging, Texting, Blogs, Wikis
Advertising, Viruses, Phishing, Probes
Bounce Messages Often a side-affect of Spam

4
Lets Talk about Spam

Spamming is the abuse of electronic messaging
systems to send unsolicited, undesired bulk
messages
Why do people send Spam?
Virtually free for advertisers to get started
Very difficult to hold senders accountable
Anyone can be a spammer
All of the cost is on the rest of us!

5
Lets Talk about Spam

Spamming is the abuse of electronic messaging
systems to send unsolicited, undesired bulk
messages
Whats the big deal? Why cant you stop it?
Spammers are always moving around
Oodles of very clever spammers out there
Always changing messages, tactics, etc.
Sheer Volume over 91 of all e-mail is SPAM!
A global problem that no one has solved.

6
How do you Detect Spam?

PureMessage 3 Layers of Protection
Is it from a known Spammer? (MTA Blocking)
Is it a Virus? (Anti-Virus Protection)
Does it look like Spam? (Spam Probability)
Other Checks
Did the message originate from off campus, but
claimed to be from a jccc.edu address?

7
E-Mail Messages ReceivedAugust of 2006
8
E-Mail Messages ReceivedJanuary 2007
Wow! Thats a Whole Lotta E-Mail!
9
E-Mail Messages ReceivedMarch 2006
10
E-Mail Messages ReceivedLots and lots of e-mail
11
So, What Happens to Spam?

We have a few options
Mark the message using a hidden message header
Tack Spam in the Subject and Deliver it
Quarantine the message
Discard or Reject it entirely

12
Spam Received in a 12 hour period
13
Spam Probability ScoreThe anti-spam rules, and
how they add up

What are rules?
Sophos supplies hundreds of indicators of
spammy-ness
Each rule carries a weight of its spammy-ness
How are rules used?
A hit is each time a rule is detected for an
e-mail
The weights of all hits form a messages
spam-probability.

Top 15 rule hits in a 24 hour period
14
Spam Probability ScoreMarch, 2007
15
Spam Probability ScoreShape comparison between
August 2006 and March 2007
Notice the difference between the peeks of
Quarantine and Deliver as-is?
16
Spam Probability ScoreTrue comparison between
August 2006 and March 2007
Now, using the same scale--a lot more
messagesand a lot more SPAM!
17
So, is more spam getting through?
18
Is more spam getting through?Declining
Effectiveness in MTA Blocking
Spam that doesnt get stopped at the door gets to
take its chances with the tricking the rules
engine!
19
Anti-Spam Architecture
20
Enough of your Mumbo Jumbo!

Cmon Dan, Spam is Spam. Just make it stop!
Anything about some Foreign Bank account is
Spam.
Anything about Anatrim is Spam.
Anything trying to sell me something is Spam!

21
The Spam Situation - IntermissionWhat we have
covered so far

The types and varieties of Spam
The motives behind the people sending the spam
Tricks and Tactics of the Spammer
Our E-mail Landscape at JCCC
How that e-mail is processed to reduce the Spam
that you see in your inbox

22
Getting on a Spammers list

Clicking on links in e-mails you dont trust
Certainly common in Phishing
Also validates your address for the spammer
unsubscribe links
even loading images
Registering for many websites or products
Sometimes it just cant be helped

23
What can I do to help?

Check your Quarantine Digests!
Use the https//spamfilter website to manage your
approved and denied senders
Use the Junk E-mail filters in Outlook (where
possible)
Send your spam as an attachment
toisspam_at_jccc.edu for trend analysis, etc.

24
Using the spamfilter website

https//spamfilter.jccc.edu
You must use the https//
View your entire Quarantine
Deliver and Approve Senders
Delete from Quarantine
Ban senders from sending you any more e-mail
All Quarantined messages are deleted after 7 days.

25
Using Outlooks Junk E-Mail Filters

Automatic Processing
High levels of effectiveness, even on Low
setting
Learns about Spam trends from Hotmail users, not
just you.
Requires regular updates from Microsoft.
Manual Processing
Select Junk E-mail
Add Sender to Blocked Sender List
Moves the e-mail to the Junk e-mail folder
Also, from the Junk e-mail folder you can mark
Is not Junk

26
Reporting Spam that you Received
Drag and Dropyour Spam

Must be forwarded as an attachment!
Create a new message (ctrln)
and drag Spam onto it Works in all clients
or Insert -gt Item
or Click the arrow next to the paper-clip icon
and select
Send your message to isspam_at_jccc.edu
If you just click forward, we loose a lot of
information.
We can use this information to look for trends
manually, but we have been unable to find a way
to stop each individual e-mail reported.

27
More Information

Visit the Staff/Faculty Website
http//www.jccc.edu/home/depts/helpdesk/site/Getti
ng_Help_Employees/JCCC_e-mail/
Or Go to http//www.jccc.edu and search for
Controlling Spam
You can find lots of helpful documentation on the
www.jccc.edu/home/depts/helpdesk/ website!
Pure Message Anti-Spam Gateway
Certainly more technical, but some helpful
documents for learning the concepts
The Sophos Website http//sophos.com
http//www.sophos.com/products/es/gateway/pm-unix.
html
Check out the PDFs under the Find Out More block
on the right
More technical detail on E-Mail Spam
http//en.wikipedia.org/wiki/E-mail_spam