Spamming Techniques_SpamAssassin: A practical guide to integration and configuration-QQ阅读男生玄幻网

上QQ阅读APP看书，第一时间看更新

Spamming Techniques

Spammers have developed a complex arsenal of techniques for spamming. Important spamming techniques are described in the following sections.

Open Relay Exploitation

An open relay is a computer that allows any user to send email. Spammers use such computers to send spam without the email being traced to its true origin. Open relays are discussed in detail in Chapter 3.

Collecting Email Addresses

Early spammers had to collect email addresses in order to send spam. They use a variety of methods, from collecting email addresses from the Internet and Internet newsgroups to simply guessing email addresses. Email address collection is discussed in detail in Chapter 4.

Hiding Content

Most people can detect spam from the email subject or sender. It is often easy to discard spam emails without even looking at the body. One technique used by spammers is to hide the true content of their emails. Often, the subject of an email is a simple "Hi"; alternatively, an email might appear to be a reply to a previous email, for example "Re: tonight". Other tricks that spammers use include using random names either for the sender or within the email subject. Spammers can also make an email look important, for example, by alluding to a credit card or loan missed payments or work-related subjects.

As spam filters block obvious spam words, such as 'Viagra', spammers deliberately include misspelled words that are less likely to be filtered out; for example, "Viagra" might become "V1agra" or "V-iaggr@". Although the human mind can easily translate the meaning of misspellings unconsciously, a computer program will not associate these words with spam.

Statistical Filter Poisoning

Statistical filter poisoning involves including many random words within an email to confuse a statistical filter. Statistical filters are described in the Anti-Spam Techniques section in this chapter.

Unique Email Generation

To combat email content databases, which store the content of known spam emails doing the rounds, spammers generate unique emails. To confuse the email content database, the spammer only needs to change one random word in the main body of the email. One popular technique is to use the recipient's name within the body of an email.

Trojanned Machines

Spammers are limited by the speed of their Internet connection, be it DSL or dial-up. They are also directly traceable through ISP records. A recent trend among spammers is to use PC virus technology to infect innocent users' computers with virus-like programs. These programs send spam from the innocent parties' PCs. Such an infection is commonly called a Trojan, after the story of the Greeks invading the city of Troy by surreptitious means.

The computers are infected by either emails or websites that target vulnerabilities in email clients or web browsers. Users may be unaware that their computers are being used to send spam, and this can carry on for months before the breach is detected and the computer taken offline and repaired or rebuilt.

The throughput of 100 computers could be at least 10 million emails a day, and this figure could be much greater if the spammer infects computers on a DSL line. Trojan software can also harvest further email addresses for the spammer's database from the address books stored on the trojanned computer.