?
Solved

Image Spam

Posted on 2006-11-07
5
Medium Priority
?
250 Views
Last Modified: 2010-03-06
Hi,

We seem to be getting a lot more spam getting through our filtering system.  These appear to be using images with text on them rather than the usual spam which is pretty much 100% removed.

We use an external company to filter spam.  I am considering using an additional filter within our network to try and remove the remaining spam.

I dont beleive it is possible to determive from an image what is spam and what isnt.  They dop appear to have long names for the images though.

Is it possible to filter on images within emails and attachments based purely on the name and length of the image name or is this asking a bit much??

Any suggestions as to what would provide the best means of filtering image spam which I beleive is going to get very much worse over time.

Would the following Linux based application be better than a Windows based software solution??

http://www.clearswift.com/products/msw/smtp_appliance/microsite/default.aspx

 
Jess
0
Comment
Question by:jessmca
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 8

Author Comment

by:jessmca
ID: 17891970
We are using Exchange 2003 with an external filter company.  No emails arrive at the exchange server except from our filter company.

More or less no spam gets through except for these new breed using images only instead of text.

Jess
0
 
LVL 23

Expert Comment

by:Stacy Spear
ID: 17899950
This is a constant and never ending battle. Blocking image only mails is easy. Blocking mails with specific src codes also easy. But the spammers change their patterns and now I have 10 different spam filters looking only for images, and yet they still slip through. SPAM is a moving target!

We are moving to converting all mails to text as a result.
0
 
LVL 104

Accepted Solution

by:
Sembee earned 1200 total points
ID: 17902561
I am dealing with most image spam via greylisting. Doesn't stop all of it, but catches a lot. IMF has also improved lately and is catching a lot of image spam. I use IMF as one of three layers of protection.

Simon.
0
 
LVL 23

Assisted Solution

by:Stacy Spear
Stacy Spear earned 800 total points
ID: 17902617
I have 2 IronPort C60s using a whole battery of tests. Reverse DNS, reputation filters, etc. Stops 90% of the crap. My custom filters raise that another 7-8%. What gets through is almost 100% image spam. Write new filters about twice a month to deal with new signatures. But the Army has decided to just convert all mails to text now. I think it is too broad a sword, but not every org has the tools, experience, and expertise we have.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question