Printer Friendly

FairUCE.

FairUCE (which stands for "Fair use of Unsolicited Commercial Email") is a spam filter that stops spam by verifying sender identity instead of filtering content. It can stop the vast majority of spam without the use of a content filter and without requiring a probable spam or bulk folder that needs to be checked periodically. As one of the first spam filters that uses sender identity rather than the email content to determine if it is legitimate, all this can be accomplished quickly using simple, inexpensive tests.

Content filters require frequent maintenance (AOL estimates that spammers respond within four hours to a change in a content filter) and require a great deal of processing for complex techniques such as bayesian, heuristics, fingerprinting, etc. The techniques spammers use to get past content filters become laughable, because FairUCE doesn't look at what they say, only at who they are. It virtually eliminates spoofed addresses, phishing, and even many viruses with a few cached DNS look- ups and a couple of if/else statements. Sender identity is the spam-fighting tool of the future. The author of this technology went from over 400 spams a day to just one or two.

How does it work?

Technically, FairUCE tries to find a relationship between the envelope sender's domain and the IP address of the client delivering the mail, using a series of cached DNS took-ups. For the vast majority of legitimate mail, from AOL to mailing lists to vanity domains, this is a snip. If such a relationship cannot be found, FairUCE attempts to find one by sending a user-customizable challenge/response. This alone catches 80% of UCE and very rarely challenges legitimate mail. A future version will incorporate Sender Policy Framework (SPF) or similar sender identification systems; SPF-enabled domains will not require a challenge. Challenges are sent using a dedicated queue with a short lifetime so it does not get bogged down or interfere with legitimate mail.

If a relationship can be found, FairUCE checks the recipients whitelist and blacklist, as well as the domain's reputation, to determine whether to accept, reject, challenge on reputation, or present the user with a set of whitelist/blacklist options. A future version use a real domain reputation system; currently this is implemented as a 'whois' look-up to determine the domains when it first sent mail to the recipent

The FairUCE concept is currently implemented as an SMTP proxy that runs between multiple instances of Postfix on Linux. QMail and Sendmail support are being considered. It should be possible to use existing mail servers) on the inside of the proxy.

http://.alphaworks.ibm.com.tech.fairuce
COPYRIGHT 2005 A.P. Publications Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2005, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Products; unsolicited commercial email
Publication:Software World
Geographic Code:1USA
Date:May 1, 2005
Words:438
Previous Article:Hijack Guard- free.
Next Article:Top twenty viruses reported to kaspersky in April.
Topics:


Related Articles
Spam rules: will they mean less--or more?
Escalating spam wars: districts need multiple tools to fight the rising tide of junk.
New UK spam legislation worthwhile or worthless?
Euro spam confusion.
MyDoom-S poses as funny photos.
Worldwide sweep for internet spam scams.
Da Vinci Code spam hits email Inboxes, Sophos warns.
Security news and products; don't let Christmas spam fill your email stocking.
OFT and EU host international spam summit.
Obscene kama sutra worm spreads via mail.

Terms of use | Privacy policy | Copyright © 2020 Farlex, Inc. | Feedback | For webmasters