E-Mail Technology Definition and Solutions

E-Mail Technology topics covering definition, objectives, systems and solutions.

By
Mon, January 07, 2008
Page 4

And, of course, IMAP e-mail isn't accessible without an active Internet connection or syncing with a local computer.

Many of the pro and con arguments for POP e-mail are the flip side of IMAPs. Because the messages are downloaded to an individual computer, the message box size is limited only by the users' available hard disk space, and messages are available anytime—but they're available only on that one computer, and if the disk crashes... oops. It also gives the user an illusion of privacy, though while messages are stored on the server (until sent to the MUA) the company does have access to them. In any case, POP3 is widely used for dial-up connections (which, yes, do still exist) and it works with older e-mail clients (to which some users cling).

How does spam filtering work?

It's one thing to say, "Get rid of spam, but don't lose any real mail." It's another to accomplish that goal. Problems can ensue from messages falsely declared to be spam, from messages falsely declared not to be spam, and from the annoyances that some spam-fighting methods can create for communication among business correspondents. In other words: It isn't perfect. It's necessary, much to everyone's dismay, but the technology is still a work in progress.

E-mail can be filtered at any point in the message-passing process. It's unlikely to happen on the outgoing side (presumably because spammers are aware of what they're doing). Inbound e-mail can be examined on the server (should the company decide to do so, and most enterprises do), and on the client (MUA).

At the e-mail server level, messages may be examined by appliances or dedicated software (which include antivirus tools), or with features built into the e-mail server itself (though some require customization or add-on utilities).

Server antispam methods are wide-ranging. A small sample of the methods used include:

  • Examining the message's "envelope" in various ways. That is, the information about the message, such as its stated return address, is probed to ensure that it follows the RFCs.

  • Using Sender Policy Framework (SPF) records to prevent sender address forgery. SPF ensures that messages claiming to come from a domain came from their correct mail server. SPF protects the envelope sender address, which is used for the delivery of messages, by allowing a domain owner to specify which mail servers they use to send mail from their domain. If the message comes from an unknown server, it can be considered a fake.

  • Consulting a DNS block list (sometimes called realtime blackhole lists). These services list the IP addresses (primarily ISPs) whose owners have been reported to send spam or to fail to stop its proliferation via spam relay.

  • Intentionally "greylisting" mail. This instructs a mail server to respond to a new correspondent with a digital, "Huh? Say what? Try that again." A momentary delay is no hardship for real mail servers, which are smart enough to resend the message one, five, 15 minutes later, but spammers don't retry.

  • Teergrubing (pronounced "teer groobing"). This deliberately slows down delivery depending on volume. The more messages sent by a single address, the more slowly the recipient mail server responds to the sender. The first message zooms right through. The second has, say, a one-second delay. The third waits two seconds, and so on. Valid senders, even those mailing a few dozen messages, aren't particularly affected; if a message is delayed by three minutes, so what? But address harvesters who mail millions of test messages are locked into an incredibly slow connection, which can take days to complete, and which keeps them from overwhelming your mail server.

When server filters work, it's less necessary to install a client-side filter. But not every company installs server-side filtering, or they do a less-than-conscientious job at maintaining the software (keeping up with it can be a full-time job). Subscribers to commercial ISPs have even less control.

Fortunately, most e-mail client applications, both Web mail and desktop-based, include some kind of spam filtering, and you can purchase add-ons to sift through messages and sort the probable-unsavory into a specialized "unsure" folder or otherwise mark them for careful examination. (Doing so, however, requires that you actually examine the messages.) Here are a few of the methods used:

  • Header filters examine the message headers—subject, from, to, the relay-chain of servers—to see if they are forged. Since spammers can't give their actual source (or they'll quickly be shut down) they have to lie about their origin. Some antispam programs can detect forged headers, which often means that the message is spam. (Unfortunately, plenty of publications have a "share this link!" option that forges the from to convince the recipient the news article comes from a trusted friend. It's a bad idea on their part, because many servers and MUAs will reject the messages—but it's not actually spam.)

  • Language filters eliminate messages not in your native tongue, so that English speakers don't see messages written in Chinese or Russian or Hebrew.

  • Content filters are among the oldest form of spam filters, and they're also the least effective. These filters look at the message text and use fuzzy logic to determine whether a message is definitely spam, definitely "ham" (i.e., not spam), or (depending on the software you choose) uncertain enough to suggest you look at it yourself. Spammers are innovative in their own twisted way, however, so they do bizarre things to get around content filters, such as intentionally misspelling words and using graphic files.

  • Permission filters require senders to authenticate themselves. The first time you write to a person who uses one of these services, you're sent an autoresponse requiring you to visit a webpage to enter your information. These are completely unsuitable for many business users, and they may piss off casual acquaintances who don't wish to give their personal information to a third-party organization. Because such services generally advertise themselves in the process of telling the would-be sender to sign up, some users consider permission filters to be unsolicited commercial e-mail (UCE), and thus spam.

There's a lot more to e-mail than I've discussed in this brief overview. Among the unanswered topics are e-mail archiving, administering e-mail lists and encryption of e-mail messages. The above, however, should get you well on the way to understanding how the system works.

White Papers »
Delivering a Greener Data Center
This paper covers power utilization, intelligent power management and industry best practices for energy efficiency. Extreme Networks® takes a lifecycle approach to power efficiency, management and recycling, offering savings to our customers and promoting a greener world.
Cloud-Scale Networks Using Open Fabric Architectures
Virtualization and cloud are driving new requirements for data center network performance, VM support, automation and simplified orchestration. This paper outlines Extreme Networks® open fabric approach to high speed, low latency networks for modern data centers.
Mobility in the Network: A Phased Technology Approach
The evolution of the network to provide the intelligence needed to address user, device and application mobility is underway. In this white paper, Extreme Networks® outlines the five phases required to bring mobility into the network.
Virtual Patching with Network Security
The McAfee virtual patching solution provides a layered approach to security risk management, while adding the ability to apply a virtual patching strategy to your existing change-management process.
Gartner Next Generation Network IPS Research Note
Learn more about Gartner's evaluation of network IPS that places McAfee in the leaders' quadrant. Deep inspection network-based intrusion prevention continues to be a due-diligence security control.
Free Your Time! How Automated IPAM saves time with your company's virtualization, mobility and IPv6 challenges
IP networks are growing at an exponential rate thanks to virtualization, mobile devices and IP v6. But IT departments are under budget constraints and skilled staff is becoming scarce. The solution..
Webcasts »
Optimizing Networks for the Cloud
Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and enterprise campus network infrastructures for the Cloud, and identify ways to better allocate network resources, reduce operating costs and improve application performance.
Gartner Next Generation Network IPS Webcast
Learn how Gartner's criteria for next generation IPS helps organizations achieve effective threat prevention despite changes in network communications, new applications, and changes in the threat landscape.
How Automation Can Take the Pressure Off Your Network
Today's networks are under attack. To build a better network, you've got to understand the stresses that today's networks are under due to mobility, virtualization and cloud computing.
Virtualization Success is a Team Effort
As greater numbers of datacenter servers transition from the physical to the virtual world, the components of virtualization success come to the fore. What scores of organizations have discovered is that success is derived from an optimal pairing of the right software platform with the right hardware platform.
Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn about VMware customer, Navicure, and their experiences testing and evaluating the recovery manager, their progress in implementing it in their environment and their advice other customers considering using vCenter.
Quantifying the Business Value of VMware View - Webcast
Many enterprises have discovered that the use of virtualization to support desktop workloads creates a range of significant benefits. These benefits include price efficiencies, improved IT management and greater agility and choice for end users.

This VMware sponsored webcast with IDC will provide both quantitative measurement of the business value -- defined as the expected ROI -- and qualitative analysis associated with the use of VMware View™. IDC will also provide an analysis of the View Composer and ThinApp™ features of VMware View, including the business value of these solutions and an overview of how they work.

Attend this webcast to learn about:
- Challenges and barriers that might impede the adoption of desktop virtualization
- Navigating roadblocks to facilitate a strategic implementation
- Optimizing qualitative and quantitative benefits to IT and your business
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

Delivering a Greener Data Center

Cloud-Scale Networks Using Open Fabric Architectures

Mobility in the Network: A Phased Technology Approach

Virtual Patching with Network Security

Gartner Next Generation Network IPS Research Note

Free Your Time! How Automated IPAM saves time with your company's virtualization, mobility and IPv6 challenges

Automated Network Services Deliver on Enterprise's "Time to Value"

Make the Connection: Better Network Connectivity Drives Transformation

Comparison of Avaya and ShoreTel UC Solutions

Comparison of Cisco and ShoreTel Unified Communication Solutions

Investigating UC Vendors

SIP Trunks and UC security

Nemertes Research PilotHouse Awards: IP Telephony

Best Practice Tips on Building a Unified Communications Business Case

Unified Communications Buyer's Guide

The Changing Role of Mobile Communications in the Workplace

Reduce Cellular Spend With ShoreTel Mobility

Improving Business Value of WAN Optimization

Increase IT Performance from the Enterprise to the Cloud

The Changing Requirements of WAN Optimization
Sponsored Links

Push the limits of virtualization with HP. Get the tech dossiers and learn how you can put an end to runaway virtual sprawl.

Splunk translates machine data into "aha" moments for IT and the business.

Evolving Your Data Center for the Cloud

Get Ethernet speeds from 1 Mbps to 10 Gbps - Comcast Business Class

Gain cutting-edge insights at MIT in 2-5 day executive programs.

Converge your infrastructure with HP. Access a valuable case study in the CI Resource Center now.

Redefine Software support with HP

Click to see how Accenture has delivered high performance to clients

Learn how Accenture helps clients become high-performing businesses.

Join the Conversation. Follow Oracle EPM & BI on Twitter Today.

Check Point Trusted by the Global 100

Customized information views & Twitter events at New Fulcrum Point

ShoreTel UC cuts costs like no other. Mobilize your business today.

E-book: Discover Business-Ready Storage Systems For Oracle Environments

Managed Hosting Buyer's Guide - Benefits to key considerations

Discover how integration of operations mgmt and service mgmt enhances productivity.

Converge your infrastructure with HP. Access white papers, case studies, videos and more.

High performance. Delivered. Click to see Accenture's client successes

See how Accenture helps clients perform at the highest levels

Compare risk and TCO in single and multivendor networks on Feb 23.

Connect with global CIOs now at Enterprise CIO Forum

Upcoming Webinar: Managing Cost in the Cloud

Resource Center
buy a link »
Ads by TechWords