E-Mail Technology Definition and Solutions

E-Mail Technology topics covering definition, objectives, systems and solutions.

1 2 Page 4

IMAP has gained popularity because the mail stays on the server. Most mail clients (MUAs) permit users to sync the data to a local hard disk—a necessity for mobility, such as the omnipresent plane trips—but the messages' primary home is on the server. IMAP makes administration far easier for IT managers since there's only one computer to back up and it's easier to control how much disk space is consumed by limiting mailbox size. Users appreciate the ability to access their e-mail from any computer using whichever MUA is convenient, and because IMAP can store message state (such as whether an individual message was read or replied to) and keep Sent messages.

Companies also have more access to the contents of the e-mail, which can be important for regulatory and compliance reasons (such as archiving mail, a topic we won't address here) but also irritating to some users.

IMAP (particularly SSL IMAP, which adds security features) can also enable more efficient bandwidth use. Instead of downloading the messages to the user's inbox, by default IMAP sends message headers (sender, recipient, subject line, etc.). Only the messages selected are sent to the inbox, and clients may retrieve the text portion without retrieving attached files.

However, IMAP has its downsides. If a corporation keeps all the mail on one server, and doesn't back it up (and test those backups) there's a single point of failure. Plus, e-mail messages can be huge, particularly with attachments or embedded images; many companies cope with this by creating rules about disk space (such as "maximum of 100MB"), which irk users who really do need more (or at least who believe they do).

And, of course, IMAP e-mail isn't accessible without an active Internet connection or syncing with a local computer.

Many of the pro and con arguments for POP e-mail are the flip side of IMAPs. Because the messages are downloaded to an individual computer, the message box size is limited only by the users' available hard disk space, and messages are available anytime—but they're available only on that one computer, and if the disk crashes... oops. It also gives the user an illusion of privacy, though while messages are stored on the server (until sent to the MUA) the company does have access to them. In any case, POP3 is widely used for dial-up connections (which, yes, do still exist) and it works with older e-mail clients (to which some users cling).

How does spam filtering work?

It's one thing to say, "Get rid of spam, but don't lose any real mail." It's another to accomplish that goal. Problems can ensue from messages falsely declared to be spam, from messages falsely declared not to be spam, and from the annoyances that some spam-fighting methods can create for communication among business correspondents. In other words: It isn't perfect. It's necessary, much to everyone's dismay, but the technology is still a work in progress.

E-mail can be filtered at any point in the message-passing process. It's unlikely to happen on the outgoing side (presumably because spammers are aware of what they're doing). Inbound e-mail can be examined on the server (should the company decide to do so, and most enterprises do), and on the client (MUA).

At the e-mail server level, messages may be examined by appliances or dedicated software (which include antivirus tools), or with features built into the e-mail server itself (though some require customization or add-on utilities).

Server antispam methods are wide-ranging. A small sample of the methods used include:

  • Examining the message's "envelope" in various ways. That is, the information about the message, such as its stated return address, is probed to ensure that it follows the RFCs.

  • Using Sender Policy Framework (SPF) records to prevent sender address forgery. SPF ensures that messages claiming to come from a domain came from their correct mail server. SPF protects the envelope sender address, which is used for the delivery of messages, by allowing a domain owner to specify which mail servers they use to send mail from their domain. If the message comes from an unknown server, it can be considered a fake.

  • Consulting a DNS block list (sometimes called realtime blackhole lists). These services list the IP addresses (primarily ISPs) whose owners have been reported to send spam or to fail to stop its proliferation via spam relay.

  • Intentionally "greylisting" mail. This instructs a mail server to respond to a new correspondent with a digital, "Huh? Say what? Try that again." A momentary delay is no hardship for real mail servers, which are smart enough to resend the message one, five, 15 minutes later, but spammers don't retry.

  • Teergrubing (pronounced "teer groobing"). This deliberately slows down delivery depending on volume. The more messages sent by a single address, the more slowly the recipient mail server responds to the sender. The first message zooms right through. The second has, say, a one-second delay. The third waits two seconds, and so on. Valid senders, even those mailing a few dozen messages, aren't particularly affected; if a message is delayed by three minutes, so what? But address harvesters who mail millions of test messages are locked into an incredibly slow connection, which can take days to complete, and which keeps them from overwhelming your mail server.

When server filters work, it's less necessary to install a client-side filter. But not every company installs server-side filtering, or they do a less-than-conscientious job at maintaining the software (keeping up with it can be a full-time job). Subscribers to commercial ISPs have even less control.

Fortunately, most e-mail client applications, both Web mail and desktop-based, include some kind of spam filtering, and you can purchase add-ons to sift through messages and sort the probable-unsavory into a specialized "unsure" folder or otherwise mark them for careful examination. (Doing so, however, requires that you actually examine the messages.) Here are a few of the methods used:

  • Header filters examine the message headers—subject, from, to, the relay-chain of servers—to see if they are forged. Since spammers can't give their actual source (or they'll quickly be shut down) they have to lie about their origin. Some antispam programs can detect forged headers, which often means that the message is spam. (Unfortunately, plenty of publications have a "share this link!" option that forges the from to convince the recipient the news article comes from a trusted friend. It's a bad idea on their part, because many servers and MUAs will reject the messages—but it's not actually spam.)

  • Language filters eliminate messages not in your native tongue, so that English speakers don't see messages written in Chinese or Russian or Hebrew.

  • Content filters are among the oldest form of spam filters, and they're also the least effective. These filters look at the message text and use fuzzy logic to determine whether a message is definitely spam, definitely "ham" (i.e., not spam), or (depending on the software you choose) uncertain enough to suggest you look at it yourself. Spammers are innovative in their own twisted way, however, so they do bizarre things to get around content filters, such as intentionally misspelling words and using graphic files.

  • Permission filters require senders to authenticate themselves. The first time you write to a person who uses one of these services, you're sent an autoresponse requiring you to visit a webpage to enter your information. These are completely unsuitable for many business users, and they may piss off casual acquaintances who don't wish to give their personal information to a third-party organization. Because such services generally advertise themselves in the process of telling the would-be sender to sign up, some users consider permission filters to be unsolicited commercial e-mail (UCE), and thus spam.

There's a lot more to e-mail than I've discussed in this brief overview. Among the unanswered topics are e-mail archiving, administering e-mail lists and encryption of e-mail messages. The above, however, should get you well on the way to understanding how the system works.

Copyright © 2008 IDG Communications, Inc.

1 2 Page 4
Get the best of CIO ... delivered. Sign up for our FREE email newsletters!