This is the first book of its kind to document the detailed application of
forensic analysis techniques to the field of e-mail security. Both investigative
and preventative techniques are described but the focus is on prevention.
The world has been subjected to an increasing wave of spam and more recently,
scamming and phishing attacks in the last twenty years. Such attacks now include
industrial espionage and government-sponsored spying. The volume and sophistication
of such attacks has rendered existing technologies only partially effective
leaving the end-user vulnerable and the number of successful attacks is increasing.
The seeds of this book were sown three years ago when I was
trying to recover
my 20 year-old e-mail address from the clutches of spammers who had rendered
it almost unusable with more than 140,000 junk messages a day.
It got to the point where I was invited by my ISP to either
change it or take it elsewhere. Instead I decided to find out how to prevent
the deluge, acquired my own servers and began researching.
The book is a mixture of analysis, experiment and implementation in almost
equal proportions with detailed description of the defence in depth necessary
to turn the tidal wave of junk aside leaving only what the end user wants to see
- no more and no less. It covers:-
- 1. The rise of e-mail
- 2. How it all works
- 3. Scams, spam and other abuse
- 4. Protection: the principles of filtering
- 5. Going deeper: setting up a mail server
- 6. Advanced content filtering
- 7. The bottom line - how well can we do ?
- 8. Where is all this going ?
There is something here for everyone I hope. Chapters 1-4 are suitable
for the general reader who just wants to understand how spammers and scammers work
and find out a little more about the many forms of attack. Chapters 5 and 6 are
highly technical and suitable for both e-mail administrators and theoreticians
and include a discussion of the latest computational and
mathematical techniques for detecting textual patterns.
Chapter 7 presents the results of applying the techniques in this book on
the several million junk messages my servers received over a
10 month period.
Chapter 8
tries to see into the future a little to predict how the arms race between
the attackers and defenders might go. Finally, those interested in governance
will find discussions of the dangers of release of e-mail addresses under Freedom of Information Requests.
The book contains many illustrations of attacks and is supported by numerous code
examples in Perl and C.
Perfection is impossible, but
if you follow the advice in this book, you can build mail systems which provably make
no more than 5 mistakes per million messages received, very close to the
definitive manufacturing standard of six sigma. The threat from viruses
effectively disappears and the e-mail user is secured from toxic content.
(Adapted from book description)
|