Tree TromboneOfMassDestruction

Navigation ...


Scientific Writing ...


Other Writing ...


Reference details

Author(s) Year Title Reference Available from

Les Hatton


Email Forensics: Eliminating Spam, Scam and Phishing

ISBN 978-1-908422-00-2Email Forensics

Synopsis and invited feedback

This work was or is being reviewed by domain-specific experts appointed independently.

If you would like to provide feedback just e-mail me here.

Synopsis Invited Feedback Importance (/10, author rated :-) )

This is the first book of its kind to document the detailed application of forensic analysis techniques to the field of e-mail security. Both investigative and preventative techniques are described but the focus is on prevention.

The world has been subjected to an increasing wave of spam and more recently, scamming and phishing attacks in the last twenty years. Such attacks now include industrial espionage and government-sponsored spying. The volume and sophistication of such attacks has rendered existing technologies only partially effective leaving the end-user vulnerable and the number of successful attacks is increasing.

The seeds of this book were sown three years ago when I was trying to recover my 20 year-old e-mail address from the clutches of spammers who had rendered it almost unusable with more than 140,000 junk messages a day. It got to the point where I was invited by my ISP to either change it or take it elsewhere. Instead I decided to find out how to prevent the deluge, acquired my own servers and began researching.

The book is a mixture of analysis, experiment and implementation in almost equal proportions with detailed description of the defence in depth necessary to turn the tidal wave of junk aside leaving only what the end user wants to see - no more and no less. It covers:-

  • 1. The rise of e-mail
  • 2. How it all works
  • 3. Scams, spam and other abuse
  • 4. Protection: the principles of filtering
  • 5. Going deeper: setting up a mail server
  • 6. Advanced content filtering
  • 7. The bottom line - how well can we do ?
  • 8. Where is all this going ?
There is something here for everyone I hope. Chapters 1-4 are suitable for the general reader who just wants to understand how spammers and scammers work and find out a little more about the many forms of attack. Chapters 5 and 6 are highly technical and suitable for both e-mail administrators and theoreticians and include a discussion of the latest computational and mathematical techniques for detecting textual patterns. Chapter 7 presents the results of applying the techniques in this book on the several million junk messages my servers received over a 10 month period. Chapter 8 tries to see into the future a little to predict how the arms race between the attackers and defenders might go. Finally, those interested in governance will find discussions of the dangers of release of e-mail addresses under Freedom of Information Requests.

The book contains many illustrations of attacks and is supported by numerous code examples in Perl and C.

Perfection is impossible, but if you follow the advice in this book, you can build mail systems which provably make no more than 5 mistakes per million messages received, very close to the definitive manufacturing standard of six sigma. The threat from viruses effectively disappears and the e-mail user is secured from toxic content.

(Adapted from book description)

None yet9

Related links

Related papers and links

Auto-generated: $Revision: 1.63 $, $Date: 2020/01/25 16:18:09 $, Copyright Les Hatton 2001-