IBM AH0QXML User Guide - Page 20
Spam avoidance techniques, 2.1.1 Passive harvesting attacks
View all IBM AH0QXML manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 20 highlights
users to not receive spam is to have them avoid having their e-mail addresses added to a spammer's list in the first place. We discuss how spammers usually accumulate these e-mail addresses and how you can help your users protect theirs. 2.1 Spam avoidance techniques From a server point of view, the most efficient way to handle spam is not to have it delivered in the first place. This is why, as a Domino server administrator, it is in your best interest to help inform your users about how to avoid getting on spam lists in the first place. If they do this effectively it can save time administering spam rejection tools. Most users, when confronted with spam, will not understand why they are getting it. Some users definitely get more spam than others, though, so we know that there is some user behavior that correlates to the amount of spam that they will receive. The best way to understand the behavior to avoid is to look at how most spammers get e-mail addresses in the first place. 2.1.1 Passive harvesting attacks In this section we introduce some passive harvesting techniques that spammers use to obtain e-mail addresses. To learn about how to protect your Domino 6 server from harvesting attacks, see 4.5, "Protecting your Domino server from active address harvesting attacks" on page 62. Web harvesting Spammer Web robots or "bots" operate like Web search engine bots, except they look specifically for [email protected] patterns in the Web page text. When an e-mail address pattern is found they store it with other e-mail addresses for use in bulk mailing. You can defend against spammer Web-bots by obfuscating mail addresses when they are placed on Web pages. The best option for defense is placing e-mail addresses into graphics. Alternatively, you can hide them inside javascript, or simply provide human-recognizable alterations to the address that make it invalid for e-mailing, or make it more difficult for the Web-bot to recognize any e-mail address pattern. Usenet harvesting Spammer news-bots use a concept similar to that used by Web search engine bots. Spammers can subscribe to any usenet group. Then after downloading posts from a usenet group, the news-bots look for [email protected] patterns in posted message content and headers. When an e-mail address pattern is found 8 Lotus Domino 6 spam Survival Guide for IBM eServer