Athena Chong Spam E-Mail

NGHIN CU V CUNG CP CC CNG C CHNG SPAM
TRN H THNG MAIL SERVER

MN : AN TON MNG

GIO VIN:
Thy V Thng, GV an ninh mng ATHENA

SINH VIN THC HIN:
0512130 Dng Thanh Huy
0512408 H Th Thanh Vy
0512418 Phm Hong Linh

Contents
1. Spam mail ................................................................................................................. 4
Chng spam trn h thng mail server

An Ton Mng 2
Trung tm o to qun tr & an ninh mng ATHENA www.ATHENA.edu.vn
1.1. Spam mail l g ? .................................................................................................... 4
1.2. c im ca Spam mail ....................................................................................... 4
1.3. Cch thc hot ng ca Spam mail..................................................................... 5
1.3.1. Thu thp a ch email ......................................................................................... 5
1.3.2. Pht tn email ...................................................................................................... 6
1.4. Cc loi Spam mail................................................................................................. 7
1.4.1. Harvested address spam ...................................................................................... 7
1.4.2. Virus spam........................................................................................................... 7
1.4.3. Domain name spam............................................................................................. 7
1.4.4. Dictionary spam................................................................................................... 7
1.4.5. Window messenger spam.................................................................................... 8
1.4.6. Hacked mail service spam..................................................................................... 8
1.5. Tc hi ca spam mail ............................................................................................ 8
2. Chng Spam trn h thng mail server ................................................................... 10
2.1. Cc c ch chng spam mail ................................................................................ 10
2.1.1. S dng DNS blacklist ........................................................................................ 10
2.1.2. S dng SURBL list ........................................................................................... 11
2.1.3. Kim tra ngi nhn........................................................................................... 12
2.1.4. Kim tra a ch .................................................................................................. 13
2.1.5. Chn IP .............................................................................................................. 13
2.1.6. S dng b lc Bayesian ................................................................................... 14
2.1.7. S dng danh sch Black/white list................................................................... 15
2.1.8. Kim tra Header................................................................................................. 16
2.1.9. S dng tnh nng Challenge/Response............................................................ 17

An Ton Mng 3
2.2. Cc cng ngh chng spam mail .......................................................................... 18
2.2.1. Tem cho email ................................................................................................... 18
2.2.2. Ci mt m......................................................................................................... 18
2.2.3. Khai bo thng tin ............................................................................................. 18
2.2.4. Lc email qua ni dung ..................................................................................... 18
2.2.5. Lc theo danh sch website chuyn tip ........................................................... 19
2.3. Cc bin php phng trnh spam mail ................................................................. 19
3. Cc cng c chng spam cho mail server ................................................................ 21
3.1. Software................................................................................................................ 21
3.1.1. VinaCIS AntiSpam............................................................................................ 21
3.1.2. GFI Mail Essentials ........................................................................................... 22
3.1.3. eWall.................................................................................................................. 24
3.2. Hardware .............................................................................................................. 25
3.2.1. Tng la lc th rc Barracuda Spam Firewall .............................................. 25
Ti liu tham kho ......................................................................................................... 27

I . Spam mail v cc vn lin quan

An Ton Mng 4
1. Spam mail
1.1 . Spam mail l g ?
Spam mail (th rc) l cc th in t v b thng cha cc loi qung
co c gi mt cch v ti v v ni nhn l mt danh sch rt di gi t cc c
nhn hay cc nhm ngi v cht lng ca loi th ny thng thp. i khi, n
dn d ngi nh d, tm cch c s th tn dng v cc tin tc c nhn ca h.

1.2 . c im ca Spam mail
Ngi dng hp th c th c cm gic b "tra tn" bng cc th in t
qung co. Cc spam th v hi nhng mi ngy nhiu ngi c th v cc spam
mail ny m b y c hp th. Trong nm 2003 khi cc phn mm chng spam
cha ph bin v c ca cc hp th in t cn gii hn th c rt nhiu ngi
dng email phi nhn c trm spam trong mt ngy m ch c ng vi ni dung
khc nhau. Ti sao cc spam li lp i lp li mt ci th qung co c chc ln
cho mt hp th? Mt l do l cc hng qung co mun dng hiu ng tm l.
Khi hnh nh sn phm no c p vo mt ngi c mi th n lc cn mua
mt th c chc nng tng t (hay cng loi) th chnh hnh nh thng hiu ca
ci spam mail s hin n trong c ngi trc tin. L do khc l kch thch s
t m ca ngi dng email mun c th mt spam xem c ni dung g bn
trong.
Spam mail khng c "c tnh", hiu theo ngha c hi cho my tnh, m
ch i khi lm ngi ch hp th kh chu hoc i khi lm cho cc th t khc
quan trng hn thay v nhn c th li b tr v cho ngi gi v l do hp th
ngi nhn qu y.
Tuy nhin, khng th trnh c cc spam mail c ni dung khiu khch
hay li dng. Vic quan trng nht ca ngi dng hp th l ng bao gi tr li
hay xc nhn bt k g m cc th ny yu cu v vic n gin l xa chng i.

An Ton Mng 5
Cc chi ph chuyn th, cha th v x l th nhng lm thuc v ngi
dng hay t chc cung ng Webmail. Tuy nhin cn phn bit r rng hon ton
hp php khi c cc email tip th.
Nhng ngi gi spam thng ngy to nhng thng tin gi nh l tn, a
ch, s in thoi... nh la cc ISP. H cng thng dng s gi hay s n
cp ca cc th tn dng chi tr cho cc ti khon. Vic ny cho php h di
chuyn tht nhanh t mt ti khon ny sang ti khon khc mi ln b pht hin
v b ng ti khon bi cc ch ISP.

1.3. Cch thc hot ng ca Spam mail
1.3.1. Thu thp a ch email
Bc u tin m cc Spammer s dng l thu thp email cng nhiu
cng tt, v sau gi mail hng lot cho cc a ch email c. u tin, cc
Spammer s thu thp a ch email t cc trang web c xut bn trn mng
internet thng qua vic nhn dng k t @ - i din cho mt a ch email. Cch
ny kh hiu qu di s tr gip ca cc phn mm lc email chuyn dng.
Cch th 2 l thnh lp cc trang web vi ni dung "nng bng, khiu gi",
hp dn chiu d nhng ngi nh d, ch cn li email trn textbox: "Would
you like to receive e-mail newsletters from our partners?" hoc: Enter email to
receive largest prize of the year... hoc l: Enter email to chat with her bn
cnh l tm hnh mt c gi xinh p no .
Cch th 3 l tham gia cc din n, website c s dng thng tin ng k
qua email kch hot ti khon, nhng tay spammer thng thu thp s lng
ln t cc forum dng ny thng qua cc phn mm, cc bot t ng d tm email
hoc... cc Admin bn email thnh vin cho nhng cty chuyn i spam mail hay
gi vi ci tn p hn l Email Marketing.
Cch th 4 v mang li hiu qu nht vn l Dictionary Attack, cch ny s
dng phng thc lp trnh sn cho mt chic my tnh c th to ra rt nhiu bin

An Ton Mng 6
th t mt a ch email bng cch thay i cc k t - v d nh
email1@gmail.com ri ti email2@gmail.com, c tip tc nh vy... n s t
ng sinh ra c ngn ci email khc nhau ch bng cch sa vi ch ci hay vi
con s.

1.3.2. Pht tn email
Sau khi thu thp c hng trm ngn email bng cc cch trn.
Bc tip theo Spammer pht tn th ti cc email thu thp c. Vic pht tn
email c thc hin vi nhiu cch. Cch th nht l cc Spammer phi b tin
u t trang b cho mnh rt nhiu h thng my tnh, modem v ng truyn
Internet tc cao Spam, cch th hai l gi Spam thng qua nhng my ch
(open proxy servers).
Cch na khng th khng ni n h thng Botnet nhng my b nhim
backdoor chim quyn iu khin, nhng my con ny to thnh mt h thng
mng Botnet khng l c th ln n hng nghn my tnh ni mng, ngoi cng
dng DDoS hu hiu n cn l ni pht tn th rc ngoan ngon v an ton cho
cc Spammer, Hacker. Cch ny kh nguy him cho ngi dng internet nhng
mang li hiu qu kh ln cho cc Spammer chuyn nghip.


An Ton Mng 7
1.4. Cc loi Spam mail
1.4.1. Harvested address spam
y l loi spam ph bin nht. Spammer s dng gin ip hay spam bot
kim tra hu ht cc a ch website trn internet. Spam bot s tm kim trong
code ca mi trang web k t @. Khi n tm thy mt k t @, n bit rng n
tm thy mt a ch email. Sau n s thu thp cc bit k cn k t @ ly
c a ch email v thm vo trong c s d liu ca spammer, ni cha
hng triu a ch thu thp c. T nhng a ch ny s nhn c rt
nhiu spam.

1.4.2. Virus spam
My tnh ca mt ai b nhim loi virus ny. Khng may l trong
address book ca h c cha a ch email ca bn. Virus s gi spam ti mi a
ch c trong address book .

1.4.3. Domain name spam
Spammer cho rng hu ht cc website u s dng a ch email dng
chung l sale@... hay info@... H ch vic gi spam n tt c cc email c chun
chung nh vy ti mi tn min trn th gii.

1.4.4. Dictionary spam
i khi bn nhn c spam theo dng t in khi bn s dng mt dch v
email ph bin. Spammer s to ra cc bin th t mt a ch email bng cch
thay i mt vi k t, c nh th s to c hng nghn cc a ch khc nhau.


An Ton Mng 8
1.4.5. Window messenger spam
Bn c thy xut hin thanh pop up vi dng ch Messenger Service trn
thanh tiu hay khng ? Nu c tc l bn c th nhn c Window
messenger spam.

1.4.6. Hacked mail service spam
Mt vi ISP hay dch v webmail c th b hack bi cc spammer hay cc
a ch mail c th b bn cho cc spammer. Cn c k nhng iu l khi ng k
a ch mail. Tm xem c box no ni rng: Chng ti c th gi a ch email
ca bn cho mt bn th 3, nh du vo y nu bn khng mun nhn nhng
thng tin tip th t cc cng ty khc .. hay khng.

1.5. Tc hi ca spam mail
Mi nm lng th rc tng ln mt cch chng mt vt qua mi s ngn
chn ca nhiu phn mm bo mt, cc t chc nghin cu. V tc hi do n th
khng th o hay tnh c, nhng theo thng k ca Internet Week th "50 t
USD mi nm" l s tin m cc cng ty, t chc thng mi trn th gii phi b
ra i ph vi nn th rc ang hng ngy tn cng vo hm th ca nhn vin.
M l quc gia chu nhiu thit hi nht, chim 1/3 s tin ni trn. Ngoi vic
gim nng sut lao ng, gy kh chu cho ngi nhn, tc nghn bng thng
mng v ti nguyn lu tr, lm tng thi gian x l ca h thng my ch e-mail,
spam cn l nguyn nhn gy au u cho nhng nh qun tr cc doanh nghip
ln v chng lm h tn hng triu USD mi nm x l v loi b spam mail.
Thng k v spam trn th gii cho thy:
31 t l tng s spam c gi qua internet trong nm 2002, v 60 t
vo nm 2006 (theo Bo co thng 1/2003 ca chnh ph Canada: E-mail
marketing: Consumer choices and business opportunities).

An Ton Mng 9
36% l t l m spam chim trong tng s e-mail lu thng trn internet
nm 2002, tng 8% so vi 2001 (http://www.cnet.com/).
42 spam/ngy l con s trung bnh mt a ch e-mail nhn. Theo nghin
cu ca Cng ty Jupiter Research (M), con s tng ln thnh 70 vo nm
2007 (theo PC Magazine 5/2003).
15 gi/nm l tng s gi mt ngi phi b ra xa spam vo nm
2003, so snh vi 2,2 gi/nm ca nm 2000 (theo Ferris Research;
http://www.cnn.com/2001/TECH/computing/01/04/spam.blocking.idg/index.html.
2-3 USD/thng l chi ph ngi dng phi tr cho ISP kim sot spam
(theo Information Week, 2000).
10 t Euro l tng s tin c tnh ngi dng e-mail trn ton th gii
phi chi tr hng nm cho spam
(http://europa.eu.int/comm/internal_market/en/dataprot/studies/spam.htm).
25% trong tng s spam mang ni dung khiu dm v rao bn cc sn
phm, dch v lin quan (http://www.brightmail.com/pdfs/gartner_rebuilt.pdf).
Trn 53% l tng s gi hot ng hng nm ca cc my ch e-mail phi
dng x l spam v cc dng tn cng e-mail vo nm 2002 (theo cng ty
Postini, chuyn cung cp cng ngh x l spam - http://www.postini.com/).
74% l t l ngi dng internet tin rng ISP ca h phi c trch nhim
x l spam (Cng ty Nghin cu Gartner Group).
36% l t l ngi dng phi thay i ISP gim bt s lng spam
m h nhn (Cng ty Nghin cu Gartner Group).
Spam l l do th t khin ngi dng thay i ISP: L do th nht l li
kt ni, th hai l gi thnh, th ba l thng bo bn, th t l spam (theo
SpamCon Foundation, 2002).
i vi cc doanh nghip, cc chi ph trc tip phi tr bao gm phn cng
my ch (khng gian a cng lu gi cc thng ip), bng thng (spam lm
nghn mng hoc khin mng hot ng khng n nh) v chi ph nng cp my
trm. Nhng hao tn thi gian xa cc spam mi l iu ng ni hn. Cc nh

An Ton Mng 10
cung cp dch v internet (ISP) cng l nn nhn c bit ca spam bi chng lu
thng trn mng thng xuyn, khin h phi lu tr hng triu th rc nh vy.
Cc chuyn gia v spam lo ngi: Spam s lm thay i cch s dng e-mail v cu
trc internet ton cu.

2. Chng Spam trn h thng mail server
2.1. Cc c ch chng spam mail
Spam mail gy ra rt nhiu tc hi, v th vic phng chng v ngn chn
spam mail l cn thit. Hin c nhiu cng ty phn mm cung cp cc gii php
chng spam, mi dng sn phm c nhng tnh nng v u nhc im ring
nhng hu ht cc sn phm hot ng u da vo mt s nguyn l sau:

2.1.1. S dng DNS blacklist

Phng php s dng DNS black list s chn cc email n t cc a ch
nm trong danh sch DNS blacklist. C hai loi danh sch DNS Blacklist
thng c s dng, l:

An Ton Mng 11
Danh sch cc min gi spam bit, danh sch cc min ny c lit
k v cp nht ti a ch http://spamhaus.org/sbl.
Danh sch cc my ch email cho php hoc b li dng thc hin vic
chuyn tip spam c gi i t spammer. Danh sch ny c lit k v cp nht
thng xuyn ti a ch http://www.ordb.org. C s d liu Open Relay Database
ny c duy tr bi ORDB.org l mt t chc phi li nhun.
Khi mt email c gi i, n s i qua mt s SMTP server trc khi
chuyn ti a ch ngi nhn. a ch IP ca cc SMTP server m email
chuyn qua c ghi trong phn header ca email. Cc chng trnh chng spam
s kim tra tt c cc a ch IP c tm thy trong phn header ca email
sau so snh vi c s d liu DNS Blacklist bit. Nu a ch IP tm thy
trong phn ny c trong c s d liu v cc DNS Blacklist, n s b coi l spam,
cn nu khng, email s c coi l mt email hp l.
Phng php ny c u im l cc email c th c kim tra trc khi ti
xung, do tit kim c bng thng ng truyn. Nhc im ca phng
php ny l khng pht hin ra c nhng email gi mo a ch ngi gi.

2.1.2. S dng SURBL list


An Ton Mng 12

Phng php s dng SURBL pht hin spam da vo ni dung ca email.
Chng trnh chng spam s phn tch ni dung ca email xem bn trong n c
cha cc lin kt c lit k trong Spam URI Realtime Blocklists (SURBL)
hay khng. SURBL cha danh sch cc min v a ch ca cc spammer bit.
C s d liu ny c cung cp v cp nht thng xuyn ti a ch
www.surbl.org.
C nhiu danh sch SURBL khc nhau nh sc.surbl.org, ws.surbl.org,
ob.surbl.org, ab.surbl.org..., cc danh sch ny c cp nht t nhiu ngun.
Thng thng, ngi qun tr thng kt hp cc SURBL list bng cch tham
chiu ti a ch multi.surbl.org. Nu mt email sau khi kim tra ni dung c cha
cc lin kt c ch ra trong SURBL list th n s c nh du l spam email,
cn khng n s c cho l mt email thng thng.
Phng php ny c u im pht hin c cc email gi mo a ch
ngi gi nh la cc b lc. Nhc im ca n l email phi c ti xung
trc khi tin hnh kim tra, do s chim bng thng ng truyn v ti
nguyn ca my tnh phn tch cc ni dung email.

2.1.3. Kim tra ngi nhn
Tn cng spam kiu t in s dng cc a ch email v tn min bit
to ra cc a ch email hp l khc. Bng k thut ny spammer c th gi
spam ti cc a ch email c sinh ra mt cch ngu nhin. Mt s a ch email
trong s c thc, tuy nhin mt lng ln trong l a ch khng tn ti v
chng gy ra hin tng lt cc my ch mail.
Phng php kim tra ngi nhn s ngn chn kiu tn cng ny bng
cch chn li cc email gi ti cc a ch khng tn ti trn Active Directory hoc
trn my ch mail server trong cng ty. Tnh nng ny s s dng Active
Directory hoc LDAP server xc minh cc a ch ngi nhn c tn ti hay

An Ton Mng 13
khng. Nu s a ch ngi nhn khng tn ti vt qu mt ngng no (do
ngi qun tr thit lp) th email gi ti s b coi l spam v chn li.

2.1.4. Kim tra a ch

Bng cch kim tra a ch ngi gi v ngi nhn, phn ln spam s
c pht hin v chn li. Thc hin kim tra a ch ngi gi trc khi email
c ti xung s tit kim c bng thng ng truyn cho ton h thng.
K thut Sender Policy Framework (SPF, www.openspf.org) c s dng
kim tra a ch ngi gi email. K thut SPF cho php ch s hu ca mt
tn min Internet s dng cc bn ghi DNS c bit (gi l bn ghi SPF) ch r cc
my c dng gi email t min ca h. Khi mt email c gi ti, b lc
SPF s phn tch cc thng tin trong trng From hoc Sender kim tra a
ch ngi gi. Sau SPF s i chiu a ch vi cc thng tin c cng
b trong bn ghi SPF ca min xem my gi email c c php gi email hay
khng. Nu email n t mt server khng c trong bn ghi SPF m min
cng b th email b coi l gi mo.

2.1.5. Chn IP


An Ton Mng 14
Phng php ny s chn cc email c gi n t cc a ch IP bit
trc. Khi mt email n, b lc s phn tch a ch my gi v so snh vi danh
sch a ch b chn. Nu email n t mt my c a ch trong danh sch ny
th n s b coi l spam, ngc li n s c coi l email hp l.

2.1.6. S dng b lc Bayesian

B lc Bayesian hot ng da trn nh l Bayes tnh ton xc sut xy
ra mt s kin da vo nhng s kin xy ra trc . K thut tng t nh vy
c s dng phn loi spam. Nu mt s phn vn bn xut hin thng
xuyn trong cc spam nhng thng khng xut hin trong cc email thng
thng, th c th kt lun rng email l spam.
Trc khi c th lc email bng b lc Bayesian, ngi dng cn to ra c
s d liu t kha v du hiu (nh l k hiu $, a ch IP v cc min...) su tm
t cc spam v cc email khng hp l khc.
Mi t hoc mi du hiu s c cho mt gi tr xc sut xut hin, gi tr

An Ton Mng 15
ny da trn vic tnh ton c bao nhiu t thng hay s dng trong spam, m
trong cc email hp l thng khng s dng. Vic tnh ton ny c thc hin
bng cch phn tch nhng email gi i ca ngi dng v phn tch cc kiu
spam bit.
b lc Bayesian hot ng chnh xc v c hiu qu cao, cn phi to ra
c s d liu v cc email thng thng v spam ph hp vi c th kinh doanh
ca tng cng ty. C s d liu ny c hnh thnh khi b lc tri qua giai on
hun luyn. Ngi qun tr phi cung cp khong 1000 email thng thng v
1000 spam b lc phn tch to ra c s d liu cho ring n.

2.1.7. S dng danh sch Black/white list

Vic s dng cc danh sch black list, white list gip cho vic lc spam
hiu qu hn.
Black list l c s d liu cc a ch email v cc min m bn khng bao
gi mun nhn cc email t . Cc email gi ti t cc a ch ny s b nh du
l spam.

An Ton Mng 16
White list l c s d liu cc a ch email v cc min m bn mong
mun nhn email t . Nu cc email c gi n t nhng a ch nm trong
danh sch ny th chng lun c cho qua.
Thng thng cc b lc c tnh nng t hc, khi mt email b nh du l
spam th a ch ngi gi s c t ng a vo danh sch black list. Ngc
li, khi mt email c gi i t trong cng ty th a ch ngi nhn s c t
ng a vo danh sch white list.

2.1.8. Kim tra Header

Phng php ny s phn tch cc trng trong phn header ca email
nh gi email l email thng thng hay l spam. Spam thng c mt s c
im nh:
trng trng From: hoc trng To:
Trng From: cha a ch email khng tun theo cc chun RFC.
Cc URL trong phn header v phn thn ca message c cha a ch IP
c m ha di dng h hex/oct hoc c s kt hp theo dng
username/password (v d cc a ch: http://00722353893457472/hello.com,
www.citibank.com@scammer.com).
Phn tiu ca email c th cha a ch email ngi nhn c nhn
ha email . Lu khi s dng tnh nng ny vi cc a ch email dng chung
c dng nh sales@company.com. V d khi mt khch hng phn hi bng cch

An Ton Mng 17
s dng tnh nng auto-reply vi tiu your email to sales c th b nh du
l spam.
Gi ti mt s lng rt ln ngi nhn khc nhau.
Ch cha nhng file nh m khng cha cc t nh la cc b lc.
S dng ngn ng khc vi ngn ng m ngi nhn ang s dng.
Da vo nhng c im ny ca spam, cc b lc c th lc chn.

2.1.9. S dng tnh nng Challenge/Response

Tnh nng ny s yu cu ngi ln u gi email xc nhn li email u
tin m h gi, sau khi xc nhn, a ch email ca ngi gi c b sung vo
danh sch White list v t tr v sau cc email c gi t a ch c t
ng cho qua cc b lc.
Do spammer s dng cc chng trnh gi email t ng v h khng th
xc nhn li tt c cc email gi i, v th nhng email khng c xc nhn s
b coi l spam.

An Ton Mng 18
Phng php ny c hn ch l n yu cu nhng ngi gi mi phi xc
nhn li email u tin m h gi. khc phc nhc im ny, ngi qun tr
ch nn s dng phng php ny i vi nhng email m h nghi ng l spam.

2.2. Cc cng ngh chng spam mail
2.2.1. Tem cho email
Theo hai nh nghin cu Fahlman v Mark Wegman thuc Trung tm
Nghin cu ca IBM ti Watson, M, phng php chng spam hiu qu nht l
yu cu nhng ngi khng c tn trong danh sch khch hng thn thit ca
bn phi mua tem cho mi e-mail m h gi cho bn. Mt chng trnh s c
t nm gia my ch e-mail v my tnh c nhn ca khch hng i chiu tn
ngi gi vi danh sch khch hng ca bn. ng tin i lin khc rut, nhng
k gi spam s phi cn nhc k trc khi bm send gi hng lot e-mail.

2.2.2. Ci mt m
Bn gi e-mail thng bo cho tt c mi ngi vi mt on mt m c ci
t sn trong e-mail ca bn, v my ch e-mail ca ISP s ch cho php nhng e-
mail no c on mt m ny i qua.

2.2.3. Khai bo thng tin
Mt chng trnh s chn e-mail t nhng ngi l, v yu cu cung cp
y thng tin c nhn trc khi chuyn e-mail n ngi nhn.

2.2.4. Lc email qua ni dung
Mt chng trnh s thu thp thng tin nm trong phn ni dung ca e-mail
gip cho cc qun tr vin my ch e-mail tch spam ra khi h thng. Phn
mm s lt qua ton b thng ip tm kim nhng t kha c lin quan n

An Ton Mng 19
spam. Chng hn nu bn khng phi l mt bc s, nhng bc th bn mong nhn
c t c lin quan n cc vn gii tnh. V vy, viagra c th l mt t
kha lc th quan trng. Cc c ch lc th phc tp hn c th lc nguyn c
mt on m lnh u ca thng ip, nhng on m ny bm theo sut qu trnh
lun chuyn ca e-mail v cung cp thng tin v chuyn i . Nu mt site spam
c tn trong lch trnh , phn mm s t ng chn bc thng ip li.

2.2.5. Lc theo danh sch website chuyn tip
Mt cng ngh lc khc da trn danh sch cc site chuyn tip. Cng ngh
lc ny kim tra v chn cc thng ip c truyn ti qua nhng im chuyn
tip m rng, tc l cc h thng trn internet cho php ngi s dng dng chng
nh nhng im qu cnh th. Nhng k tn cng bng spam (spammer) thng
xuyn s dng cc im chuyn tip m ny che du tung tch xut x ca
mnh. Trong nhiu trng hp, tin tc tn dng cc l hng bo mt ra lnh
cho cc my ch chuyn tip lm cng vic ca spam.

2.3. Cc bin php phng trnh spam mail
Ngoi vic s dng cc b lc chng spam, ngi s dng cng ng vai
tr quan trng trong vic chng li i dch th rc. Bi vy ngi dng cn
tun theo mt s nguyn tc sau:
Lun cp nht cc bn v mi nht ca cc phn mm ang ci t trn
my.
m bo tt c cc my lun c cp nht cc phn mm chng virus v
chng spam.
S dng cc firewall bo v h thng.
Khng tr li cc email l khng r ngun gc. i vi cc spammer, khi
nhn c mt tr li t hng ngn email h gi i th cng chng minh l
phng php c hiu qu. Ngoi ra, vic tr li li cn xc nhn l a ch

An Ton Mng 20
email ca bn l c thc v hin ang c s dng. Do vy a ch email ca bn
s ng gi hn, v cc spammer s gi nhiu th rc hn.
Khng gi cc thng tin c nhn ca bn (s th tn dng, mt khu, ti
khon ngn hng, v.v... ) trong th in t. Cc spammer v nhng k la o qua
mng c th to ra nhng trang web gi mo cc t chc, ngn hng... ngh bn
gi mt khu v mt s thng tin v th tn dng ca bn qua email.
Khng hi p email bng cch nhn ln t nh loi b (remove) hoc
ngng ng k (unsubscribe) trong dng tiu hoc trong ni dung ca th tr
khi y l ngun ng tin cy (cc email tip th trc tip). y l tiu xo ca cc
spammer ngi s dng hi p li cc spam ca h. Khi nhn c hi p,
cc spammer khng nhng khng loi b a ch email ca bn ra khi danh sch
m cn gi ti nhiu spam hn bi v h bit rng a ch email ca bn hin ang
hot ng.
Khng bao gi bm vo cc lin kt URL hoc a ch trang web c ghi
trong spam ngay c khi n hng dn ngi nhn ngng ng k. iu ny cng
cho ngi gi bit rng a ch email ca bn ang c s dng v bn c th s
nhn c nhiu spam hn.
Hy s dng hai a ch email khc nhau, mt a ch s dng cho cc
vic ring nh bn b, cng vic. Mt a ch s dng ng k tr thnh thnh
vin ca cc din n, cc t chc... nhng ni m a ch email ca bn c th b
lm dng hoc bn.
Khng nn ng a ch email ca bn nhng ni cng cng (v d nh
cc din n, bng tin, chat room...) ni cc spammer thng s dng cc tin ch
thu thp v tm kim a ch email.
S dng cc dch v email cung cp cng c chng spam, v d nh
Yahoo! Mail, Gmail.
Khng bao gi c chuyn tip spam cho ngi khc.
Chuyn spam nhn c n ngi qun tr h thng email. Qun tr vin

An Ton Mng 21
s thay i chng trnh lc ln sau h thng s chn li nhng email tng t
nh th.

3. Cc cng c chng spam cho mail server
3.1. Software
3.1.1. VinaCIS AntiSpam
VinaCIS AntiSPAM phn mm chuyn dng chng li nn th rc c
dng min ph cho Microsoft Outlook, Outlook Express, Windows Mail (phin
bn Standard). VinaCIS Corporation Vit ha hon ton phn mm
Spamfighter chng li nn th rc t Spamfighter ApS
VinaCIS AntiSPAM c ch lc th rc vi cc c im u vit to nn
1 thng hiu v phn mm lc th rc chuyn dng cho vic phng chng th rc
hiu qu. VinaCIS AntiSPAM ngn chn hon ton s xm nhp bt hp php ca
cc phn mm Gin ip, Th la o, Th cha Virus...Vi c ch hot ng
hon ton t ng v lc chnh xc n 99,9%, cng vi vic ci t v s dng d
dng(v c Vit ha hon ton) nn phn mm VinaCIS AntiSPAM l s la
chn cho vic chng li nn th rc hu hiu v chuyn dng cho ngi Vit.
Mt s tnh nng t bit ca VinaCIS AntiSPAM:
Giao din hon ton bng ting Vit.
Vic ci t n gin v s dng d dng.
Tch hp s dng b lc th rc cho nhiu ti khon trn mt my v tnh.
T ng qun l danh sch th sch.
Kh nng lc ty chn theo ngn ng.
Khng gii hn danh sch th rc v th sch.
Ty chn vic di chuyn thanh cng c trong Microsoft Outlook.
Kha v m kha th rc bng i ch th in t v tn min website.


An Ton Mng 22
3.1.2. GFI Mail Essentials

GFi MailEssentials chng Spam bng c ch Bayesian : c ch Bayesian
c cc chuyn gia hng u th gii tin dng l cng c nhn bt Spam tt nht
hin nay. Cng ngh ny s dng thut ton nhn bit th Spam v Ham .Do t
l lc Spam ca GFi MailEssentials li ln n 98% ch sau hai tun cp nht .
Ngn chn Spam v Phising ngay ti Server : GFi MailEssentials l mt
ng dng ci t trn my ch hoc trn Gateway gip cho ngi qun tr d dng
ci t v qun l da trn nn Desktop.
Qun l whitelist thng minh trnh nhm ln : Tnh nng Whitelist nh
du nhng mail " khng phi l Spam" t nhng a ch ngi gi qua c ch lc:
Domain, a ch mail v keyword.
Kim tra h thng tn min en trung gian : GFi MailEssentials nhn bit
cc blacklist DNS (Real time black hole list) . Nhn bit cc tn min trung gian
en nh : ORDB , Spam Haus , Spam cop v cho php admin nh dng cc RBL
servers.
H tr SPF v cc SURBL server trung gian : GFi mailEssentials t ng
kim tra cc a ch mail c thc s c gi i t mt domain c ng k

An Ton Mng 23
hay khng. Nu mt a ch Email m c gi i t mt domain trung gian s b
GFi MailEssentials nh du l SPAM .
Loi b cch thu thp Email ca cc Spamer (directory harvesting ) : Cc
spamer thng to ra mt danh sch a ch Email ngu nhin v gi email ti
nhng a ch ny . GFi MailEssentials kim tra xc thc ca mi a ch Email
c gi i thng qua Active desktop hay qua h tr ca LDAP . Nu khng ph
hp , email s b nh du l SPAM.
Sp xp cc SPAM vo hm th rc (Junk Mail ) ca ngi dng : GFi
MailEssentials cho php ngi dng d dng xc nh , x l mail c nh du
l SPAM . C th di chuyn mail SPAM ny vo mt Folder v c th xem li
chng .
Phn tch tiu th v kim tra cc t kha : Vi chc nng thng minh
ca GFi Mail Essentials d dng phn bit cc tiu ca email . pht hin cc
tiu gi mo , cc Spam bin i cc IP khng c thc .
Chc nng xem nhanh cc Mail l : Chc nng New senders cho php
ngi s dng c th xem nhng a ch E-mail ca khch hng m h cha tng
gi .
D dng iu chnh b lc Bayesian thng qua cc Folder dng chung :
Cc Admin d dng iu chnh b lc Bayesian bng cch ko th cc email Spam
vo th mc dng chung .
Bo co tnh nng lc v s dng th : Tnh nng qun l Email n v i
gip to bn bo co r rng v bo co ch no lc SPAM tt nht .
D dng phn bit whitelist hay backlist : GFi MailEssentials gip ngi s
dng d dng qun l c danh sch mail whitelist hay backlist bng cch ko
th Email spam vo Public Folder . Gip lm gim cng vic cho ngi qun tr.
Cc Admin c th iu khin tng tnh bo mt cho Public Folder ny .
Ti Update c s d liu v Spam: GFi MailEssentials ti cc bn cp nht
chng Spam vo c s d liu ca Bayesian t trang web ca GFi . m bo chc
chn cp nht nhng k thut chng Spam mi nht cho h thng .

An Ton Mng 24
Chc nng ti Disclaimer u hoc cui Email cng ty : GFi
MailEssentials cho php bn to disclaimer u hoc cui Email ca cng ty
di dng text hoc HTML .Bn c th to nhiu disclaimer cho tng user , tng
nhm v tng domain.

3.1.3. eWall

eWall l mt gateway c th lp trnh c cho bt k my ch mail no.
N h tr phn mm chng virut mnh nh cc k thut chng spam khc nh
(SPF, SURBL, DNSBL, Greylisting, Harvester detection, country block,...). Hn
th na, n cng c th c s dng cung cp cc dch v mi n cc khck
hng ca bn vi mt lot cc filter, API, v scripting engine. Phn mm min ph
EWLSP lm cho eWall thc s trong sut vi cc mail server v l vt cn v
hnh trn ng dn ca spam, scam, viruses, v cc ti liu khc.
eWall c hai phin bn: X Edition l r hn nhng ch cho mt s lng
gii hn ca mail server gi thnh thp hay min ph nh: XMail, hMailServer,

An Ton Mng 25
MailEnable, ArGoSoft Mail Server v chng c tn "X" l da vo t Xmail, cn
Unlimited Edition l khng b hn ch.

3.2. Hardware
3.2.1. Tng la lc th rc Barracuda Spam Firewall

Barracuda Spam Firewall (BSF) l mt gii php hon ho tch hp phn
mm trn phn cng chng Spam hiu qu.
y thc s l mt gii php mnh m,d s dng v tit kim cho doanh
nghip.Vi vic tch hp cc cng ngh chng spam v virus:
Anti-Spam
Anti-Virus
Anti-Spoofing
Anti-Phishing
Anti-Spyware(Attachments)
Denials of Services
BSF tng thch vi tt c cc my ch Mail v c th s dng bt k t
chc hoc doanh nghip t vi ngi dng cho n nhng t chc ln n
200.000 ngi s dng.Mi mt thit b c th h tr n 30.000 ti khon email
v c th x l 20 triu th mi ngy.Thit b c h tr chy cluster tng dung
lng v kh nng chu ti cao.
Tt c cc email trc khi n my ch u c x l qua h thng 12 lp

An Ton Mng 26
bo v ca thit b Barracuda:
Denial of Service and Security Protection
Rate Control
IP Reputation Analysis
Sender Authentication
Recipient Verification
Virus Check
Policy (User-specified rules)
Spam Fingerprint Check
Intent Analysis
Image Analysis
Bayesian Analysis
Rule-based Scoring
BSF khc phc c nhng nhc im ca phn mm ang phi gnh
chu:
Khng cn s tng thch gia phn mm v phn cng
Khng chim ti nguyn h thng v gim ti trn my ch bng vic loi
b cc th rc,virus ngay ti thit b BSF,ch cho nhng th tt v khng cha
virus n my ch.
Ngoi ra,tt c cc dng sn phm ca BSF u tch hp sn chc nng
Outbound ,lc v m bo tt c cc th gi ra u l th tt v khng cha
virus,ch n gin l Convert sang ch Outbound.
Hn th na,BSF cn h tr mt s dch v cho ngi s dng tinh chnh
mt s filter,APIBSF thc s trong sut vi cc Mail Server v mt cng c
hon ho cho server ca bn trong vic chng li th rc v virus.
Tnh d s dng:
Khng ci t phn mm,khng chnh sa nhiu trn h thng my ch
mail c sn,vic thit lp nhanh chng v kh n gin.Tt c u s dng giao
din Web theo di v bo tr.

An Ton Mng 27
Vi dch v Energize Update,thit b BSF c cp nht mi lin tc hng
gi t trung tm Barracuda t ti M.
Gii php tit kim chi ph cho doanh nghip:
y l thit b khng tnh ph theo ngi dng.Do BSF l mt gii php
tit kim nht cho doanh nghip,t chc trong vic chng th rc v virus ly lan
qua ng mail.

Ti liu tham kho
How to prevent spam : http://www.wordsandpeople.com/security/how-to-
prevent-spam.htm
Wikipedia: http://en.wikipedia.org/wiki/Spam_mail
Antispam: http://blog.protectwebform.com/p/category/anti-spam

Athena Chong Spam E-Mail

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Athena Chong Spam E-Mail

Uploaded by

Copyright:

Available Formats

NGHIN CU V CUNG CP CC CNG C CHNG SPAM

TRN H THNG MAIL SERVER

You might also like