Wednesday, July 13, 2011

Why we receive spam not attending to us?

Recently, a client asks why she receive emails not attending to her. 
The internet email system is responsible for delivery.  It functions like our post office.  As long as we write a correct postal address, our post office can deliver a letter to the address.  The letter contents (who wrote the letter and who should receive the letter) is not under strict control.
Similarly, the internet email delivery mechanism (which is a number of computers running smtp services) only deals with routing and delivery of email messages.  The 'from: to:', etc. are part of the contents and therefore not under control by the smtp delivery.  Spammers can alter or fake these fields so as to broadcast purposely and hide their real identity. It explains why we receive so many spams, some with forged sender and some are not even attending to us.
It is our system administrator (who is in charge of our company email server) to take care of spam filtering.  Common measures are checking the sending ip against DNSBL (eg spamcot, spamhaus) and deploying some kind of anti-spam appliance.  The administrator also needs to ensure his email server is NOT acting as open relay which could otherwise make the server itself a spam source.  It is also advisable to disable smtp connection from internal LAN PC to outside because the smtp connection is usually initiated by the company email server only.  If there is some other PC making the connection, then it is likely from an infected one.

No comments:

Post a Comment