Blocking image spam

Tuesday 28th November 2006

Blocking image spam

The new Exim mail server I recently had setup is holding up quite well and the amount of spam we were getting has been cut down by at least fifty percent. Though a number of techniques were used to achieve this, the most effective seem to be "sender verify" and checking for valid "HELO" headers. Greylisting wasn't included since we still aren't very familiar with it and it could potentially deluge us with support calls and complaints. I'm still testing it out and will include it in the near future. I'll also try to post a more detailed article on this setup some other time, but for now, let's talk about spam.

Despite rejecting close to 10,000 spams a day, lots of it is still getting through, most of it being image spam. Now there isn't an easy way to deal with this. The image size and content isn't constant so you can't setup filters to check for those. Valid emails containing images are commonly sent by a large majority of users so you can't block every message containing an image.

Stuart sent me a link to this article that suggests a way to deal with image spam, albeit not as simple to implement as some of the other popular methods. It suggests having a whitelist-like system for GIFs, though I'm a bit sceptical as to the accuracy and benefits of this method versus the effort required to implement it.

I think the biggest hurdle that we admins currently face while fighting spam is the inability of most users to accept change. They would rather continue to receive some spam than face a delayed delivery (if you use Greylisting) and would rather use a server that allows simple relaying than one that requires authentication. Such small things may irritate users, but they cause serious headaches for us admins and open up the services to ever-increasing amounts of spam in the future.

I seriously doubt that at the current rate, email will continue to be a feasible means of communication for very long. What we need is a more modern system of communication with the benefits of email, but without the drawbacks.


On 28th November 2006, at 11:25am PKT, Atif said:

I agree that new server has been successful in fighting spam. What could be the next thing to email?

On 3rd December 2006, at 15:47pm PKT, Zaeem said:

The worst part in this fight is that spammers are getting clever every day. Its a billion dollar "industry" and pros are being paid thousands of dollars just to sneak pass the filters. Nevertheless, Sender Verify and new SA rules have definitely helped.

On 12th December 2006, at 21:56pm PKT, abbas halai said:

hopefully the technologies behind a and e can help us with this in the future. should be interesting to see what happens with this in the future.

On 12th December 2006, at 21:58pm PKT, abbas said:

hmm i was linking to and i guess you don't allow href tags. my apologies.

(not displayed)