088: Why is it so difficult to identify spam?

Spam email is a lot like regular junk mail; you often can't tell what it actually contains unless you open it. Usually, what looks like a check is only an advertisement for a loan. If the letter looks promising, you might open it anyway, just to make sure.

Email is no different, but it can be much more difficult to process. If it was possible to identify the real source address of a spam message it would be possible to block the message based on that information. Since source addresses are often fake, or they change quickly, it is not feasible to block an entire domain like hotmail.com, because many legitimate emails would be blocked along with the spam.

Currently, the most effective identification methods are based on heuristics that compare the characteristics of a particular email to the known characteristics of spam (for instance, email sent to many addresses, or containing certain key words -- "mortgage," "Viagra," or "Rolex" -- is likely to be spam). At Mines, faculty and staff Exchange email is processed through sophisticated spam-detection software. For further information, see the Spam System Use (http://ccit.mines.edu/Spam-System-Use) web page. Student MyMail, which is a Google service, uses Gmail heuristics.

But, in the end, having a human look at the message is the best way to detect spam. This is why email identified as spam is quarantined for the recipient to manage in some manner; sometimes anti-spam programs mislabel spam as legitimate email, sometimes legitimate email is mislabeled as spam. With a quarantine system (such as the "Cardea" system used at Mines -- https://cardea.mines.edu), important email may be temporarily redirected but is never lost.



© 2017 Colorado School of Mines | | Equal Opportunity | Privacy Policy | Directories | Text Only | Mines.edu | rss

Last Updated: 08/04/2017 08:23:15