Fighting Spam for Dummies

2005-03-01

Paul Baccas

Sophos, UK
Editor: Helen Martin

Abstract

Paul Baccas reviews: Fighting Spam for Dummies


See Fighting Spam for Dummies on Amazon.

Title: Fighting Spam for Dummies

Authors: John E. Levine, Margaret Levine Young, Ray Everett-Church

Publisher: Wiley

ISBN: 0-7645-5965-6

The bright yellow and black cover design and the cartoon character of Wiley’s ‘For Dummies’ series have frequently been the subject of pastiche and pillory, and I have to admit that the prospect of reviewing this offering filled me with a little trepidation. Luckily, however, I was to be pleasantly surprised.

Between them, the three authors of Fighting Spam for Dummies have written several books; as a consequence the book’s style, within the confines of the series, is concise and witty.

The only complaint I have with the style of the book is the number of references made in the text (as opposed to appendices) to other books in the series. In fact, there are no appendices in this small, 200-page A5-sized, book. I feel that the inclusion of appendices – containing references, a bibliography and a ‘further reading’ section – would have added significantly to the value of the book.

The book is divided into four parts: ‘The World of Spam’, ‘Filtering Spam Out of Your Inbox’, ‘Spam-Filtering Programs and Services’ and the ubiquitous ‘The Part of Tens’ (a section common across the ‘For Dummies’ series of books, which provides a number of quick reference ten-item lists).

Part one, ‘The World of Spam’, provides an introduction to spam, covering historic, economic, comedic, legal and political aspects of unsolicited commercial email as well as the tinned meat product. There is also a tutorial, in what could be called ‘Email and the Internet, 101’, that details how to find out who has been spamming you, plus a basic description of how spammers work – for example, how they harvest email addresses and how they send spam. This section is lightweight, but there is sufficient detail to whet the reader’s appetite and the detail is up to date.

Part two, ‘Filtering Spam Out of Your Inbox’, looks at how to filter email using your email client. This section covers all of the most popular home user email clients and web mail clients: Outlook Express and Outlook, Netscape and Mozilla Mail, Eudora, AOL and AOL Communicator, Hotmail, MSN and Yahoo! Mail. This section is highly informative, explaining why email filtering is a good practice and how to do it. The book also advises on which software versions you should be using and how to configure them – for example how to create whitelists and blacklists, how to configure in-built spam controls and generally how to make the client more secure.

Part three, ‘Spam-Filtering Programs and Services’, deals with spam solutions that are separate from the email client – covering several open-source, free and cheap home-user solutions, ISP-level spam solutions and a general overview of server-side spam blocking. This section goes heavily into the detail of the setup and configuration of POPFile (accounting for almost 10 per cent of the book).

The description of ISP-level solutions details only a small subset of those available and there are some glaring omissions. The server-side chapters explain DNSBL (domain name service blacklisting/blocking) and DNSWL (domain name service whitelisting) and describe a number of free, commercial and third-party solutions.

Part four is the amusing, informative and thought-provoking ‘The Part of Tens’. There are just two lists of ten in this book, the first dealing with standard email scams and the second with Internet security. A couple of paragraphs of information is devoted to each entry in each of the lists.

The list of ten spam scams includes: 419, ‘make lots of money’, ‘free holiday’, paypal/bank phishing, credit, ‘lose weight’, prescriptions, male enhancement and pornography.

The list of Internet security items includes: pop-up blockers, firewalls, anti-virus software, adware/spyware and other diverse topics.

While I would hesitate to recommend this book as a good read for any of the technical readers of Virus Bulletin or email administrators, I would certainly recommend that they buy it. There are a number of reasons for this seemingly contradictory advice.

The content of the book is not sufficiently complete to teach readers everything there is to know about spam – the level of knowledge about email and Internet that comes from being online for a decade cannot easily be taught. For large organisations the details included in the book are not sufficient to be of assistance in making informed decisions about how to tackle spam or what solutions to implement.

On the other hand, however, this book is perfect for those people who ask: ‘How do I get rid of spam on my home machine?’, or ‘So, what do you do again?’. This is an informative, fun and easy-to-read book which does not patronise the reader and will not confuse.

Found a useful infosecurity book? Why not tell us about it so we can let others know - email: editor@virusbtn.com.

View this book on Amazon

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest articles:

EternalBlue: a prominent threat actor of 2017–2018

At the centre of last year's infamous WannaCry ransomware attack was an NSA exploit leaked by the Shadow Brokers hacker group, known as ‘EternalBlue’. The worm-like functionality of the exploit made a deadly impact by propagating to interconnected…

VB99 paper: Giving the EICAR test file some teeth

There are situations that warrant the use of live viruses. There are also situations where the use of live viruses is unwarranted. Specifically, live viruses should not be used when safer and equally effective methods can be used to obtain the…

Powering the distribution of Tesla stealer with PowerShell and VBA macros

Since their return more than four years ago, Office macros have been one of the most common ways to spread malware. In this paper, Aditya K Sood and Rohit Bansal analyse a campaign in which VBA macros are used to execute PowerShell code, which in…

VB2017 paper: Android reverse engineering tools: not the usual suspects

In the Android security field, all reverse engineers will probably have used some of the most well-known analysis tools such as apktool, smali, baksmali, dex2jar, etc. These tools are indeed must‑haves for Android application analysis. However, there…

VB2017 paper: Exploring the virtual worlds of advergaming

As adverts in gaming (‘advergaming’) ecosystems continue to become more sophisticated, so the potential complications grow for parents, children and gamers, who just want to play without having to worry about where their data is going (and how it is…


Bulletin Archive

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.