Fighting Spam for Dummies


Paul Baccas

Sophos, UK
Editor: Helen Martin


Paul Baccas reviews: Fighting Spam for Dummies

See Fighting Spam for Dummies on Amazon.

Title: Fighting Spam for Dummies

Authors: John E. Levine, Margaret Levine Young, Ray Everett-Church

Publisher: Wiley

ISBN: 0-7645-5965-6

The bright yellow and black cover design and the cartoon character of Wiley’s ‘For Dummies’ series have frequently been the subject of pastiche and pillory, and I have to admit that the prospect of reviewing this offering filled me with a little trepidation. Luckily, however, I was to be pleasantly surprised.

Between them, the three authors of Fighting Spam for Dummies have written several books; as a consequence the book’s style, within the confines of the series, is concise and witty.

The only complaint I have with the style of the book is the number of references made in the text (as opposed to appendices) to other books in the series. In fact, there are no appendices in this small, 200-page A5-sized, book. I feel that the inclusion of appendices – containing references, a bibliography and a ‘further reading’ section – would have added significantly to the value of the book.

The book is divided into four parts: ‘The World of Spam’, ‘Filtering Spam Out of Your Inbox’, ‘Spam-Filtering Programs and Services’ and the ubiquitous ‘The Part of Tens’ (a section common across the ‘For Dummies’ series of books, which provides a number of quick reference ten-item lists).

Part one, ‘The World of Spam’, provides an introduction to spam, covering historic, economic, comedic, legal and political aspects of unsolicited commercial email as well as the tinned meat product. There is also a tutorial, in what could be called ‘Email and the Internet, 101’, that details how to find out who has been spamming you, plus a basic description of how spammers work – for example, how they harvest email addresses and how they send spam. This section is lightweight, but there is sufficient detail to whet the reader’s appetite and the detail is up to date.

Part two, ‘Filtering Spam Out of Your Inbox’, looks at how to filter email using your email client. This section covers all of the most popular home user email clients and web mail clients: Outlook Express and Outlook, Netscape and Mozilla Mail, Eudora, AOL and AOL Communicator, Hotmail, MSN and Yahoo! Mail. This section is highly informative, explaining why email filtering is a good practice and how to do it. The book also advises on which software versions you should be using and how to configure them – for example how to create whitelists and blacklists, how to configure in-built spam controls and generally how to make the client more secure.

Part three, ‘Spam-Filtering Programs and Services’, deals with spam solutions that are separate from the email client – covering several open-source, free and cheap home-user solutions, ISP-level spam solutions and a general overview of server-side spam blocking. This section goes heavily into the detail of the setup and configuration of POPFile (accounting for almost 10 per cent of the book).

The description of ISP-level solutions details only a small subset of those available and there are some glaring omissions. The server-side chapters explain DNSBL (domain name service blacklisting/blocking) and DNSWL (domain name service whitelisting) and describe a number of free, commercial and third-party solutions.

Part four is the amusing, informative and thought-provoking ‘The Part of Tens’. There are just two lists of ten in this book, the first dealing with standard email scams and the second with Internet security. A couple of paragraphs of information is devoted to each entry in each of the lists.

The list of ten spam scams includes: 419, ‘make lots of money’, ‘free holiday’, paypal/bank phishing, credit, ‘lose weight’, prescriptions, male enhancement and pornography.

The list of Internet security items includes: pop-up blockers, firewalls, anti-virus software, adware/spyware and other diverse topics.

While I would hesitate to recommend this book as a good read for any of the technical readers of Virus Bulletin or email administrators, I would certainly recommend that they buy it. There are a number of reasons for this seemingly contradictory advice.

The content of the book is not sufficiently complete to teach readers everything there is to know about spam – the level of knowledge about email and Internet that comes from being online for a decade cannot easily be taught. For large organisations the details included in the book are not sufficient to be of assistance in making informed decisions about how to tackle spam or what solutions to implement.

On the other hand, however, this book is perfect for those people who ask: ‘How do I get rid of spam on my home machine?’, or ‘So, what do you do again?’. This is an informative, fun and easy-to-read book which does not patronise the reader and will not confuse.

Found a useful infosecurity book? Why not tell us about it so we can let others know - email:

View this book on Amazon



Latest articles:

The threat and security product landscape in 2017

VB Editor Martijn Grooten looks at the state of the threat and security product landscape in 2017.

VB2017 paper: Nine circles of Cerber

The Cerber ransomware was mentioned for the first time in March 2016 on some Russian underground forums, on which it was offered for rent in an affiliate program. Since then, it has been spread massively via exploit kits, infecting more and more…

VB2017 paper: Modern reconnaissance phase by APT – protection layer

During recent research, Talos researchers observed the ways in which APT actors are evolving and how a reconnaissance phase is included in the infection vector in order to protect valuable zero-day exploits or malware frameworks. Indeed, the…

VB2017 paper: Peering into spam botnets

Despite spam botnets being so important in the lifecycle of malware, recent publications describing massive spam operations (which can be counted on the fingers of one hand) have either skipped over the technical details or else concentrated too much…

VB2016 paper: Anti-malware testing undercover

Anti-malware testing is highly complex, and it becomes more and more challenging as new technologies are adopted by the industry to protect users. Rather than focusing on the technical challenges that testers face nowadays, this VB2016 paper focuses…

Bulletin Archive