Fighting Spam for Dummies


Paul Baccas

Sophos, UK
Editor: Helen Martin


Paul Baccas reviews: Fighting Spam for Dummies

See Fighting Spam for Dummies on Amazon.

Title: Fighting Spam for Dummies

Authors: John E. Levine, Margaret Levine Young, Ray Everett-Church

Publisher: Wiley

ISBN: 0-7645-5965-6

The bright yellow and black cover design and the cartoon character of Wiley’s ‘For Dummies’ series have frequently been the subject of pastiche and pillory, and I have to admit that the prospect of reviewing this offering filled me with a little trepidation. Luckily, however, I was to be pleasantly surprised.

Between them, the three authors of Fighting Spam for Dummies have written several books; as a consequence the book’s style, within the confines of the series, is concise and witty.

The only complaint I have with the style of the book is the number of references made in the text (as opposed to appendices) to other books in the series. In fact, there are no appendices in this small, 200-page A5-sized, book. I feel that the inclusion of appendices – containing references, a bibliography and a ‘further reading’ section – would have added significantly to the value of the book.

The book is divided into four parts: ‘The World of Spam’, ‘Filtering Spam Out of Your Inbox’, ‘Spam-Filtering Programs and Services’ and the ubiquitous ‘The Part of Tens’ (a section common across the ‘For Dummies’ series of books, which provides a number of quick reference ten-item lists).

Part one, ‘The World of Spam’, provides an introduction to spam, covering historic, economic, comedic, legal and political aspects of unsolicited commercial email as well as the tinned meat product. There is also a tutorial, in what could be called ‘Email and the Internet, 101’, that details how to find out who has been spamming you, plus a basic description of how spammers work – for example, how they harvest email addresses and how they send spam. This section is lightweight, but there is sufficient detail to whet the reader’s appetite and the detail is up to date.

Part two, ‘Filtering Spam Out of Your Inbox’, looks at how to filter email using your email client. This section covers all of the most popular home user email clients and web mail clients: Outlook Express and Outlook, Netscape and Mozilla Mail, Eudora, AOL and AOL Communicator, Hotmail, MSN and Yahoo! Mail. This section is highly informative, explaining why email filtering is a good practice and how to do it. The book also advises on which software versions you should be using and how to configure them – for example how to create whitelists and blacklists, how to configure in-built spam controls and generally how to make the client more secure.

Part three, ‘Spam-Filtering Programs and Services’, deals with spam solutions that are separate from the email client – covering several open-source, free and cheap home-user solutions, ISP-level spam solutions and a general overview of server-side spam blocking. This section goes heavily into the detail of the setup and configuration of POPFile (accounting for almost 10 per cent of the book).

The description of ISP-level solutions details only a small subset of those available and there are some glaring omissions. The server-side chapters explain DNSBL (domain name service blacklisting/blocking) and DNSWL (domain name service whitelisting) and describe a number of free, commercial and third-party solutions.

Part four is the amusing, informative and thought-provoking ‘The Part of Tens’. There are just two lists of ten in this book, the first dealing with standard email scams and the second with Internet security. A couple of paragraphs of information is devoted to each entry in each of the lists.

The list of ten spam scams includes: 419, ‘make lots of money’, ‘free holiday’, paypal/bank phishing, credit, ‘lose weight’, prescriptions, male enhancement and pornography.

The list of Internet security items includes: pop-up blockers, firewalls, anti-virus software, adware/spyware and other diverse topics.

While I would hesitate to recommend this book as a good read for any of the technical readers of Virus Bulletin or email administrators, I would certainly recommend that they buy it. There are a number of reasons for this seemingly contradictory advice.

The content of the book is not sufficiently complete to teach readers everything there is to know about spam – the level of knowledge about email and Internet that comes from being online for a decade cannot easily be taught. For large organisations the details included in the book are not sufficient to be of assistance in making informed decisions about how to tackle spam or what solutions to implement.

On the other hand, however, this book is perfect for those people who ask: ‘How do I get rid of spam on my home machine?’, or ‘So, what do you do again?’. This is an informative, fun and easy-to-read book which does not patronise the reader and will not confuse.

Found a useful infosecurity book? Why not tell us about it so we can let others know - email:

View this book on Amazon



Latest articles:

VB2017 paper: The router of all evil: more than just default passwords and silly scripts

In the last couple of years, we have seen a few highly sophisticated router attacks and pieces of malware. This paper looks at two case studies: the Netgear router attack involving the Multiple Netgear Routers Remote Command Injection Vulnerability…

A review of the evolution of Andromeda over the years before we say goodbye

Andromeda, also known as Gamaru and Wauchos, is a modular and HTTP-based botnet that was discovered in late 2011. From that point on, it managed to survive and continue hardening by evolving in different ways. This paper describes the evolution of…

VB2012 paper: Malware taking a bit(coin) more than we bargained for

When a new system of currency gains acceptance and widespread adoption in a computer-mediated population, it is only a matter of time before malware authors attempt to exploit it. As of halfway through 2011, we started seeing another means of…

VB2017 paper: VirusTotal tips, tricks and myths

Outside of the anti-malware industry, users of VirusTotal generally believe it is simply a virus-scanning service. Most users quickly reach erroneous conclusions about the meaning of various scanning results. At the same time, many very technical…

The threat and security product landscape in 2017

VB Editor Martijn Grooten looks at the state of the threat and security product landscape in 2017.

Bulletin Archive