Fighting Spam for Dummies


Paul Baccas

Sophos, UK
Editor: Helen Martin


Paul Baccas reviews: Fighting Spam for Dummies

See Fighting Spam for Dummies on Amazon.

Title: Fighting Spam for Dummies

Authors: John E. Levine, Margaret Levine Young, Ray Everett-Church

Publisher: Wiley

ISBN: 0-7645-5965-6

The bright yellow and black cover design and the cartoon character of Wiley’s ‘For Dummies’ series have frequently been the subject of pastiche and pillory, and I have to admit that the prospect of reviewing this offering filled me with a little trepidation. Luckily, however, I was to be pleasantly surprised.

Between them, the three authors of Fighting Spam for Dummies have written several books; as a consequence the book’s style, within the confines of the series, is concise and witty.

The only complaint I have with the style of the book is the number of references made in the text (as opposed to appendices) to other books in the series. In fact, there are no appendices in this small, 200-page A5-sized, book. I feel that the inclusion of appendices – containing references, a bibliography and a ‘further reading’ section – would have added significantly to the value of the book.

The book is divided into four parts: ‘The World of Spam’, ‘Filtering Spam Out of Your Inbox’, ‘Spam-Filtering Programs and Services’ and the ubiquitous ‘The Part of Tens’ (a section common across the ‘For Dummies’ series of books, which provides a number of quick reference ten-item lists).

Part one, ‘The World of Spam’, provides an introduction to spam, covering historic, economic, comedic, legal and political aspects of unsolicited commercial email as well as the tinned meat product. There is also a tutorial, in what could be called ‘Email and the Internet, 101’, that details how to find out who has been spamming you, plus a basic description of how spammers work – for example, how they harvest email addresses and how they send spam. This section is lightweight, but there is sufficient detail to whet the reader’s appetite and the detail is up to date.

Part two, ‘Filtering Spam Out of Your Inbox’, looks at how to filter email using your email client. This section covers all of the most popular home user email clients and web mail clients: Outlook Express and Outlook, Netscape and Mozilla Mail, Eudora, AOL and AOL Communicator, Hotmail, MSN and Yahoo! Mail. This section is highly informative, explaining why email filtering is a good practice and how to do it. The book also advises on which software versions you should be using and how to configure them – for example how to create whitelists and blacklists, how to configure in-built spam controls and generally how to make the client more secure.

Part three, ‘Spam-Filtering Programs and Services’, deals with spam solutions that are separate from the email client – covering several open-source, free and cheap home-user solutions, ISP-level spam solutions and a general overview of server-side spam blocking. This section goes heavily into the detail of the setup and configuration of POPFile (accounting for almost 10 per cent of the book).

The description of ISP-level solutions details only a small subset of those available and there are some glaring omissions. The server-side chapters explain DNSBL (domain name service blacklisting/blocking) and DNSWL (domain name service whitelisting) and describe a number of free, commercial and third-party solutions.

Part four is the amusing, informative and thought-provoking ‘The Part of Tens’. There are just two lists of ten in this book, the first dealing with standard email scams and the second with Internet security. A couple of paragraphs of information is devoted to each entry in each of the lists.

The list of ten spam scams includes: 419, ‘make lots of money’, ‘free holiday’, paypal/bank phishing, credit, ‘lose weight’, prescriptions, male enhancement and pornography.

The list of Internet security items includes: pop-up blockers, firewalls, anti-virus software, adware/spyware and other diverse topics.

While I would hesitate to recommend this book as a good read for any of the technical readers of Virus Bulletin or email administrators, I would certainly recommend that they buy it. There are a number of reasons for this seemingly contradictory advice.

The content of the book is not sufficiently complete to teach readers everything there is to know about spam – the level of knowledge about email and Internet that comes from being online for a decade cannot easily be taught. For large organisations the details included in the book are not sufficient to be of assistance in making informed decisions about how to tackle spam or what solutions to implement.

On the other hand, however, this book is perfect for those people who ask: ‘How do I get rid of spam on my home machine?’, or ‘So, what do you do again?’. This is an informative, fun and easy-to-read book which does not patronise the reader and will not confuse.

Found a useful infosecurity book? Why not tell us about it so we can let others know - email: [email protected].

View this book on Amazon



Latest articles:

Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

Aditya Sood & Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited to compromise the C&C panel in order to gather threat intelligence, and present a model of mobile AppInjects.

Cryptojacking on the fly: TeamTNT using NVIDIA drivers to mine cryptocurrency

TeamTNT is known for attacking insecure and vulnerable Kubernetes deployments in order to infiltrate organizations’ dedicated environments and transform them into attack launchpads. In this article Aditya Sood presents a new module introduced by…

Collector-stealer: a Russian origin credential and information extractor

Collector-stealer, a piece of malware of Russian origin, is heavily used on the Internet to exfiltrate sensitive data from end-user systems and store it in its C&C panels. In this article, researchers Aditya K Sood and Rohit Chaturvedi present a 360…

Fighting Fire with Fire

In 1989, Joe Wells encountered his first virus: Jerusalem. He disassembled the virus, and from that moment onward, was intrigued by the properties of these small pieces of self-replicating code. Joe Wells was an expert on computer viruses, was partly…

Run your malicious VBA macros anywhere!

Kurt Natvig wanted to understand whether it’s possible to recompile VBA macros to another language, which could then easily be ‘run’ on any gateway, thus revealing a sample’s true nature in a safe manner. In this article he explains how he recompiled…

Bulletin Archive

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.