Spamming and Spoofing

Anyone with an email address has been a victim of spam attacks. We’ve all seen the spam messages offering us deals on miracle physical enhancement drugs, Nigerian gentlemen wishing to pay us to help them move money, and weird, random text and phrases that have spawned the pop culture movement called “Spam Lit.” While occasionally amusing, most of the time these messages are bothersome and occasionally even dangerous.
Spammers don’t really make money, do they?
Email is cheap. All you need is a computer and an internet connection. Combine this low operating cost with an enormous number of potential viewers, and you’ve got a recipe for a decent return. These days, spam isn’t even about getting people to buy stuff… it’s about advertisers getting spammers to get the word out about products, regardless of the actual numbers of resulting sales.
Well then, what’s spoofing got to do with it?
Anti-spam techniques are more sophisticated than ever; most filtering software packages and services know to immediately throw out stuff that looks like it came from a spammer. So what’s a spammer to do? That’s right, make their mail look like it came from a legitimate source. However, this method of getting spam through filters can have a terrible side-effect - a misdirected bounceback (commonly called “backscatter” or “collateral spam”).
From the Wikipedia article on spoofing:
“E-mail spoofing is a term used to describe fraudulent email activity in which the sender address and other parts of the email header are altered to appear as though the email originated from a different source. E-mail spoofing is a technique commonly used for spam e-mail and phishing to hide the origin of an e-mail message. By changing certain properties of the e-mail, such as the From, Return-Path and Reply-To fields (which can be found in the message header), ill-intentioned users can make the e-mail appear to be from someone other than the actual sender.”
Here’s the flow of a spoofed email:
• A spammer sends a bulk email message to a bunch of people. They set the From or Reply-To field to use your email address.
• This bulk message hits the spam filters of a majority of those recipients
• Those spam filters automatically reject the bulk mail message for one reason or another and send a bounceback message
• YOU receive the bounceback message (the backscatter) because your email address was listed in the From or Reply-To field.
What can you do to prevent spamming and spoofing?
There are many spam filtering services and software packages available on the market today; Everon provides an excellent spam filtering service to our clients, with capture rates up to 99%.
However, at the moment, there is no way to prevent spoofing entirely. Some DNS hosts allow SPF records, but this is still a fairly new development, and many mail servers pay no attention to the existence of these records. The use of SPF records requires participation on both sides of communication - the sender and the recipient. You, the sender, can specify mail servers which are allowed to send mail from your domain, but the recipient may not bother to check the sender policy to verify that the sending mail server is in that list.  Maybe someday!