A new approach to solving the spam problem

More than four out of five spam messages are generated by zombie computers – usually home computers with a broadband connection that have been infected by hackers for the express purpose of using them to generate relatively small volumes of spam unbeknownst to their owners.

Other stories on this topic
Is desktop antivirus dead? 4/5/2007
Author apologizes, but fails to fix Panda worm 3/29/2007
CTIA - Symantec aims for PC-type security on mobiles 3/26/2007
Powered by Inform

These zombies are part of botnets, or networks of computers that can be rented out to spammers for spam campaigns. For example, Symantec recently reported that during the second half of 2006 there were more than 6 million bot-infected computers worldwide.

Here’s one approach to solving the problem on which I’d like to get your thoughts: what if antivirus and antispyware vendors would place an encrypted serial number on a user’s computer during the installation process. When sending e-mail, the user’s client would embed this number in the header of your outbound messages. When the message was received by your ISP, the serial number would be read and an automatic lookup would be started against antivirus and antispyware vendors’ databases. The lookup would identify the age of your antivirus and antispyware signatures, or if you even had this software installed. A reputation score would then be assigned to that message based on the information obtained from the vendors of your software.

Here’s some initial feedback I received from a very knowledgeable individual at a leading hosted messaging security provider:

“The idea is not fundamentally flawed, but it would require a significant amount of cooperation. In short, it would require that everybody abide by the ‘standard’ at once. If not, then there is no context for blocking or passing some mail and not others. Further, you’d need to make sure that the time coding of the latest software update was blocking the purported malware. In other words, there still might be a gap between a recent antivirus update and the malware that exploits a hole. For a period of time, an infected PC might pass the check but still be used in the botnet.”

What are your thoughts on this approach? Is it workable? Please send me an e-mail with your feedback.
Recent News:
· Feds draw a bead on Russian behind Mega-D botnet
· Ransomware Attack Resurfaces to Hold Files Hostage
· Adobe Reader X Makes PDF Files Safer
· PayPal Users Beware of Holiday Phishing Scam
· McAfee Reports Malware at All-Time High
Site Map | Recent News | Related Sites

Copyright © 2006 EmailSafety.net - All Rights Reserved.