It’s best to begin with a disclaimer: no one antispam technology filters all spam, and there is no one technology in development that will be an all-encompassing solution. Does that mean mail administrators should wave a white flag in defeat to the spammers of the world? Certainly not! Antispam technology has evolved greatly over the past decade to combat similar advances by spammers, and with the appropriate technologies enabled spam can be a minor inconvenience instead of a major issue.
I've already
provided an overview. Let's get specific. Here is a run down of some of the most effective antispam technologies currently available, along with their strengths and weaknesses.
Black and White Lists: Ensure that email received from your approved contacts bypass antispam filters, and mail sent from known spammers or contacts you don’t want to receive email from are denied. This technology is fundamental for any antispam security system, as it makes sure you receive email from people you know and want to communicate with, and rejects messages from contacts who have spammed you before. The only problems with this technology is it’s only as effective as your black and white list maintenance and it does not protect against spammers who use domains fraudulently. If you regularly or automatically update these lists with accurate contacts it is highly effective, and generally can reduce antispam processing bandwidth significantly by automatically approving or rejecting messages based on the address.
DNSBL’s and SURBL’s: Reject messages based on known spammer domains or IP addresses either in the body of the message or from the message sender. Domains or IP addresses that have been used for spam are added to DNSBL5 and SURBL6 lists. Messages containing these domains or sent from these IP addresses are then detected as spam. This technology can be quite effective in rejecting messages from known spammers, eliminating the need for more resource intensive message scanning. Some of the more popular and effective list providers are: Spam Haus, Outblaze and Spam Cop. The only potential risk with this technology is that if you’re using a list that is either too aggressive or not aggressive enough in identifying spam sources, you might have false positives or false negatives. The aforementioned lists, however, are widely used and generally considered reliable.
Greylisting: This technology rejects the initial message receipt request from an unknown address, and then accepts the following retry. Greylisting is effective because legitimate mail servers are configured to automatically retry messages that fail in the first attempt, per RFC7 compliance regulations, while spammers most often will not resend messages when they are rejected. Greylisting significantly reduces bulk spam, and beyond the extra bandwidth required for retries (which is minimal), there is little downside to using it.
