Security UPDATE -- An Innovative Approach to Spam Fighting -- May 10, 2006

This email newsletter comes to you free and is supported by the following advertisers, which offer products and services in which you might be interested. Please take a moment to visit these advertisers' Web sites and show your support for Security UPDATE.

St. Bernard Software


8e6 Technologies


1. In Focus: An Innovative Approach to Spam Fighting

2. Security News and Features

- Recent Security Vulnerabilities

- SonicWALL Brings New Email Security Appliances to Market

- MSN Search Toolbar Brings Microsoft Phishing Filter to IE 6.0

- Security-Related Products Earn Nods at Microsoft Management Summit

3. Security Toolkit

- Security Matters Blog


- Security Forum Featured Thread

- Share Your Security Tips

4. New and Improved

- Detect Malicious Insiders


==== Sponsor: St. Bernard Software ====

#1 Ranked Web Filter Offers Free Appliance

iPrism, ranked #1 by IDC, gives you comprehensive protection from Web-based threats at the perimeter -- spyware, IM and P2P are stopped before they can invade your networks. For a limited time, you can get the iPrism appliance free when you purchase a multi-year subscription. Plus, if you currently have a Web filter, now is the perfect time to switch to iPrism and stop being surprised by high renewal prices. This is a limited-time offer, so get your personal Quick Quote today.


==== 1. In Focus: An Innovative Approach to Spam Fighting ====

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

These days, spam is a multimillion-dollar industry. It generates millions of dollars for the spammers, millions for the companies that produce antispam solutions, and millions for the people who install and support those solutions.

Some people think that individuals who go after spammers on their own are vigilantes. Calling such people vigilantes implies that we should all sit around on our duffs while we let our respective governments make and enforce laws such as the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act of 2003. As time has shown, the act works to some extent, but it has problems and it's nearly useless when a spammer is located anywhere outside the United States.

Meanwhile, other spam-fighting methods, such as Domain Keys Identified Mail (DKIM), Sender ID, and other technologies (some of whose real motives are questionable,) try to place controls on email flow. Most of these technologies will lead to increasing restrictions on email flow over time and could severely limit open and free communication, which in my opinion is anti-Internet.

Blue Security (at the URL below) has a tool called Blue Frog that seems to be an effective antispam defense. Individuals and businesses can put their email addresses on Blue Security's encrypted "do not spam" list. A user on the list who receives a spam message can notify Blue Security, which investigates and then notifies the proper authorities about offending spammers. Blue Security also sends an opt-out message to the spammer for each message sent to a Blue Frog user. If a spammer sends five spam messages to 1 million Blue Frog users, the spammer receives 5 million opt-out requests. This places a tremendous load on a spammer's resources, and rightly so.

Last week, Blue Security found itself under attack. Apparently, a spammer became so angry at the influx of opt-out messages that it decided to launch a Distributed Denial of Service (DDoS) attack against Blue Security's network. The result was that the spammer (PharmaMaster) was exposed as the low-life scum that it is, so people can choose not to do business with it. Also, Blue Security received a ton of press coverage due to the attack, which will undoubtedly raise awareness about Blue Frog by many orders of magnitude.

You can read more about the incident at the URL below. Kudos to Blue Security are in order for helping people take matters into their own hands while acting as a team. According to a press release from Blue Security, six of the top ten spammers worldwide have stopped sending spam to users of Blue Frog. If every Internet user had technology similar to Blue Frog, the spam problem could be cured very, very quickly. Such technologies minimize the need to legislate or build solutions that could potentially limit the openness of the Internet.

Calling All Windows IT Pro Innovators!

Have you developed a solution that uses Windows technology to solve a business problem in an innovative way? Enter your solution in the 2006 Windows IT Pro Innovators Contest! Grand-prize winners will receive airfare and a conference pass to Windows and Exchange Connections in Las Vegas, November 6-9, 2006, plus more great prizes and a feature article about the winning solutions in the December 2006 issue of Windows IT Pro. Contest runs through August 1, 2006.

To enter, click here:


==== Sponsor: Webroot ====

Free Trial of Webroot's Spy Sweeper(TM) Enterprise

Spy Sweeper Enterprise(TM) leads the anti-spyware market:

* #1 in Product Effectiveness per Independent VeriTest report

* #1 in Product Awards winning 5 out of 5 awards in anti-spyware category in 2006

* #1 Anti-Spyware Market Share by Radicati Group

* #1 in Customer Satisfaction from Infosecurity Magazine survey.


==== 2. Security News and Features ====

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

SonicWALL Brings New Email Security Appliances to Market

SonicWALL introduced a new line of email security appliances that fit the full range of businesses from large enterprises to small businesses. The new appliances are based on technology gained when SonicWALL acquired MailFrontier in February.

MSN Search Toolbar Brings Microsoft Phishing Filter to IE 6.0

Originally designed for the upcoming Microsoft Internet Explorer (IE) 7.0, Microsoft Phishing Filter Add-in for MSN Search Toolbar works with IE 6.0, provided that customers first install MSN Search Toolbar on a Windows XP Service Pack 2 (SP2) system.

Security-Related Products Earn Nods at Microsoft Management Summit

Security-related products were well-represented among the winners and finalists in Windows IT Pro's Best of Show awards at the Microsoft Management Summit (MMS--April 24-28, San Diego). Configuresoft's Enterprise Configuration Manager (ECM) won the Overall Best award, and Altiris's Software Virtualization Solution won Best New Product. Argent Software's Guardian, DesktopStandard's PolicyMaker Application, and Softricity's Virtualization Platform all received Runner Up awards. Other finalists were Quest Software's Vintela Authentication Services, Centrify's DirectControl, eXc Software's MOM and SMS eXctender Event Provider for non-Windows, NetPro's ChangeAuditor, and Iconclude's Repair System.


==== Resources and Events ====

Learn the essentials about how consolidation and selected technology updates build an infrastructure that can handle change effectively.

Use virtual server technology to consolidate your production environment using only a fraction of the server hardware in the data center. Live Event: Thursday, May 18

Design effective policies to protect your company's assets and data. Don't accidentally damage what you mean to protect! View this on-demand seminar today.

Learn to differentiate alternative solutions to disaster recovery for your Windows-based applications to determine what works for you and ensure seamless recovery of your key systems--whether a disaster strikes just one server or the whole site. Live event: Thursday, May 11

Increase administration efficiency, build flexible yet inexpensive file-server environments, and maximize potential through consolidation of your SQL Server environment. Make the most of your resources today!


==== Featured White Paper ====

Learn how to address challenges such as making email truly available 24x7x365, securing against viruses, comprehensively backing up email data, and more.


==== Hot Spot ====

Protect Your Network From Threats Brought in By Remote Laptops!

Learn how employee laptops indiscriminately harm company networks, despite standard security gear, and gain valuable information on how to protect your company against these threats--without throwing out the laptops. Get the FREE white paper from 8e6 Technologies. Qualify Now!


==== 3. Security Toolkit ====

Security Matters Blog: Apache Overtakes IIS as Most Popular SSL Server

by Mark Joseph Edwards,

According to Netcraft, Apache accounts for 44 percent of all Secure Sockets Layer (SSL)-enabled sites and Microsoft IIS accounts for 43.8 percent. The use of IIS leveled off in 2001, declined until 2002, climbed a little between 2002 and 2003, and since then has steadily declined. Read more about the trends in this blog article.


by John Savill,

Q: How can I use a script to check the domain mode and forest mode of a client computer?

Find the answer at

Security Forum Featured Thread: Suspicious SNMP Traffic

A forum participant writes that in his Symantec firewall logs, he sees a "Suspicious SNMP traffic" event with the source IP address of one of his workstations. He can't find anything running on the workstation that would generate this event. Have any idea? Join the discussion at

Share Your Security Tips and Get $100

Share your security-related tips, comments, or problems and solutions in the Windows IT Security print newsletter's Reader to Reader column. Email your contributions to [email protected] If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.


==== Announcements ====

(from Windows IT Pro and its partners)

Windows IT Pro Master CD--SAVE 50%!

Subscribe today and get portable, high-speed access to the entire Windows IT Pro article database on CD: a searchable library that includes every Windows IT Pro issue ever published. The newest issue also includes BONUS Windows IT Tips. Order now and save:

May Exclusive--Save $100 off the Exchange & Outlook Newsletter

For a limited time, order the Exchange & Outlook Administrator newsletter and SAVE up to $100! You'll get 12 helpful issues loaded with solutions you won't find anywhere else and FREE access to the entire Exchange & Outlook online article database. Subscribe now:


==== 4. New and Improved ====

by Renee Munshi, [email protected]

Detect Malicious Insiders

Nowell announced the availability of SpyForce-AI 2.0, a host-based anomaly-detection and multifactor-authentication security tool designed to detect and prevent malicious insiders looking to misuse corporate information assets and identity thieves logged on using stolen passwords. SpyForce-AI 2.0 offers an improved GUI, better integration and deployment methods, and an enhanced anomaly detection engine and can now be fine-tuned to selectively monitor for different types of anomalies in a user account. SpyForce-AI also now supports Microsoft Windows Terminal Services. For more information, go to

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a T-shirt if we write about the product in a future Windows IT Pro What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]


==== Contact Us ====

About the newsletter -- [email protected]

About technical questions --

About product news -- [email protected]

About your subscription -- [email protected]

About sponsoring Security UPDATE -- [email protected]


This email newsletter is brought to you by Windows IT Security, the leading publication for IT professionals securing the Windows enterprise from external intruders and controlling access for internal users. Subscribe today.

View the Windows IT Pro privacy policy at

Windows IT Pro, a division of Penton Media, Inc.

221 East 29th Street, Loveland, CO 80538

Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.