Arts & Photography
Audio CDs
Audiocassettes
Biographies & Memoirs
Business & Investing
Children's Books
Christianity
Comics & Graphic Novels
Computers & Internet
Cooking, Food & Wine
Entertainment
Gay & Lesbian
Health, Mind & Body
History
Home & Garden
Horror
Literature & Fiction
Mystery & Thrillers
Nonfiction
Outdoors & Nature
Parenting & Families
Professional & Technical
Reference
Religion & Spirituality
Romance
Science
Science Fiction & Fantasy
Sports
Teens
Travel
Women's Fiction
|
 |
Slamming Spam : A Guide for System Administrators |
List Price: $44.99
Your Price: $44.99 |
 |
|
|
|
| Product Info |
Reviews |
<< 1 >>
Rating: 
Summary: lacks perceptive analysis
Review: The book gives a description of the main types of antispam methods available to system administrators, at the end of 2004. As such, it is a good summary of the state of the art at that time.
However, the book does not help sysadmins by providing an understanding of the limitations of the methods mentioned. In this sense, the book is more of a simple description of how to use those methods, rather than an independent analysis of their efficacies.
Consider the methods for finding and comparing checksums or hashes of messages. The basic idea is valid. But more detail about how the methods act against spammers who introduce random variations into their messages might have been useful. The book only says that such steps are taken in the methods. Examples please? Also, the book says that the methods generate one checksum or hash per message. Limited. Far better is to make several. And I'm not referring here to when a method might make two checksums per message, where each sum is taken over the entire message and the difference is that the methods to find each sum are different. Regardless of the specific checksum or hashing method, one should make several per message, for more robustness.
Plus, the methods use what they call greylisting. Done at the system level. No suggestion that it might be better to also let each user make her own greylist.
SpamAssassin gets the most coverage in the book. But not mentioned is that it can use a blacklist against domains in body links. A vital improvement against merely using it against the purported sender domain or against possibly fake relays in the header. Much time is spent in the book explaining Bayesians. But little about how they are very computationally intensive, compared to applying a blacklist against body links. And that Bayesians are inherently probabilistic. So one technique by spammers is simply to send more, so that enough of an absolute number of spam gets through a Bayesian. And, it is manually intensive on the part of a sysadmin and users to have to continually retrain a Bayesian, to ward off deliberate poisoning by spammers.
This is compounded by the descriptions of how qmail and sendmail can use blacklists against where the message purportedly comes from. This is of limited use. For some reason, there is a persistent mindset, as evidenced by what you can read in the book, about this usage. Yes, it works, sometimes. But spammers often forge header information.
In any event, the book's authors do not point out - why do you [the sysadmin] care where a spam comes from? Far better to ask is where it goes. That is, where its links go to. I have criticised other antispam books for not doing this. I was hoping when I read this book that it would be more perceptive. Unfortunately not.
Rating: 
Summary: Good book for admins
Review: When opening the book, I was convinced that spam doesn't really deserve a book. However, I enjoyed scanning through this "Slamming Spam" and picked up an idea or two from it.
I liked the chapters on Bayesian methods, and I think that this book contains one of the clearest explanations on how they work and how to make them work for you.
Overall, the book is very practical and will be great for people configuring mails servers for spam-fighting on a daily basis. However, this is not an in-depth review, since I am not tasked with fighting spam (and SpamAssassin does a fine job on my mail account).
Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA is a Security Strategist with a major security company. He is an author of the book "Security Warrior" and a contributor to "Know Your Enemy II". In his spare time, he maintains his security portal info-secure.org
<< 1 >>
|
|
|
|
