Stopping Spam By The IP Address

A lot of the spam sent, as referenced by John Scarrow, General Manager, Anti-Spam and Anti-Phishing Strategy Team, Microsoft Technology Care and Safety Group at a recent Manhattan Chamber of Commerce event comes from the known IP addresses of email servers around the world.
While many companies fight spam by analyzing the content of the email message or the sender another VERY successful way of limiting the spam inbound to your business is by analyzing which email server is sending you the email.
If IP address is known to be a haven for spammers and phishers, why not simply block all email that comes from that IP address?
This sounds easier than it really is. IP addresses change – spammers are not dumb. Good email servers could become “bad email servers” in hours or days and you can’t keep up by yourself.
Trend Micro’s Network Reputation Services monitors the Internet and rates the “reputation” of IP addresses based on whether or not they’re sending spam. This information is stored in an extensive reputation database that Trend Micro believes to be the largest of its kind in the industry. By applying proactive protection at the network level, customers can increase productivity and support a continuous flow of business information while managing costly demands on bandwidth and administrative time.
A new white paper from online security vendor WatchGuard examines the differences between signature and proxy-based systems in regards to malware ( a term that encompasses everything from viruses and worms to spyware and blended-threat attacks), and warns readers against signature-based systems for the following reasons:
* They take time to create and implement – virus response services commit to a 2 hour response but the Sapphire Worm (SQL Slammer) infected systems within ten minutes
* No defense against information leaks, e.g., where an attacker has succeeded in compromising a host on your network and is already uploading sensitive documents from this machine
* Enterprises must examine every file that passes through the system putting a heavy toll on gateway processing
Read the white paper here