• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL

Chapter 7. Separating the Wheat from the... > If At First You Don't Succeed

If At First You Don't Succeed

As effective as email filters can be, remember that email attackers are constantly adapting. Every new filter or technique that comes out will be quickly tested and probed for any weaknesses. Filtering email messages isn't a one-time task that never needs to be repeated; it requires vigilance and perseverance to see it through.

Case Study 7-4

Tim was responsible for the email filters at his company. He had been asked to filter on the word “Viagra” because employees seemed to get a lot of spam selling that product. This morning, he had a note from his boss that the filter didn't appear to be working because messages about Viagra were getting through.

Tim looked at one of the messages. Sure enough, the word “Viagra” was there plain as day. Tim checked the filters and found that they were still on and the Viagra filter was enabled.

Tim took another look at the message using the View Source menu option to see what was affecting his filters. He searched for the word “Viagra” but couldn't find it, which puzzled him.

He scrolled down in the file and soon found the problem. Instead of containing the word “Viagra,” the email contained the phrase Via<b></b>gra, which his email filters didn't pick up. The <b> tag was an embedded code that turned on bolding, and the </b> tag turned it off. Because no text appeared between the tags, nothing was bolded in the email, but these tags prevented Tim's filters from working.



Not a subscriber?

Start A Free Trial

  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint