Glossary

There are many definitions and phrases associated with junk, spam & virus email. Listed below are some common explanations.

• Address harvester

  A program that searches web pages and filters newsgroup postings looking for valid email addresses to be used for spam purposes. (See also harvesting.)
  
  

• Allow List

  Also known as a whitelist, an allow list is a list of approved senders, containing external email addresses, IP addresses and domains trusted by the entire organization or individual users, so all mail from these addresses is received, bypassing the spam filters. (See also blocklist)
  
  

• Block list/blacklist/blackhole list

  A block list, blacklist, or blackhole list, is a publicized list, usually commercial, of IP addresses known to be sources of spam. A network block list can be created to filter out mail originating from these addresses. A block list is also a feature of anti-spam software that allows users to block mail from designated IP addresses, domain names and individual email addresses. (See also real-time blacklist, RBL and Domain Name System blacklist, DNSBL)
  
  

• CSS spam

  Exploits Cascading Style Sheets (CSS), which are used to control the display of web pages, in order to conceal messages in spam. Spammers can also use CSS to recycle old HTML-based tricks which fool spam filters that do not understand CSS.
  
  

• Denial of Service (DoS) attack

  Where a hacker sends attachments or other unusual or excessive traffic in an attempt to bring down email systems.
  
  

• DHA

  Directory Harvest Attacks: Collecting Proprietary Email Addresses and Increasing Spam Spammers today use sophisticated techniques to bypass typical email server checking mechanisms in order to retrieve valuable information, such as a list of valid email addresses. One of these techniques is called a Directory Harvest Attack, or DHA. During a DHA, spammers attempt to deliver messages to multiple addresses, such as johndoe@yourcompany.com, jdoe@yourcompany.com, and john@yourcompany.com. Addresses that are not rejected by the receiving mail server are determined as valid. These addresses are compiled and sold to other spammers worldwide. Within hours, a brand new email box can be full of unsolicited, junk email. A successful DHA can net a spammer thousands of corporate email addresses in just a few minutes. The results force unprotected corporations to incur higher email system costs, face increased breaches in security and decrease their email system's …
  
  

• Graylist

  Senders who are not blacklisted (excluded) or whitelisted (accepted) can be placed on a graylist. Some anti-spam software can send graylisted addresses an automated response, challenging the sender to confirm their legitimacy.
  
  

• Joe job

  A Joe job is a spam campaign forged to appear as though it came from an innocent party, with the intention of incriminating or pinning blame onto that party. The innocent party can also suffer from a flood of email bounces caused by the spam campaign.
  
  

• Mail drop

  An email address set up to receive email resulting from spam sent from a different ISP. The spammer will cancel the account from which the spam originated in an attempt to avoid detection.
  
  

• Network check (also known as reverse DNS check)

  When an anti-spam engine uses a Domain Name System database to check an email's IP address to ensure that it originated from a valid domain name or web address.
  
  

• Phishing

  (Pronounced 'fishing'.) This involves creating a replica of a legitimate web page to hook users and trick them into submitting personal or financial information or passwords.
  
  

• Real-time blacklist (RBL)

  Also known as DNSBL - This differs from a blacklist in that it actively boycotts TCP/IP addresses known to send spam or host spammers. Enabling such a list results in all mail from those addresses being refused, including valid email. This can, however, result in innocent users complaining to their ISPs and those ISPs enacting stronger anti-spam measures in order to get the RBL ban lifted. Better known providors of these lists are: MAPS, Spamhaus, & SPEWS
  
  

• Spoofing

  When spammers forge an email address to hide the origin of a spam message. Email scammers and virus writers also use this trick. Scammers spoof address lines to fool people into thinking an email has arrived from a legitimate source, such as an online bank. Similarly, virus writers have passed off viruses as security patches by spoofing their origin as being, for example, from Microsoft technical support.
  
  

• Zero Day

  A Zero day vulnerability is one on which code to exploit it appears on the first day that a loophole is announced. As most of the damage done by exploiting bugs occurs in the first few days after they become public, software firms usually move quickly to patch zero day vulnerabilities. netCORE cleanmail uses advanced technolgy provided by commtouch to remove the threats posed by zero day exploits.
  
  

• Zombie

  An insecure web server or computer that is hijacked and used in a DoS attack or to send spam.
  
  

• zz_search_service_descr

  email filtering, mail filtering, email filtering service, junk mail filtering, spam filter, spam filtering, anti spam filter, anti spam filtering, email spam filter, email spam filtering, exchange spam filter, spam filter software, spam filtering service, exchange spam filtering