A whitelist or allowlist is a list or register of entities that are being provided a particular privilege, service, mobility, access or recognition. Entities on the list will be accepted, approved and/or recognized. Whitelisting is the reverse of blacklisting , the practice of identifying entities that are denied, unrecognised, or ostracised.
65-473: Spam filters often include the ability to "whitelist" certain sender IP addresses, email addresses or domain names to protect their email from being rejected or sent to a junk mail folder. These can be manually maintained by the user or system administrator - but can also refer to externally maintained whitelist services. Non-commercial whitelists are operated by various non-profit organisations, ISPs, and others interested in blocking spam. Rather than paying fees,
130-444: A television station or cable network . VoIP spam is VoIP (Voice over Internet Protocol) spam, usually using SIP (Session Initiation Protocol) . This is nearly identical to telemarketing calls over traditional phone lines. When the user chooses to receive the spam call, a pre-recorded spam message or advertisement is usually played back. This is generally easier for the spammer as VoIP services are cheap and easy to anonymize over
195-557: A case in a federal court against the operator of a small Oklahoma-based Internet service provider who accused him of spamming. U.S. Judge Ralph G. Thompson granted a motion by plaintiff Robert Braver for a default judgment and permanent injunction against him. The judgment includes a statutory damages award of about $ 10 million under Oklahoma law. In June 2007, two men were convicted of eight counts stemming from sending millions of e-mail spam messages that included hardcore pornographic images. Jeffrey A. Kilbride, 41, of Venice, California
260-427: A cheese product ), but this term did not persist. In the late 19th century, Western Union allowed telegraphic messages on its network to be sent to multiple destinations. The first recorded instance of a mass unsolicited commercial telegram is from May 1864, when some British politicians received an unsolicited telegram advertising a dentist. The earliest documented spam (although the term had not yet been coined )
325-702: A corporate environment, where there are typically already restrictions on what software is approved. Leading providers of application whitelisting technology include Bit9 , Velox , McAfee , Lumension , ThreatLocker, Airlock Digital and SMAC. On Microsoft Windows, recent versions include AppLocker , which allows administrators to control which executable files are denied or allowed to execute. With AppLocker, administrators are able to create rules based on file names, publishers or file location that will allow certain files to execute. Rules can apply to individuals or groups. Policies are used to group users into different enforcement levels. For example, some users can be added to
390-460: A huge number of times to scroll other users' text off the screen. In early chat-room services like PeopleLink and the early days of Online America (later known as America Online or AOL), they actually flooded the screen with quotes from the Monty Python sketch. This was used as a tactic by insiders of a group that wanted to drive newcomers out of the room so the usual conversation could continue. It
455-412: A link to a supposed keygen , trainer, ISO file for a video game , or something similar. The actual content of the video ends up being totally unrelated, a Rickroll , offensive, or simply on-screen text of a link to the site being promoted. In some cases, the link in question may lead to an online survey site, a password-protected archive file with instructions leading to the aforementioned survey (though
520-436: A lot of harm before finally realizing that the business is not profitable. Some companies and groups "rank" spammers; spammers who make the news are sometimes referred to by these rankings. In all cases listed above, including both commercial and non-commercial, "spam happens" because of a positive cost–benefit analysis result; if the cost to recipients is excluded as an externality the spammer can avoid paying. Cost
585-403: A prank by participants in multi-user dungeon games, to fill their rivals' accounts with unwanted electronic junk. The first major commercial spam incident started on March 5, 1994, when a husband and wife team of lawyers, Laurence Canter and Martha Siegel , began using bulk Usenet posting to advertise immigration law services. The incident was commonly termed the " Green Card spam", after
650-405: A pre-paid fee, either an annual or a per-message fee. A sender can then be more confident that their messages have reached recipients without being blocked, or having links or images stripped out of them, by spam filters. The purpose of commercial whitelists is to allow companies to reliably reach their customers by email. Many websites rely on ads as a source of revenue, but the use of ad blockers
715-485: A problem when the Internet was opened for commercial use in the mid-1990s. It grew exponentially over the following years, and by 2007 it constituted about 80% to 85% of all e-mail, by a conservative estimate. Pressure to make email spam illegal has resulted in legislation in some jurisdictions, but less so in others. The efforts taken by governing bodies, security systems and email service providers seem to be helping to reduce
SECTION 10
#1733085393765780-465: A report-only policy that will allow administrators to understand the impact before moving that user to a higher enforcement level. Linux systems typically have AppArmor and SE Linux features available which can be used to effectively block all applications which are not explicitly whitelisted, and commercial products are also available. On HP-UX introduced a feature called "HP-UX Whitelisting" on 11iv3 version. Spam filter Email filtering
845-841: A result do not have any specific functionality or a meaningful description; (ii) multiple instances of the same app being published to obtain increased visibility in the app market; and (iii) apps that make excessive use of unrelated keywords to attract users through unintended searches. Bluespam, or the action of sending spam to Bluetooth -enabled devices, is another form of spam that has developed in recent years. E-mail and other forms of spamming have been used for purposes other than advertisements. Many early Usenet spams were religious or political. Serdar Argic , for instance, spammed Usenet with historical revisionist screeds. A number of evangelists have spammed Usenet and e-mail media with preaching messages. A growing number of criminals are also using spam to perpetrate various sorts of fraud. In 2011
910-420: A sufficient conversion rate to keep the spamming alive. Furthermore, even though spam appears not to be economically viable as a way for a reputable company to do business, it suffices for professional spammers to convince a tiny proportion of gullible advertisers that it is viable for those spammers to stay in business. Finally, new spammers go into business every day, and the low costs allow a single spammer to do
975-486: A user are broadcast to all followers of the user. Spammers, out of malicious intent, post either unwanted (or irrelevant) information or spread misinformation on social media platforms. Spreading beyond the centrally managed social networking platforms, user-generated content increasingly appears on business, government, and nonprofit websites worldwide. Fake accounts and comments planted by computers programmed to issue social spam can infiltrate these websites. Blog spam
1040-506: A waitress reading out a menu where every item but one includes the Spam canned luncheon meat. As the waitress recites the Spam-filled menu, a chorus of Viking patrons drown out all conversations with a song, repeating "Spam, Spam, Spam, Spam… Lovely Spam! Wonderful Spam!". In the 1980s the term was adopted to describe certain abusive users who frequented BBSs and MUDs , who would repeat "Spam"
1105-556: Is a common approach in social networking spam such as that generated by the social networking site Quechup . Instant messaging spam makes use of instant messaging systems. Although less prevalent than its e-mail counterpart, according to a report from Ferris Research, 500 million spam IMs were sent in 2003, twice the level of 2002. Newsgroup spam is a type of spam where the targets are Usenet newsgroups. Spamming of Usenet newsgroups actually pre-dates e-mail spam. Usenet convention defines spamming as excessive multiple posting, that is,
1170-402: Is increasingly common. Websites that detect an adblocker in use often ask for it to be disabled - or their site to be "added to the whitelist" - a standard feature of most adblockers. A use for whitelists is in local area network (LAN) security. Many network admins set up MAC address whitelists, or a MAC address filter, to control who is allowed on their networks. This is used when encryption
1235-452: Is intercepted and filtered via a transparent proxy within the network. Outbound filtering can also take place in an email server . Many corporations employ data leak prevention technology in their outbound mail servers to prevent the leakage of sensitive information via email. Mail filters have varying degrees of configurability. Sometimes they make decisions based on matching a regular expression . Other times, code may match keywords in
1300-498: Is named after Spam , a luncheon meat, by way of a Monty Python sketch about a restaurant that has Spam in almost every dish in which Vikings annoyingly sing "Spam" repeatedly. Spamming remains economically viable because advertisers have no operating costs beyond the management of their mailing lists, servers, infrastructures, IP ranges, and domain names, and it is difficult to hold senders accountable for their mass mailings. The costs, such as lost productivity and fraud, are borne by
1365-402: Is not a practical solution or in tandem with encryption. However, it's sometimes ineffective because a MAC address can be faked . Firewalls can usually be configured to only allow data-traffic from/to certain (ranges of) IP-addresses. One approach in combating viruses and malware is to whitelist software which is considered safe to run, blocking all others. This is particularly attractive in
SECTION 20
#17330853937651430-421: Is spamming on weblogs . In 2003, this type of spam took advantage of the open nature of comments in the blogging software Movable Type by repeatedly placing comments to various blog posts that provided nothing more than a link to the spammer's commercial web site. Similar attacks are often performed against wikis and guestbooks , both of which accept user contributions. Another possible form of spam in blogs
1495-460: Is that search engine indexes are inundated with useless pages, increasing the cost of each processed query". The costs of spam also include the collateral costs of the struggle between spammers and the administrators and users of the media threatened by spamming. Email spam exemplifies a tragedy of the commons : spammers use resources (both physical and human), without bearing the entire cost of those resources. In fact, spammers commonly do not bear
1560-484: Is the combination of: Benefit is the total expected profit from spam, which may include any combination of the commercial and non-commercial reasons listed above. It is normally linear, based on the incremental benefit of reaching each additional spam recipient, combined with the conversion rate . The conversion rate for botnet -generated spam has recently been measured to be around one in 12,000,000 for pharmaceutical spam and one in 200,000 for infection sites as used by
1625-481: Is the first case in which US prosecutors used identity theft laws to prosecute a spammer for taking over someone else's Internet domain name. In an attempt to assess potential legal and technical strategies for stopping illegal spam, a study cataloged three months of online spam data and researched website naming and hosting infrastructures. The study concluded that: 1) half of all spam programs have their domains and servers distributed over just eight percent or fewer of
1690-425: Is the processing of email to organize it according to specified criteria. The term can apply to the intervention of human intelligence, but most often refers to the automatic processing of messages at an SMTP server, possibly applying anti-spam techniques . Filtering can be applied to incoming emails as well as to outgoing ones. Depending on the calling environment, email filtering software can reject an item at
1755-475: Is the spamming of a certain tag on websites such as Tumblr. In actual video spam, the uploaded video is given a name and description with a popular figure or event that is likely to draw attention, or within the video a certain image is timed to come up as the video's thumbnail image to mislead the viewer, such as a still image from a feature film, purporting to be a part-by-part piece of a movie being pirated, e.g. Big Buck Bunny Full Movie Online - Part 1/10 HD ,
1820-530: Is their use in filtering the mail of users who are not informed of their use that draws fire. Even though it is possible in some jurisdictions to treat some spam as unlawful merely by applying existing laws against trespass and conversion , some laws specifically targeting spam have been proposed. In 2004, United States passed the CAN-SPAM Act of 2003 that provided ISPs with tools to combat spam. This act allowed Yahoo! to successfully sue Eric Head who settled
1885-616: Is to inspect outgoing email at some companies to ensure that employees comply with appropriate policies and laws. Users might also employ a mail filter to prioritize messages, and to sort them into folders based on subject matter or other criteria. Mailbox providers can also install mail filters in their mail transfer agents as a service to all of their customers. Anti-virus, anti-spam, URL filtering, and authentication-based rejections are common filter types. Corporations often use filters to protect their employees and their information technology assets. A catch-all filter will "catch all" of
1950-490: The American Civil Liberties Union has to do with so-called "stealth blocking", a term for ISPs employing aggressive spam blocking without their users' knowledge. These groups' concern is that ISPs or technicians seeking to reduce spam-related costs may select tools that (either through error or design) also block non-spam e-mail from sites seen as "spam-friendly". Few object to the existence of these tools; it
2015-522: The Bosnian War . However, as it was a violation of their terms of service, the ISP Panix deleted all of the bulk posts from Usenet, only missing three copies . Within a few years, the focus of spamming (and anti-spam efforts) moved chiefly to email, where it remains today. By 1999, Khan C. Smith, a well known hacker at the time, had begun to commercialize the bulk email industry and rallied thousands into
Whitelist - Misplaced Pages Continue
2080-476: The Storm botnet . The authors of the study calculating those conversion rates noted, "After 26 days, and almost 350 million e-mail messages, only 28 sales resulted." Spam can be used to spread computer viruses , trojan horses or other malicious software. The objective may be identity theft , or worse (e.g., advance fee fraud ). Some spam attempts to capitalize on human greed, while some attempts to take advantage of
2145-483: The University of California, Berkeley and OvGU demonstrated that most (web-based) academic search engines, especially Google Scholar are not capable of identifying spam attacks. The researchers manipulated the citation counts of articles, and managed to make Google Scholar index complete fake articles, some containing advertising. Spamming in mobile app stores include (i) apps that were automatically generated and as
2210-480: The naive Bayes classifier while others use natural language processing to organize incoming emails. Image filtering can use complex image-analysis algorithms to detect skin-tones and specific body shapes normally associated with pornographic images. Microsoft Outlook includes user-generated email filters called "rules". Spamming Spamming is the use of messaging systems to send multiple unsolicited messages ( spam ) to large numbers of recipients for
2275-417: The Internet addressed to users protected by the filtering system or for lawful interception . Outbound email filtering involves the reverse - scanning email messages from local users before any potentially harmful messages can be delivered to others on the Internet. One method of outbound email filtering that is commonly used by Internet service providers is transparent SMTP proxying , in which email traffic
2340-424: The Internet, and there are many options for sending mass number of calls from a single location. Accounts or IP addresses being used for VoIP spam can usually be identified by a large number of outgoing calls, low call completion and short call length. Academic search engines enable researchers to find academic literature and are used to obtain citation data for calculating author-level metrics . Researchers from
2405-437: The additional equipment, software, and manpower needed to combat the problem. Spam's direct effects include the consumption of computer and network resources, and the cost in human time and attention of dismissing unwanted messages. Large companies who are frequent spam targets utilize numerous techniques to detect and prevent spam. The cost to providers of search engines is significant: "The secondary consequence of spamming
2470-634: The business by building more friendly bulk email software and providing internet access illegally hacked from major ISPs such as Earthlink and Botnets. By 2009 the majority of spam sent around the World was in the English language ; spammers began using automatic translation services to send spam in other languages. Email spam, also known as unsolicited bulk email (UBE), or junk mail, is the practice of sending unwanted email messages, frequently with commercial content, in large quantities. Spam in email started to become
2535-402: The cost at all. This raises the costs for everyone. In some ways spam is even a potential threat to the entire email system, as operated in the past. Since email is so cheap to send, a tiny number of spammers can saturate the Internet with junk mail. Although only a tiny percentage of their targets are motivated to purchase their products (or fall victim to their scams), the low cost may provide
2600-525: The emails addressed to the domain that do not exist in the mail server - this can help avoid losing emails due to misspelling. Users , may be able to install separate programs (see links below), or configure filtering as part of their email program ( email client ). In email programs, users can make personal, "manual" filters that then automatically filter mail according to the chosen criteria. Mail filters can operate on inbound and outbound email traffic. Inbound email filtering involves scanning messages from
2665-424: The guise of a user's trusted contacts such as friends and family. As for Twitter, spammers gain credibility by following verified accounts such as that of Lady Gaga; when that account owner follows the spammer back, it legitimizes the spammer. Twitter has studied what interest structures allow their users to receive interesting tweets and avoid spam, despite the site using the broadcast model, in which all tweets from
Whitelist - Misplaced Pages Continue
2730-490: The initial SMTP connection stage or pass it through unchanged for delivery to the user's mailbox. It is also possible to redirect the message for delivery elsewhere, quarantine it for further checking, modify it or 'tag' it in any other way. Common uses for mail filters include organizing incoming email and removal of spam and computer viruses . Mailbox providers filter outgoing email to promptly react to spam surges that may result from compromised accounts. A less common use
2795-546: The latter to end communication with the advertiser via SMS altogether. Despite the high number of phone users, there has not been so much phone spam, because there is a charge for sending SMS. Recently, there are also observations of mobile phone spam delivered via browser push notifications. These can be a result of allowing websites which are malicious or delivering malicious ads to send a user notifications. Facebook and Twitter are not immune to messages containing spam links. Spammers hack into accounts and send false links under
2860-451: The lawsuit for several thousand U.S. dollars in June 2004. But the law is criticized by many for not being effective enough. Indeed, the law was supported by some spammers and organizations that support spamming, and opposed by many in the anti-spam community. Earthlink won a $ 25 million judgment against one of the most notorious and active "spammers" Khan C. Smith in 2001 for his role in founding
2925-504: The menu items in the Monty Python sketch. One of the earliest people to use "spam" in this sense was Joel Furr . This use had also become established—to "spam" Usenet was to flood newsgroups with junk messages. The word was also attributed to the flood of " Make Money Fast " messages that clogged many newsgroups during the 1990s. In 1998, the New Oxford Dictionary of English , which had previously only defined "spam" in relation to
2990-473: The message body, or perhaps the email address of the sender of the message. More complex control flow and logic is possible with programming languages; this is typically implemented with a data-driven programming language, such as procmail , which specifies conditions to match and actions to take on matching, which may involve further matching. Some more advanced filters, particularly anti-spam filters, use statistical document classification techniques such as
3055-466: The modern spam industry which dealt billions in economic damage and established thousands of spammers into the industry. His email efforts were said to make up more than a third of all Internet email being sent from 1999 until 2002. Sanford Wallace and Cyber Promotions were the target of a string of lawsuits, many of which were settled out of court, up through a 1998 Earthlink settlement that put Cyber Promotions out of business. Attorney Laurence Canter
3120-658: The origins of spam were analyzed by Cisco Systems . They provided a report that shows spam volume originating from countries worldwide. Hormel Foods Corporation , the maker of SPAM luncheon meat, does not object to the Internet use of the term "spamming". However, they did ask that the capitalized word "Spam" be reserved to refer to their product and trademark. The European Union 's Internal Market Commission estimated in 2001 that "junk email" cost Internet users €10 billion per year worldwide. The California legislature found that spam cost United States organizations alone more than $ 13 billion in 2007, including lost productivity and
3185-445: The public and by Internet service providers , which have added extra capacity to cope with the volume. Spamming has been the subject of legislation in many jurisdictions. A person who creates spam is called a spammer . The term spam is derived from the 1970 "Spam" sketch of the BBC sketch comedy television series Monty Python's Flying Circus . The sketch, set in a cafe , has
3250-607: The purpose of commercial advertising , non-commercial proselytizing , or any prohibited purpose (especially phishing ), or simply repeatedly sending the same message to the same user. While the most widely recognized form of spam is email spam , the term is applied to similar abuses in other media: instant messaging spam , Usenet newsgroup spam , Web search engine spam , spam in blogs , wiki spam , online classified ads spam, mobile phone messaging spam , Internet forum spam , junk fax transmissions , social spam , spam mobile apps, television advertising and file sharing spam. It
3315-699: The repeated posting of a message (or substantially similar messages). The prevalence of Usenet spam led to the development of the Breidbart Index as an objective measure of a message's "spamminess". Forum spam is the creation of advertising messages on Internet forums. It is generally done by automated spambots. Most forum spam consists of links to external sites, with the dual goals of increasing search engine visibility in highly competitive areas such as weight loss, pharmaceuticals, gambling, pornography, real estate or loans, and generating more traffic for these commercial websites. Some of these links contain code to track
SECTION 50
#17330853937653380-404: The sender must pass a series of tests; for example, their email server must not be an open relay and have a static IP address . The operator of the whitelist may remove a server from the list if complaints are received. Commercial whitelists are a system by which an Internet service provider allows someone to bypass spam filters when sending email messages to its subscribers, in return for
3445-497: The spam-advertised goods in the study; and, 3) a "financial blacklist" of banking entities that do business with spammers would dramatically reduce monetization of unwanted e-mails. Moreover, this blacklist could be updated far more rapidly than spammers could acquire new banking resources, an asymmetry favoring anti-spam efforts. An ongoing concern expressed by parties such as the Electronic Frontier Foundation and
3510-501: The spambot's identity; if a sale goes through, the spammer behind the spambot earns a commission. Mobile phone spam is directed at the text messaging service of a mobile phone . This can be especially irritating to customers not only for the inconvenience, but also because of the fee they may be charged per text message received in some markets. To comply with CAN-SPAM regulations in the US, SMS messages now must provide options of HELP and STOP,
3575-641: The subject line of the postings. Defiant in the face of widespread condemnation, the attorneys claimed their detractors were hypocrites or "zealots", claimed they had a free speech right to send unwanted commercial messages, and labeled their opponents "anti-commerce radicals". The couple wrote a controversial book entitled How to Make a Fortune on the Information Superhighway . An early example of nonprofit fundraising bulk posting via Usenet also occurred in 1994 on behalf of CitiHope, an NGO attempting to raise funds to rescue children at risk during
3640-417: The survey, and the archive file itself, is worthless and does not contain the file in question at all), or in extreme cases, malware . Others may upload videos presented in an infomercial -like format selling their product which feature actors and paid testimonials , though the promoted product or service is of dubious quality and would likely not pass the scrutiny of a standards and practices department at
3705-403: The total available hosting registrars and autonomous systems, with 80 percent of spam programs overall being distributed over just 20 percent of all registrars and autonomous systems; 2) of the 76 purchases for which the researchers received transaction information, there were only 13 distinct banks acting as credit card acquirers and only three banks provided the payment servicing for 95 percent of
3770-407: The trademarked food product, added a second definition to its entry for "spam": "Irrelevant or inappropriate messages sent on the Internet to a large number of newsgroups or users." There was also an effort to differentiate between types of newsgroup spam. Messages that were crossposted to too many newsgroups at once, as opposed to those that were posted too frequently, were called "velveeta" (after
3835-509: The victims' inexperience with computer technology to trick them (e.g., phishing ). One of the world's most prolific spammers, Robert Alan Soloway , was arrested by US authorities on May 31, 2007. Described as one of the top ten spammers in the world, Soloway was charged with 35 criminal counts, including mail fraud, wire fraud, e-mail fraud , aggravated identity theft, and money laundering. Prosecutors allege that Soloway used millions of "zombie" computers to distribute spam during 2003. This
3900-481: The volume of email spam. According to "2014 Internet Security Threat Report, Volume 19" published by Symantec Corporation , spam volume dropped to 66% of all email traffic. An industry of email address harvesting is dedicated to collecting email addresses and selling compiled databases. Some of these address-harvesting approaches rely on users not reading the fine print of agreements, resulting in their agreeing to send messages indiscriminately to their contacts. This
3965-457: Was a message advertising the availability of a new model of Digital Equipment Corporation computers sent by Gary Thuerk to 393 recipients on ARPANET on May 3, 1978. Rather than send a separate message to each person, which was the standard practice at the time, he had an assistant, Carl Gartley, write a single mass email. Reaction from the net community was fiercely negative, but the spam did generate some sales. Spamming had been practiced as
SECTION 60
#17330853937654030-469: Was also used to prevent members of rival groups from chatting—for instance, Star Wars fans often invaded Star Trek chat rooms, filling the space with blocks of text until the Star Trek fans left. It later came to be used on Usenet to mean excessive multiple posting—the repeated posting of the same message. The unwanted message would appear in many, if not all newsgroups, just as Spam appeared in all
4095-490: Was disbarred by the Tennessee Supreme Court in 1997 for sending prodigious amounts of spam advertising his immigration law practice. In 2005, Jason Smathers , a former America Online employee, pleaded guilty to charges of violating the CAN-SPAM Act . In 2003, he sold a list of approximately 93 million AOL subscriber e-mail addresses to Sean Dunaway who sold the list to spammers. In 2007, Robert Soloway lost
4160-464: Was sentenced to six years in prison, and James R. Schaffer, 41, of Paradise Valley, Arizona , was sentenced to 63 months. In addition, the two were fined $ 100,000, ordered to pay $ 77,500 in restitution to AOL , and ordered to forfeit more than $ 1.1 million, the amount of illegal proceeds from their spamming operation. The charges included conspiracy , fraud , money laundering , and transportation of obscene materials. The trial, which began on June 5,
4225-699: Was the first to include charges under the CAN-SPAM Act of 2003 , according to a release from the Department of Justice . The specific law that prosecutors used under the CAN-Spam Act was designed to crack down on the transmission of pornography in spam. In 2005, Scott J. Filary and Donald E. Townsend of Tampa, Florida were sued by Florida Attorney General Charlie Crist for violating the Florida Electronic Mail Communications Act. The two spammers were required to pay $ 50,000 USD to cover
#764235