Spam

Spam refers to unsolicited electronic communication.

The notion of "sending messages unwanted by the recipient" is not new; it already existed in the form of advertising via postal mailboxes or conventional telephony networks (fax, automatic telephone messaging calls, etc.).

However, spam has now taken over the Internet in phenomenal proportions, representing – depending on the source – from 80% to 90% of the total volume of e-mails exchanged on the Internet.

Over the years, spam has diversified, adapted and become more complex, sometimes to the point of being highly sophisticated. Today, it can take many different forms, using a variety of electronic communications media (Internet, mobile telephony...), with objectives as diverse and varied as possible.

For the end-user, spam may seem relatively harmless – although sometimes a little annoying –, and he often thinks that, thanks to a few filtering rules or a simple anti-spam tool, the problem is well and truly solved.

Unfortunately, this is just the tip of the iceberg, as the impact of spam is far more significant and consequential for all Internet players.

The most pessimistic are predicting the end of the Internet because of spam, while others are talking about charging for sending e-mails... Without going to such extremes, we can nevertheless be rightly concerned about the phenomenon. Despite the plethora of existing anti-spam techniques, the problem is far from diminishing.

In this dossier, we'll take a look at spam and try to understand the existing mechanisms for combating and preventing it.

In the first part, we'll define spam in terms of its origin, objectives and content, its authors, its impact and the regulatory aspects involved.

In the second part, we will classify, detail and examine the many different detection techniques often found in end-user anti-spam tools. These mostly reactive techniques, although relatively effective at a given time, generally fail to keep pace with the (very rapid!) evolution of the techniques used by spammers –– to bypass them. Other solutions are therefore more proactive, sometimes even trying to shake up the existing e-mail architecture, in an attempt to bring about more or less effective, more or less feasible improvements.

Before getting to the heart of the matter, it's important to emphasize that the notion of "spam detection" essentially corresponds to the ability to distinguish "bad messages" from "good messages".

The worst thing for anti-spam detection is not so much letting a few bad messages arrive in your mailbox (so-called "false-negatives"),...