Ask the Expert

Can simple antispam filters solve the image spam problem?

With the hype lately about image spam, I find myself wondering why companies don't just filter it out. How often does a legitimate message contain only an image? In business mail, I'd venture to say it should never happen. Even in personal mail, it's rare; people almost always include comments with the pictures they send around. Therefore, a simple rule filtering out messages lacking body text ought to take care of the problem, right?

    Requires Free Membership to View

Your suggestion is reasonable, but not a panacea. I receive a lot of spam that contains only image attachments. In fact, when searching through my antispam filter (a very un-scientific method of analysis), I estimate that about 5% of the spam I receive contains nothing more than an image. So, why not filter all images?

First, it's a distinct minority of all spam, and filtering puts a frustratingly small dent in the problem. Second, the bad guys can easily adapt and are already doing so. A few months ago, a lot of the pump-and-dump stock spam messages were purely images, but now spammers often append a bunch of gibberish words or random sentences to the email by placing them underneath the image. Third, traditional antispam solutions can detect image-based spam reasonably well, responding to hashes of the images themselves and the fact that they are spewed out in bulk. Rather than blocking image spam wholesale, we can catch it using traditional antispam filters. So, your idea of filtering them is a good one, but nothing that will put a major dent in the glut of spam.

More information:

  • Learn how IT pros are battling image spam.
  • Find out how well whitelists and blacklists can stop spam?
  • This was first published in December 2006

    There are Comments. Add yours.

    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: