Your approach of automatically deleting non-whitelist email messages will certainly keep image spam to a minimum...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
-- in fact, close to 100%. When it comes to tackling spam, whitelists are certainly a better approach than blacklists. Spammers continually create new email addresses to send messages from, or new keywords to use in their email, so blacklists are nearly always out of date.
A major drawback of whitelists, however, is their inordinate number of false positives. With whitelists, it's easy for a number of genuine emails to be deleted. An email from a potential supplier, for example, may include a corporate logo. Unless the company is already on the whitelist, the email will be deleted.
Trying to avoid the number of false positives requires an up-to-date whitelist. Maintaining this catalog of trusted sources is another drawback. Whether you use specific email addresses, IP addresses or trusted domains, gathering the list can be a very time–consuming and labor-intensive task.
If most of your legitimate email comes from a relatively small and fixed set of senders, then I would stick with your current tactic. The effectiveness of the strategy justifies the work involved in maintaining the list. However, if your users are likely to register for online services or subscribe to online newsletters, you could run into problems. For example, if you don't immediately add a new email source to your whitelist, or if the domain or IP address is entered incorrectly, the communication will fail. In these circumstances, instead of deleting emails containing images, I would quarantine them. Then, the recipient can quickly review the "from" and "subject" fields before allowing them to be downloaded to his or her inbox. Most gateway spam filters provide this type of functionality.
You could also institute a challenge-response test. When an unknown sender writes an email to one of your users, the system can automatically send a challenge back to the sender. The sender has to respond to this email in order for the message to be delivered. Since spammers are unlikely to bother with a response, the approach can be an effective one. The technology can be irritating, however, for your genuine correspondents.
Unfortunately, there's no perfect antispam strategy, but you should definitely back up your technology-based defenses with security awareness training and a strong email policy. Many users are still unaware of the often malicious nature of spam.
Dig Deeper on Email Security Guidelines, Encryption and Appliances
Related Q&A from Michael Cobb
C&C servers have been replaced with Twitter accounts, which spread the Android Trojan Twitoor to user devices. Expert Michael Cobb explains how to ...continue reading
Two-factor authentication systems require more than using codes sent through SMS and smart cards. Expert Michael Cobb explains how to properly and ...continue reading
A Linux vulnerability that affects 80% of Android devices allows for attacks on TCP communications and remote code execution. Expert Michael Cobb ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.