Your approach of automatically deleting non-whitelist email messages will certainly keep image spam to a minimum...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
-- in fact, close to 100%. When it comes to tackling spam, whitelists are certainly a better approach than blacklists. Spammers continually create new email addresses to send messages from, or new keywords to use in their email, so blacklists are nearly always out of date.
A major drawback of whitelists, however, is their inordinate number of false positives. With whitelists, it's easy for a number of genuine emails to be deleted. An email from a potential supplier, for example, may include a corporate logo. Unless the company is already on the whitelist, the email will be deleted.
Trying to avoid the number of false positives requires an up-to-date whitelist. Maintaining this catalog of trusted sources is another drawback. Whether you use specific email addresses, IP addresses or trusted domains, gathering the list can be a very time–consuming and labor-intensive task.
If most of your legitimate email comes from a relatively small and fixed set of senders, then I would stick with your current tactic. The effectiveness of the strategy justifies the work involved in maintaining the list. However, if your users are likely to register for online services or subscribe to online newsletters, you could run into problems. For example, if you don't immediately add a new email source to your whitelist, or if the domain or IP address is entered incorrectly, the communication will fail. In these circumstances, instead of deleting emails containing images, I would quarantine them. Then, the recipient can quickly review the "from" and "subject" fields before allowing them to be downloaded to his or her inbox. Most gateway spam filters provide this type of functionality.
You could also institute a challenge-response test. When an unknown sender writes an email to one of your users, the system can automatically send a challenge back to the sender. The sender has to respond to this email in order for the message to be delivered. Since spammers are unlikely to bother with a response, the approach can be an effective one. The technology can be irritating, however, for your genuine correspondents.
Unfortunately, there's no perfect antispam strategy, but you should definitely back up your technology-based defenses with security awareness training and a strong email policy. Many users are still unaware of the often malicious nature of spam.
Dig Deeper on Email and Messaging Threats-Information Security Threats
Related Q&A from Michael Cobb
A technique known as the GhostHook attack can get around PatchGuard, but Microsoft hasn't patched the flaw. Expert Michael Cobb explains why, as well...continue reading
Software developed by the hacking group Platinum takes advantage of Intel AMT to bypass the built-in Windows firewall. Expert Michael Cobb explains ...continue reading
Tensions between the U.S. and Russia have led to source code reviews on security products, but the process isn't new. Expert Michael Cobb explains ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.