Email Security Acronyms and Jargon

Every industry has its acronyms, jargon, and other "legalese" to facilitate discussion among experts and to keep outsiders away.  These are the terms I have found most useful, or need-to-know, or just plain humorous.  See http://www.metasignatures.org/glossary.htm - Email Security Glossary for a much larger and more serious list.

phishing – seeking credit card numbers, passwords, or other private information using forged emails, fraudulent websites, or other deceptive tactics.

harvesting – building spam lists by gathering email addresses from websites, newsgroups, address books, etc.  munging an address is a common defense, preventing the harvester bot from recognizing it as an address.

joe-job – use of an innocent victim's address to make it look like they are the source of the spam.

botnets, zombies – infected computers used for anonymous spamming, hosting of fraudulent websites, DDoS attacks, etc.

DDoS – Distributed Denial of Service attack – jamming a victim's mailbox (aka "mail bombing") or website to prevent the normal flow of email or customer requests.  The use of distributed zombie networks avoids the simple defense of filtering one source address.  http://en.wikipedia.org/wiki/DDoS

nuke-and-pave – erase everything on your computer and re-install all programs from original media, often the only cure for a persistent infection.

virus, worm, trojan – programs designed to take over your computer, usually for the purpose of sending spam or causing some damage.  A virus infects some other program in your computer.  A worm is a self-contained program, which usually copies itself to another computer over a network connection.  A trojan horse is a seemingly normal program containing malicious code, disguised so as to trick the user into voluntarily installing it. http://en.wikipedia.org/wiki/Computer_virus

keylogger – program designed to capture every keystroke on a victim's computer, including passwords.

root kit – tools to gain "root access" to a computer.  A program with root access has no limits to accessing any device or file.

honeypots, spamtraps – tools for attracting harvesters and detecting the use of harvested addresses.

tarpit – a receiving machine running a program like Spamish Inquisition, using delay tactics to overload the spam-sending machine.

black-lists, white-lists – lists of IP addresses or domains to reject or accept.

ISP – Internet Service Provider – an organization providing access to the Internet.

MTA – Mail Transfer Agent.  A program which sends or receives email using SMTP.

SMTP – Simple Mail Transfer Protocol – the common standard for moving mail across the Internet.

MUA, MSA, MDA -  Other types of mail agents - Mail User Agent, Mail Submission Agent, Mail Distribution Agent.

open relay – an MTA that is open for anyone to use, thereby hiding the identity of the original mailer.  A zombie can be used as an open relay without the owner of the machine ever knowing about it.

Internet – the world-wide network that shares a common set of IP addresses, not the internal networks found in most companies.

IP Address – the Internet Protocol address of a machine on a network.  A dynamic address is a temporary address.  Static is the geek word for permanent.

TCP – Transmission Control Protocol – the standard for making a "connection" between two computers on the Internet.  These connections are used for almost all Internet traffic, including email.  Establishing a connection reveals the IP address of the source computer, so most forgers will avoid a direct connection.

kamikaze packetaka "lamp test" – TCP packet with all flags ON.  { Stevens p.230 }

DNS – the Domain Name System which is used by almost all Internet programs to convert domain names to IP addresses.

whack-a-mole – the never-ending game of blocking spam using blacklists of rapidly changing IP addresses.

S4L – spam for life, what you get if you click "unsubscribe" and thereby verify your address.

word salad – a common spammer trick, blocks of random non-spam words added to defeat Bayesian filters.  The more sophisticated filters can detect non-English patterns, but spammers are now moving up to "sentence salad"  http://en.wikipedia.org/wiki/Word_salad

street spam – vertical litter - illegal signs posted in a public area.

email hygiene – "just say no" – futile attempts to stop spam by changing human nature.

Luser – geek word showing contempt for ordinary computer users.

Bibliography

A short list of the most useful books and articles on the technology underlying email.

TCP/IP Illustrated, vol. I, The Protocols, W. Richard Stevens, 1994.  Very thorough, yet readable.  Good illustrations.

DNS and BIND, 4th ed., Albitz & Liu, 2001. – Standard text on the Domain Name System.

"Internet Mail Architecture", D. Crocker, http://www.ietf.org/internet-drafts/draft-crocker-email-arch-04.txt (work in progress) - best overview with references to all the relevant RFC standards.

"CircleID", http://www.circleid.com – a "Collaborative Intelligence Hub for the Internet's Core Infrastructure & Policies" – current articles by top industry experts.