machine project in infosec · in this project, the term spam refers to the unrequested or...
TRANSCRIPT
INFOSEC Machine Project: MailWasher
A Group Project by: Hipolito, Jovellano, Pachico, Ruiz
Page 1 of 14
Machine Project in INFOSEC MailWasher
Submitted by:
Joanna Marie Pauline T Hipolito Monique Isabela S Jovellano
Mikhaela Francesca G Pachico Angelica Laurene S Ruiz
Submitted to: Professor Justin David G Pineda
14 April 2016
INFOSEC Machine Project: MailWasher
A Group Project by: Hipolito, Jovellano, Pachico, Ruiz
Page 2 of 14
Contents Machine Project in INFOSEC ........................................................................................................... 1
MailWasher ................................................................................................................................. 1
Abstract ........................................................................................................................................... 3
Introduction .................................................................................................................................... 4
Configuration .................................................................................................................................. 5
Prerequisites ............................................................................................................................... 5
Setup ........................................................................................................................................... 5
Testing ........................................................................................................................................... 11
Test 1: Claim-Your-Prize Spam .................................................................................................. 11
Description ............................................................................................................................ 11
Results ................................................................................................................................... 11
Test 2: Bulk Spam ...................................................................................................................... 13
Description ............................................................................................................................ 13
Results ................................................................................................................................... 13
INFOSEC Machine Project: MailWasher
A Group Project by: Hipolito, Jovellano, Pachico, Ruiz
Page 3 of 14
Abstract
In this project, the term spam refers to the unrequested or unsolicited bulk messages
received in e-mails. Spams are usually used for commercial purposes but can also be used for
malicious attacks. It is important to block these spams even before they can damage the infor-
mation in the system and to do that, an anti-spam should be implemented. Installing an open
source anti-spam software like MailWasher mitigates the potential security threats from these
spams. What it does is it filters or scans the content of e-mails and may even monitor email sig-
natures, IP addresses, or other data to reduce spams. To test if MailWasher works, e-mails that
are considered spam were sent to an account that uses the anti-spam software. These e-mails
should meet the conditions that were set in the configuration of the software. If it works, Mail-
Washer should indicate that the e-mails were indeed spams.
INFOSEC Machine Project: MailWasher
A Group Project by: Hipolito, Jovellano, Pachico, Ruiz
Page 4 of 14
Introduction
Spamming is an act of using the electronic communication systems in order to send mul-
tiple unsolicited messages with the same content. It is commonly in the form of an electronic
mail or e-mail and is most of the time used for advertising products and conducting dangerous
schemes that can harm the users. It can also cause internet traffic thus slowing down daily oper-
ations. This has become a common problem to ordinary users, organizations and other institu-
tions that uses electronics as a form of communication. This led to the development of anti -
spamming tools. One example is the MailWasher that was developed by the New Zealand based
company FireTrust. MailWasher is an open-source email filtering software for Windows that can
detect and delete spam from the mail server before being downloaded in a user’s terminal. This
will be more beneficial to the users because it implements security and convenience. Potentially
dangerous spam and unwanted e-mail is prevented from entering the terminal. As a result, there
would be a speedy downloading process for mails.
The MailWasher anti-spamming tool displays unique features that is favorable for the us-
ers. For instance, it sends notification when mails arrive and accordingly marks suspicious mes-
sage contents. Also, the user can specify their own filters by configuring the tool based on their
preference through the global white list which and black list. The tool offers the option to give
exceptions to the people that the user knows from spam checking. Additionally, a Bayesian en-
gine is included to automatically enhance spam detection. With regards to user experience, the
MailWasher is on par with other high quality e-mail filtering software. It is basically easy to use
because of the simple interface making it effective and user-friendly.
Installing MailWasher has a lot of advantages. One is that there would be no reported
spam entering the terminal, computer or other electronic devices because of its extensive capa-
bility as an anti-spamming tool. Every e-mail received would be first checked before getting into
the computer. It is also possible not to lose valuable e-mails because it utilizes intelligent spam
tools that ensures the reliability of the software.
INFOSEC Machine Project: MailWasher
A Group Project by: Hipolito, Jovellano, Pachico, Ruiz
Page 5 of 14
Configuration
Prerequisites
Operating System: Microsoft Windows Size: 19.5 MB
Setup
To download MailWasher, go to http://www.mailwasher.net/download-mailwasher-free.
INFOSEC Machine Project: MailWasher
A Group Project by: Hipolito, Jovellano, Pachico, Ruiz
Page 6 of 14
After successfully installing MailWasher, run the application.
Go to Settings > Accounts > Add Email Account. (It is recommended that the users register their gmail account for convenience.) Then click Save.
INFOSEC Machine Project: MailWasher
A Group Project by: Hipolito, Jovellano, Pachico, Ruiz
Page 7 of 14
Click the Incoming tab. On the Server Type, choose IMAP. Then type the desired username and
password. Click Save.
Proceed to the Outgoing tab. Type the SMTP server address, then click Save.
INFOSEC Machine Project: MailWasher
A Group Project by: Hipolito, Jovellano, Pachico, Ruiz
Page 8 of 14
Go to the IMAP tab. Check the folder that says Gmail then click Save.
Proceed to the Spam Tools > Filters. Click Add Filter and then Add Rule. This is where all the keywords considered as a Spam should be listed. Then Save.
INFOSEC Machine Project: MailWasher
A Group Project by: Hipolito, Jovellano, Pachico, Ruiz
Page 9 of 14
After the configuration of MailWasher, go to Inbox and then try to send a trial spam on your
email address to test if it is working.
Go to the Inbox and click Check Email. The email will be detected and the MailWasher will start evaluating the message.
If the email is a spam, this will happen:
INFOSEC Machine Project: MailWasher
A Group Project by: Hipolito, Jovellano, Pachico, Ruiz
Page 10 of 14
If the user wants to delete the email before it appears on the email inbox, just click Wash Mail
and it will be deleted.
Now, check the gmail and see if the spam was received or not.
INFOSEC Machine Project: MailWasher
A Group Project by: Hipolito, Jovellano, Pachico, Ruiz
Page 11 of 14
Testing
Test 1: Claim-Your-Prize Spam
Description
To check if the anti-spam works, an e-mail was sent with the words "You won". These
words were included in the list of keywords that make the e-mail considered a spam. If it works,
the MailWasher will flag it as a spam.
Results
INFOSEC Machine Project: MailWasher
A Group Project by: Hipolito, Jovellano, Pachico, Ruiz
Page 12 of 14
INFOSEC Machine Project: MailWasher
A Group Project by: Hipolito, Jovellano, Pachico, Ruiz
Page 13 of 14
Test 2: Bulk Spam
Description
This time, the spam will be detected based on its quantity. If the a bulk of messages is
received from a single account with a restricted keyword that would make the e-mail a spam,
then these bulk of messages would indeed be considered as spam. The mailwasher can als o ac-
cept emails that are not yet known as a spaim and user can manually assign it as a spam by click-
ing the thumbs down button.
Results
INFOSEC Machine Project: MailWasher
A Group Project by: Hipolito, Jovellano, Pachico, Ruiz
Page 14 of 14
----- NOTHING FOLLOWS -----