04-12-2012, 06:41 PM
DMTP: Controlling Spam Through Message Delivery Differentiation
DMTP.pdf (Size: 199.11 KB / Downloads: 28)
Abstract
Unsolicited commercial email, commonly known as spam, has become a pressing problem in today's Internet.
In this paper we re-examine the architectural foundations of the current email delivery system that are responsible
for the proliferation of email spam. We argue that the difculties in controlling spam stem from the fact that
the current email system is fundamentally sender-driven and distinctly lacks receiver control over email delivery.
Based on these observations we propose a Differentiated Mail Transfer Protocol (DMTP), which grants receivers
greater control over how messages from different senders should be delivered on the Internet. In addition, we also
develop a formal mathematical model to study the effectiveness of DMTP in controlling spam. Through numerical
experiments we demonstrate that DMTP can effectively reduce the maximum revenue that a spammer can gather.
Moreover, compared to the current SMTP-based email system, the proposed email system can force spammers
to stay online for longer periods of time, which may signicantly improve the performance of various real-time
blacklists of spammers. In addition, DMTP provides an incremental deployment path from the current SMTP-based
system in today's Internet.
INTRODUCTION
Unsolicited commercial email, commonly known as spam, is a pressing problem on the Internet. In addition
to undermining the usability of the current email system, spam also costs industry billions of dollars each year
in recent years [9], [26]. In response, the networking research and industrial communities have proposed a large
number of anti-spam countermeasures, including numerous email spam lters [3], [6], [12], [13], [22], [23], [25],
sender authentication schemes [8], [18], [20], and sender-discouragement mechanisms (to increase the cost of
sending email such as paid email) [11], [16]. Some of the schemes have been deployed on the Internet. On the
other hand, despite these anti-spam efforts, in recent times the proportion of email spam seen on the Internet has
been continuously on the rise [4], [6].
Why Is It so Hard to Control Spam?
The current email system uses the Simple Mail Transfer Protocol (SMTP) to deliver messages from sender to
receiver [17]. While simple, such a system also provides an ideal platform for spammers to act as parasites. It is our
contention that, in order to effectively control spam, we must design and deploy an email delivery system that can
proactively resist spam in the rst place. As a rst step toward this goal, in this paper we examine the architectural
aspects of the current email system that are responsible for the proliferation of spam and propose a Differentiated
Mail Transfer Protocol (DMTP) that aims to overcome these limitations based on the following three key insights.
Moving to a receiver-driven model: First, the current email system is fundamentally sender-driven and distinctly
lacks receiver control over the message delivery mechanism. For example, in the current SMTP-based email system,
any user can send an email to another at will, regardless of whether or not the receiver is willing to accept the
message. In the early days of the Internet development, this was not a big problem as people on the network largely
trusted each other. However, since the commercialization of the Internet in the mid-1990s, the nature of the Internet
community has changed. It has become less trustworthy, and the emergence of email spam is one of the most
notable examples of this change. In order to effectively address the issue of spam in the untrustworthy Internet, we
argue that receivers must gain greater control over if and when a message should be delivered to them.
Contributions of this Paper
Based on these observations we propose a Differentiated Mail Transfer Protocol (DMTP) as a countermeasure
to the spam problem. A key feature of DMTP is that it grants receivers greater control over the message delivery
mechanism. In DMTP, a receiver can classify senders into different classes and treat the delivery of messages
from each class differently. For example, although regular contacts of a receiver can directly send messages to
the receiver, unknown senders need to store messages in the senders' own mail servers. Such messages are only
retrieved by the receiver if and when he wishes to do so.
DMTP provides us with several important advantages in controlling spam: 1) the delivery rate of spam is
determined by the spam retrieval behavior of receivers instead of being controlled by spammers; 2) spammers are
forced to stay online for longer periods of time (because the sending rate of spam is regulated by the spam retrieval
rate of receivers), which can signicantly improve the performance of RBLs; 3) regular correspondents of a receiver
do not need to make any extra effort to communicate with the receivercorrespondence from regular contacts is
handled in the same manner as in the current SMTP-based email system; 4) DMTP can be easily deployed on the
Internet incrementally.
DMTP: A DIFFERENTIATED MAIL TRANSFER PROTOCOL
DMTP is designed based on a variant of the receiver-pull model, where senders are allowed to rst express an
intent to send message to a receiver via a small intention message. If the receiver happens to be interested, he
contacts the sender and retrieves the content message. Figure 1 illustrates the basic architecture of the new email
delivery system. Before we delve into the details of DMTP, it is worth noting that the new system extends the
current SMTP protocol [17] by adding two new commandsMSID and GTML, and one new reply code253 (see
Table I). All the commands and reply codes in SMTP are also supported in the new system. We explain the new
commands and reply code when we use them.
RELATED WORK
The most widely deployed anti-spam solutions today are reactive content lters that scan the contents of the
message at the receiver's MTA after the message has been delivered. However, none of them can achieve 100%
accuracy, and spammers quickly adapt to counter the strategies used by these lters. In addition, content ltering
will no longer serve as long-term viable solution once email messages begin to be encrypted using receivers' public
keys [21]. Instead, we have advocated fundamental changes in protocol-level design to a pull-based model.
Like DMTP, FairUCE [5] also advocates the usage of sender classiers. However, it is still a push-based model
in which network reputation, along with receiver dened whitelist and blacklist, is used to determine whether to
accept a message. IM2000 [1] also advocates a pull-based model like DMTP. However, unlike DMTP, all outgoing
messages need to be stored at sender MTAs and receivers need to retrieve all the messages remotely, regardless
of where the messages come from. In addition, IM2000 is not incrementally deployable and requires massive
infrastructure changes. Li et al proposed a method to slow down spam delivery by damping the corresponding
TCP sessions [19]. However, the long-term impact of modifying the behavior of TCP for a specic application is
not clear, and spammers may respond by changing sender MTA's TCP behavior. In the Greylisting [14] approach,
a message from a new sender is temporarily rejected upon the rst delivery attempt, the underlying assumption
being that spammers will not re-send a message whereas regular MTAs will. However, it is only a matter of time
before spammers adapt to this technique by re-sending their message. Sender authentication schemes such as [8],
[18] can help improve the accountability of email senders. However, they cannot control the delivery of spam by
themselves.
CONCLUSION AND ONGOING WORK
In this paper we examined the architectural aspects of the current email system that are responsible for the
proliferation of spam, and proposed a Differentiated Mail Transfer Protocol to control spam. In addition, we also
developed a formal model to study the performance of DMTP. Through numerical experiments we demonstrated that
DMTP can signicantly reduce the maximum spammer revenue. Moreover, it also forces spammers to stay online
for longer periods of time, which helps improve the performance of real-time blacklists of spammers. Currently
we are developing a prototype of DMTP. We plan to further investigate the performance of DMTP based on the
prototype and simulations.