23-04-2011, 10:27 AM
A Plan For No Spam.ppt (Size: 306 KB / Downloads: 179)
Introduction
Unwanted and irrelevant mass mailings, commonly known as spam are becoming a serious nuisance that if left unchecked may soon be regarded as a Denial of Service Attack against the email infrastructure of the Internet itself.
The term spam is derived from a Monty python sketch set in a cafeteria in which the principal protagonists have difficulty making them heard about a group of Vikings singing. "SPAM" in honor of the meat product manufactured by Hormel
Ideal Spam Control System Properties
Acceptable Use policies
Pull Vs Push
One of the major problems caused by spam is positive identification as spam of legitimate emails
This is a particular problem with commercial mailing lists and newsletter messages requested by the recipient which frequently carry advertising and make use of content that is likely to be flagged by content inspection filters as spam
One possible solution to this problem would be to add some form of authentication mechanism that communicated the recipient's consent to the mail infrastructure
Another option would be to distribute this form of content using the pull model of the Web [HTTP] and NNTP [NNTP] rather than the push model of the email
Opt-Out and Do-Not-Spam lists
Accountability
Content Inspection
Authentication
Cryptographic SSL
Legislation And Litigation
Prosecutions and Litigation under Existing Legislation
Protocol changes to facilitate spam measures
Authentication Mechanisms
Mailing List Management
Mechanisms identifying messages sent through a mailing list and the means by which the subscription can be cancelled.
Mechanism that allows a mail server to determine that an email user solicited a message from a particular mailing list or other bulk sender
Authenticated subscription management mechanism
Mechanism for communicating the authenticated mailing list subscription mechanisms to email clients.
Mechanisms for identifying automatically generated messages that should not be replied to under any circumstances.
Means of determining that an email client confirms to a consistent means of implementing the above
Comprehensive Email Management
Denial Of Service Black List
Denial Of Service attack typically targets a single site or a small group of sites.
It is likely therefore that in most cases the source of information for the denial of service blacklist would be information collected at the site itself.
Spam Sender Blacklist
It is recommended that spam blacklists be used as one input to the content filtering decision making process than to provide an accept/deny decisions.
In particular end users should not be deprived of wanted email messages because they are send from a source address that has been listed to create ‘collateral damage’ as a means of establishing leverage to cause an ISP to change policy.
In most cases neither the sender nor the receiver has direct influence over these policies and the annoyance caused to the use of these tactic is almost certain to be greater than that caused by the spam itself
Authorized Sender Whitelist
The authorized sender white lists will typically be based on information configured locally from lists of known customers, suppliers and partners.
In cases where robust authentication techniques such as digital certificates are used, it may prove adequate to list exceptions to the white lists.
The use of feedback from end users is highly recommended to assist in the maintenance of the black lists and white lists and in the configuration of the content inspection processor.
This feedback may employ Bayesian inference, least squares minimization etc
Conclusion
Do not send lists, protected using one-way encryption provide an objective definition of a spam message.
Legislative initiatives provide a means of increasing the costs of the spam senders and reducing the profitability of their enterprise.
Content inspection provides a means of identifying undesirable messages that can be deployed with immediate advantage to the user
Authentication provides a means of identifying desirable messages that allows the problem of false positives associated with content inspection to be reduced and with widespread deployment offers the possibility of a comprehensive solution
Authentication policy provides a means of knowing that a message that does not meet the Authentication policy specified by the domain name owner has been forged and should be discarded as spam
Callback loop authentication is acceptable as a last resort when a message has been identified as likely spam. it use as a first line of defense is not acceptable.
Protocol improvements provide support for the content inspection and authentication mechanisms and should be pursued aggressively.
Spam is a security problem.
It is the lack of authentication and authorization in the email system that allows sit to be abused for any purpose spam is a community problem and it is the internet community as a whole that must find, implement and deploy solutions