CSC 379:Week 1, Group 4: Difference between revisions

From Expertiza_Wiki
Jump to navigation Jump to search
Line 48: Line 48:
|-valign="top"
|-valign="top"
<!----------------------------------------------------------------------------->
<!----------------------------------------------------------------------------->
|Block domains of "known" spammers
|[[#Block_domains_of_.22known.22_spammers|Block domains of "known" spammers]]
|
|
*Gets rid of a large amount of spam
*Gets rid of a large amount of spam
Line 67: Line 67:
|-valign="top"
|-valign="top"
<!----------------------------------------------------------------------------->
<!----------------------------------------------------------------------------->
|Require users to request permission to send you e-mail (e.g. Earthlink spam blocker)
|[[#Require_users_to_request_permission_to_send_mail|Require users to request permission to send you e-mail]] (e.g. Earthlink spam blocker)
|
|
*Robots cannot easily send spam
*Robots cannot easily send spam
Line 87: Line 87:
|-valign="top"
|-valign="top"
<!----------------------------------------------------------------------------->
<!----------------------------------------------------------------------------->
|Charge for e-mail sent
|[[#Charge_for_email_sent|Charge for e-mail sent]]
|
|
*Forces targeted selection
*Forces targeted selection

Revision as of 01:49, 7 July 2007

Internal Use Only

Group members: Nick Principe / naprinci@gmail.com / AIM: mahoubaka

huge paper on this subject

Example rating system
         

Spam Prevention Techniques

Comparison of Techniques

Technique Pros Cons Our Rating
Block domains of "known" spammers
  • Gets rid of a large amount of spam
  • Low chance of blocking legitimate email (sbl-faq)
    • Mechanism to allow legitimate sources to know they were blocked (sbl-faq)
  • Some spam still gets through, especially from new sources (put in percent from sbl/sbl-faq)
         
Require users to request permission to send you e-mail (e.g. Earthlink spam blocker)
  • Robots cannot easily send spam
  • False identity doesn't work
  • Emergency emails don't send quickly
  • Time consuming to send short notes
  • Impossible to implement correctly
         
Charge for e-mail sent
  • Forces targeted selection
  • Defeats the purpose of email
  • Where does the money go?
         
Opt-in for commercial email
  • Companies can send advertisements without sending spam
  • Users can freely restrict the influx of mail from their many online affiliations
  • There are many fraudulent emails in which the opt-out link sends you to an unwanted web page.
         
Domain authentication
  • Very little spam gets through
  • Lots of false positives
  • Could be very difficult for mail servers to initiate contact (certificate negotation crap (see SSH/SSL))
  • Lots of infrastructure and therefore money involved for something as simple as a mail server
  • Hard for independents/individuals to set up their own mail server
         
Bounties
  • Gets rid of big spammers with incentive
  • Possible deterrent
  • Costs government (tax-payers) money
         
The "Goodmail" approach
  • Mass emails cost money so mass spammers don't work
  • Companies can bypass the spam filter by paying money
         
Bonds with escrow agencies pro con
         
Client-side filtering pro
  • Only as good as user or algorithms/heuristics at identifying spam
  • Spam emails are stopped, they are simply not read.
         

Technique Details

Block domains of "known" spammers

  • Summary point 1
  • Summary point 2
  • Link 1

Require users to request permission to send mail

Charge for email sent