CSC 379:Week 1, Group 4: Difference between revisions

From Expertiza_Wiki
Jump to navigation Jump to search
No edit summary
Line 179: Line 179:
<!----------------------------------------------------------------------------->
<!----------------------------------------------------------------------------->
|Bonds with escrow agencies
|Bonds with escrow agencies
|pro
|
|con
* Whitelisted email accounts don't take out a bond
* Only spammers have to pay.
|
* Lots of infrastructure and processing behind 'micro-payments'
* Somebody has to pay for the escrow agency.
* Users can subvert the system by collecting even when not spam.
|
|
<!----------------------------------------------------------------------------->
<!----------------------------------------------------------------------------->

Revision as of 02:43, 7 July 2007

Internal Use Only

Group members: Nick Principe / naprinci@gmail.com / AIM: mahoubaka
Ken Ganong / kjganong@ncsu.edu / AIM: C4P0droid

huge paper on this subject

Example rating system
         

Spam Prevention Techniques

Comparison of Techniques

Technique Pros Cons Authors' Rating
Block domains of "known" spammers
  • Gets rid of a large amount of spam
  • Low chance of blocking legitimate email (sbl-faq)
    • Mechanism to allow legitimate sources to know they were blocked (sbl-faq)
  • Some spam still gets through, especially from new sources (put in percent from sbl/sbl-faq)
         
Require users to request permission to send you e-mail (e.g. Earthlink spam blocker)
  • Robots cannot easily send spam
  • False identity doesn't work
  • Emergency emails don't send quickly
  • Time consuming to send short notes
  • Impossible to implement correctly
         
Charge for e-mail sent
  • Forces targeted selection
  • Defeats the purpose of email
  • Where does the money go?
         
Opt-in for commercial email
  • Companies can send advertisements without sending spam
  • Users can freely restrict the influx of mail from their many online affiliations
  • There are many fraudulent emails in which the opt-out link sends you to an unwanted web page.
         
Domain authentication
  • Very little spam gets through
  • Lots of false positives
  • Could be very difficult for mail servers to initiate contact (certificate negotation crap (see SSH/SSL))
  • Lots of infrastructure and therefore money involved for something as simple as a mail server
  • Hard for independents/individuals to set up their own mail server
         
Bounties
  • Gets rid of big spammers with incentive
  • Possible deterrent
  • Costs government (tax-payers) money
         
The "Goodmail" approach
  • Mass emails cost money so mass spammers don't work
  • Companies can bypass the spam filter by paying money
         
Bonds with escrow agencies
  • Whitelisted email accounts don't take out a bond
  • Only spammers have to pay.
  • Lots of infrastructure and processing behind 'micro-payments'
  • Somebody has to pay for the escrow agency.
  • Users can subvert the system by collecting even when not spam.
         
Client-side filtering pro
  • Only as good as user or algorithms/heuristics at identifying spam
  • Spam emails are stopped, they are simply not read.
         

Technique Details

Block domains of "known" spammers

  • Summary point 1
  • Summary point 2
  • Link 1

Require users to request permission to send mail

Charge for email sent

Bonds with escrow