CSC 379:Week 1, Group 4: Difference between revisions
(→Block domains of "known" spammers: Added text for block domains) |
|||
| Line 220: | Line 220: | ||
====Block domains of "known" spammers==== | ====Block domains of "known" spammers==== | ||
* | This technique is often implemented by means of a DNS Blacklist (DNSBL) which is a frequently updated list containing IP addresses and ranges of known spammers, though similar systems exist to block domain names or URIs (uniform resource identifiers) associated with spam. | ||
* | |||
* | This approach has an advantage over most client-side filtering schemes, since it is better able to block spam that the particular client has never seen before since it is a shared and universal list. Depending on implementation, the DNSBL system could be implemented as a form of client-side filtering. However, it is most efficient if the DNSBL filtering system is implemented at a higher level, such as at the ISP or business. Another advantage of this system is that the action taken when a message is identified as spam is defined by the individual users of the DNSBL system – they can still deliver the message, flag it as spam, or bounce it entirely. | ||
There is the possibility that a DNSBL system could block legitimate email – the likelihood and method of handling this possibility are dependent on the specific implementation. The Spamhaus system sends a message back to each sender of a blocked message indicating why it was bounced to prevent legitimate email from “disappearing” without a trace – however, this approach increases mail and network traffic. Also, with minimal processing of incoming messages the percentage of spam blocked is relatively low – for the Spamhaus system, only 15-25%. To get over 90% spam blockage, the headers and body of each message must be analyzed. | |||
=====Links===== | |||
*[http://en.wikipedia.org/wiki/DNSBL Wikipedia DNSBL entry] | |||
*[http://www.spamhaus.org/faq/answers.lasso?section=Spamhaus%20SBL Spamhaus SBL FAQ] | |||
*[http://www.spamhaus.org/faq/answers.lasso?section=DNSBL%20Technical Spamhaus DNSBL Technical FAQ] | |||
====Require users to request permission to send mail==== | ====Require users to request permission to send mail==== | ||
Revision as of 12:45, 7 July 2007
Internal Use Only
Group members:
Nick Principe / naprinci@gmail.com / AIM: mahoubaka
Ken Ganong / kjganong@ncsu.edu / AIM: C4P0droid
- block domains or even top-level domains "known" to be large senders of spam
- Spamhaus Block List
- see faq also
- Spamhaus Block List
- require users to request permission to send you e-mail (eg Earthlink spam blocker)
- Charge for e-mail sent
- opt-in for commercial email
- domain authentication
- bounties
- the "goodmail" approach
- bond with escrow agencies
- Nice summary on escrow spam fighting
- client-side filtering
Spam Prevention Techniques
Comparison of Techniques
| Technique | Pros | Cons | Authors' Rating | |||||
|---|---|---|---|---|---|---|---|---|
| Block domains of "known" spammers |
|
|
| |||||
| Require users to request permission to send you e-mail (e.g. Earthlink spam blocker) |
|
|
| |||||
| Charge for e-mail sent |
|
|
| |||||
| Opt-in for commercial email |
|
|
| |||||
| Domain authentication |
|
|
| |||||
| Bounties |
|
|
| |||||
| The "Goodmail" approach |
|
|
| |||||
| Bonds with escrow agencies |
|
|
| |||||
| Client-side filtering | pro |
|
|
Technique Details
Block domains of "known" spammers
This technique is often implemented by means of a DNS Blacklist (DNSBL) which is a frequently updated list containing IP addresses and ranges of known spammers, though similar systems exist to block domain names or URIs (uniform resource identifiers) associated with spam.
This approach has an advantage over most client-side filtering schemes, since it is better able to block spam that the particular client has never seen before since it is a shared and universal list. Depending on implementation, the DNSBL system could be implemented as a form of client-side filtering. However, it is most efficient if the DNSBL filtering system is implemented at a higher level, such as at the ISP or business. Another advantage of this system is that the action taken when a message is identified as spam is defined by the individual users of the DNSBL system – they can still deliver the message, flag it as spam, or bounce it entirely.
There is the possibility that a DNSBL system could block legitimate email – the likelihood and method of handling this possibility are dependent on the specific implementation. The Spamhaus system sends a message back to each sender of a blocked message indicating why it was bounced to prevent legitimate email from “disappearing” without a trace – however, this approach increases mail and network traffic. Also, with minimal processing of incoming messages the percentage of spam blocked is relatively low – for the Spamhaus system, only 15-25%. To get over 90% spam blockage, the headers and body of each message must be analyzed.
Links
Require users to request permission to send mail
Charge for email sent
Opt-in for commercial email
Commercial advertisements are often considered spam even when the user has had a previous relationship with the company sending the email. In order for companies to send such advertisements without causing a lot of unwanted email, a simple opt-in or opt-out system should be implemented by the company. If an opt-out link or instructions appear in an email, the result of a user following them is that that user will no longer be sent similar advertisements. This much is required to be CAN-SPAM compliant. The preferred method, however, is an opt-in. In this way, when a company and a user first achieve contact (usually by the user making a user account with the company), there is a method for the user to configure which types of email advertisements he or she desires from the company.
Such a system allows a user to decide and configure which companies and which types of advertisements they would like to receive email about from each company for which they have an online affiliation. However, this requires the company to implement and abide by such a rule. Also, since this system is so common, many fraudulent spam emails have opt-out options which are fake. By responding to such an opt-out option, you actually submitting yourself to more spam because the sender knows that your e-mail account is active.
Bonds with escrow
This spam fighting technique works based on whitelists, blacklists, graylists, and a third party (escrow agency) separate from the email sender or receiver. A whitelisted sender simply sends email and it goes through without the escrow agency intercepting. A blacklisted sender cannot send email to the would-be receiver. The contents of the graylist is essentially everyone on neither of the other lists.
A graylisted sender opens a bond for a small amount of money (one cent) with the escrow agency in order to send email. If the receiver blacklists the sender as a result of the email, the bond is collected and the sender is charged. Thus, only spammers have to pay for their email unlike the charge-for-email approach.
The escrow agency, however, must be paid. One way of doing this is having the collected spammer money go to the escrow agency. There is a lot of processing for any type of internet payment, so the penny (or so) that is charged to the spammer may not be enough to cover the escrow agency's cost regarding. Also, non-profit groups would possibly often be blacklisted and therefore be forced to pay more than they can afford similar to the Goodmail approach. Since the email cost is mean to deter spammers, Users can subvert the system by blacklisting emails that aren't spam. For example, I could charge my professors for sending me email that they must send for class or users could charge ebay for requested notifications.