Internal Use Only
Group members:
Nick Principe / naprinci@gmail.com / AIM: mahoubaka
Ken Ganong / kjganong@ncsu.edu / AIM: C4P0droid
- block domains or even top-level domains "known" to be large senders of spam
- require users to request permission to send you e-mail (eg Earthlink spam blocker)
- Charge for e-mail sent
- opt-in for commercial email
- domain authentication
- bounties
- the "goodmail" approach
- bond with escrow agencies
- client-side filtering
huge paper on this subject
Spam Prevention Techniques
Comparison of Techniques
| Technique
|
Pros
|
Cons
|
Authors' Rating
|
| Block domains of "known" spammers
|
- Gets rid of a large amount of spam
- Low chance of blocking legitimate email (sbl-faq)
- Mechanism to allow legitimate sources to know they were blocked (sbl-faq)
|
- Some spam still gets through, especially from new sources (put in percent from sbl/sbl-faq)
|
|
| Require users to request permission to send you e-mail (e.g. Earthlink spam blocker)
|
- Robots cannot easily send spam
- False identity doesn't work
|
- Emergency emails don't send quickly
- Time consuming to send short notes
- Impossible to implement correctly
|
|
| Charge for e-mail sent
|
- Forces targeted selection
|
- Defeats the purpose of email
- Where does the money go?
|
|
| Opt-in for commercial email
|
- Companies can send advertisements without sending spam
- Users can freely restrict the influx of mail from their many online affiliations
|
- There are many fraudulent emails in which the opt-out link sends you to an unwanted web page.
|
|
| Domain authentication
|
- Very little spam gets through
|
- Lots of false positives
- Could be very difficult for mail servers to initiate contact (certificate negotation crap (see SSH/SSL))
- Lots of infrastructure and therefore money involved for something as simple as a mail server
- Hard for independents/individuals to set up their own mail server
|
|
| Bounties
|
- Gets rid of big spammers with incentive
- Possible deterrent
|
- Costs government (tax-payers) money
|
|
| The "Goodmail" approach
|
- Mass emails cost money so mass spammers don't work
|
- Companies can bypass the spam filter by paying money
|
|
| Bonds with escrow agencies
|
pro
|
con
|
|
| Client-side filtering
|
pro
|
- Only as good as user or algorithms/heuristics at identifying spam
- Spam emails are stopped, they are simply not read.
|
|
Technique Details
Block domains of "known" spammers
- Summary point 1
- Summary point 2
- Link 1
Require users to request permission to send mail
Charge for email sent