Spam Protection by using Sender Address Verification Extension (SAVE)



Similar documents
An Overview of Spam Blocking Techniques

Collateral Damage. Consequences of Spam and Virus Filtering for the System. Peter Eisentraut 22C3. credativ GmbH.

s and anti-spam Page 1

Marketing 201. How a SPAM Filter Works. Craig Stouffer Pinpointe On-Demand cstouffer@pinpointe.com (408) x125

COMBATING SPAM. Best Practices OVERVIEW. White Paper. March 2007

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.

Spam, Spam and More Spam. Spammers: Cost to send

XGENPLUS SECURITY FEATURES...

Inexpensive Addresses An Spam-Combating System

security

Anti Spam Best Practices

Comprehensive Filtering. Whitepaper

How To Protect Your From Spam On A Barracuda Spam And Virus Firewall

DKIM Enabled Two Factor Authenticated Secure Mail Client

. Daniel Zappala. CS 460 Computer Networking Brigham Young University

Anti-spam filtering techniques

Fundamentals of the Internet 2009/ Explain meaning the following networking terminologies:

Panda Cloud Protection

Cryptographic Protocols to Prevent Spam

Antispam Security Best Practices

Internet Security [1] VU Engin Kirda

Advanced Settings. Help Documentation

CS43: Computer Networks . Kevin Webb Swarthmore College September 24, 2015

Collax Mail Server. Howto. This howto describes the setup of a Collax server as mail server.

Ralph Dolmans A solution for the DNS amplification attack problem

How To Stop Spam From Being A Problem

Blackbaud Communication Services Overview of Delivery and FAQs

PROTECTION AGAINST SPAM USING PRE- CHALLENGES

Exim4U. Server Solution For Unix And Linux Systems

Analysis of Spam Filter Methods on SMTP Servers Category: Trends in Anti-Spam Development

Libra Esva. Whitepaper. Glossary. How Really Works. Security Virtual Appliance. May, It's So Simple...or Is It?

About this documentation

SCTP-Sec: A secure Transmission Control Protocol

Classification of Firewalls and Proxies

How To Block Ndr Spam

one million mails a day: open source software to deal with it Charly Kühnast Municipal Datacenter for the Lower Rhine Area Moers, Germany

Marketing: Methods to Block Spam

Mail Avenger. David Mazières New York University

Author: Kai Engert, kaie at redhat dot com or kaie at kuix dot de For updates to this document, please check

EnterGroup offers multiple spam fighting technologies so that you can pick and choose one or more that are right for you.

English Translation of SecurityGateway for Exchange/SMTP Servers

The data which you put into our systems is yours, and we believe it should stay that way. We think that means three key things.

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

PineApp Anti IP Blacklisting

Networking Applications

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

CONFIGURING FUS ANTI-SPAM

Marketing Glossary of Terms

SMTP Servers. Determine if an message should be sent to another machine and automatically send it to that machine using SMTP.

Introduction Configuration & Spam Detection WinWare Webmail Accounts Account Notes Definitions...

DoS/DDoS Attacks and Protection on VoIP/UC

Migration Manual (For Outlook 2010)

Objective This howto demonstrates and explains the different mechanisms for fending off unwanted spam .

Comprehensive Filtering: Barracuda Spam Firewall Safeguards Legitimate

Voice Printing And Reachability Code (VPARC) Mechanism for prevention of Spam over IP Telephony (SPIT)

Security: Focus of Control. Authentication

Guardian Digital Secure Mail Suite Quick Start Guide

Policy Patrol 7 Upgrade Guide

DomainKeys Identified Mail DKIM authenticates senders, message content

Solution Brief FortiMail for Service Providers. Nathalie Rivat

Transport Layer Security Protocols

Government of Canada Managed Security Service (GCMSS) Annex A-5: Statement of Work - Antispam

Resolving problems with SMTP Security Server and CVP operating in Check Point NG

When Reputation is Not Enough: Barracuda Spam Firewall Predictive Sender Profiling. White Paper

Migration Manual (For Outlook Express 6)

Denial of Service Attacks

DomainKeys Identified Mail (DKIM) Service Overview

Application Firewalls


2- Electronic Mail (SMTP), File Transfer (FTP), & Remote Logging (TELNET)

MDaemon Vs. Microsoft Exchange Server 2013 Standard

The Difficulties of Tracing Spam

eprism Security Appliance 6.0 Intercept Anti-Spam Quick Start Guide

Message Authentication Signature Standards (MASS) BOF. Jim Fenton Nathaniel Borenstein

Encryption of Traffic

Linux Network Administration

How to set up the HotSpot module with SmartConnect. Panda GateDefender 5.0

Transcription:

Spam Protection by using Sender Address Verification Extension (SAVE) Michael Conrad, Hans-Joachim Hof [conrad hof]@tm.uka.de Roland Bless bless@tm.uka.de Institute of Telematics, Universität Karlsruhe (TH), Germany http://www.tm.uka.de/

Motivation Problem: Increasing number of spam mails Sending spam is cheap (nearly no costs) Spam often uses an existing but spoofed sender address Solution: Effective verification of sender address basically by using a Challenge/Response procedure Increase costs of sending e-mails (by using a puzzle) acceptable for a few e-mails unacceptable for high-rate of automatically generated thousands of e-mails Puzzle can be manually or automatically solved Puzzle is not required for subsequent e-mails as sender is whitelisted when he solved the automatic puzzle We do not claim that it is the Spam solution, but think it is viable and incrementally deployable, so it may be a starting point

Basic Concept sender receiver MUA MDA MTA MDA MUA e-mail e-mail puts e-mail in holdbox (like a spambox) if sender is not whitelisted puzzle mail puzzle mail puzzle solution puzzle mail puzzle solution message gets delivered (moved to INBOX) if puzzle solution correct e-mail sender of e-mail is put on a whitelist If sender is not on whitelist, e-mail gets only delivered to receiver (moved to INBOX) after sender solved a puzzle A puzzle mail is created by receiver s MUA/MDA/MTA and sent to sender Sender solves puzzle (if it belongs to a sent e-mail) and sends solution back to receiver s MDA

Puzzle Mail manual puzzle (mandatory) automatic puzzle (optional)... Multipart MIME message containing at least two different puzzles: manual puzzle solvable by a human, e.g., a picture with a number combination in it (Captcha - turing test). automatic puzzle is a task which can be solved by a machine, e.g. to break a hash. Puzzles cause costs (user interaction or computation time)!!! This would raise the cost for spammers dramatically Manual puzzles allow SAVE unaware users to send e-mails Automatic puzzles can be solved by instances of SAVE (e.g. MUA/MDA/MTA Plugin)

Optimizations/Extensions Integration into MDA/MTA Enables automatic puzzle solving at e-mail provider Independence of MUA (enables webmail) Requires computation resources at provider Stateless Cookie Support Prevents SAVE instances (MTA/MDA) to blindly solve puzzles No additional state on sender s MDA Use of multiple MDAs/MTAs for load balancing possible Key Exchange prior to e-mail transfer Subsequent mails are authenticated by H-MAC (e.g., hash over secret, nonce, To, From, Subject, Date, Msg-id and body) and hence do not require a puzzle check Secret is bound to sender address, so sender cannot change address without reauthentication Authenticated whitelist entries prevent whitelist guessing (and, whitelist entries may be aged) Does only work if sender and receiver use SAVE

Special Cases e-mail forwarding receiver's MDA uses forwarder address as puzzle sender address transparent to forwarding (no additional functionality required at forwarding MTA!) mailing lists manual addition of mailling list address to (unauthenticated) whitelist required (spammer must guess subscribed mailling lists of users to send spam), or, provide secret when subscribing to mailing list (requires marginal extension to mailman, majordomo etc.) mailing list s/w records secret in addition to normal subscriber data mailing list s/w adds H-MAC to each mail that it forwards to the SAVE user mailing list users will not be bothered by puzzle challenges Spammers cannot use mailing list address as sender address

Advantages (1) End-to-end solution: Incrementally deployable as MTA/MDA/MUA hook No need to modify any in-transit MTAs, relays etc. If used in MUA, providers are not burdened by additional computational effort In-band application layer solution works from end to end no new or modified protocols in lower layers (e.g., SMTP) required does not depend on other mechanisms or protocols like DNS/Web Servers basically requires few X-headers or registered MIME types Protects receivers immediately on their own initiative User may peek into Holdbox for waiting mails from yet unknown/unauthenticated users

Advantages (2) Effectively verifies existence of sender address If combined with Solicitation:-Header (RFC 4095/4096) could pursue spammers Classification solutions like SpamAssassin on receiving side will have decreasing work load with increasing SAVE deployment May use saved CPU cycles for solving SAVE puzzles Puzzle complexity can be easily adapted to state-of-theart Whitelist aging allows variable re-authentication intervals Allows to raise security incrementally as it gets more widely deployed Works effectively even if not deployed by other parties

(Potential) Disadvantages (1) Puzzles may annoy users if deployment increases Install SAVE plugin and use Whitelist! Different languages/users with disabilities may require variety of puzzles (Visual CAPTCHA, Audio CAPTCHA,...) Spammers can still send Spam if they are willing to spend the effort, but Existence of sender address was verified, so spammer cannot masquerade, forge sender addresses It is much more costly than now Does not prevent the transmission of spam (is delivered to HoldBox) Mandatory puzzle interaction before e-mail transfer as next level of protection if widely deployed If used in MUA, user should stay online (few minutes) until potential puzzle comes back not required for peers where sender is in whitelist already If not possible (e.g., firewalled, send-only device), MDA plugin may help

(Potential) Disadvantages (2) Raised cost may not be relevant if spammers increase the number of zombies But computational effort may be noticed by the legitimate owner of the zombie computer SAVE-unware zombies are useless Hi-jacked hosts can be detected by receivers if SAVE user gets authorized Spam Basic simple concept fails if spammers can guess whitelist entries Should therefore use authenticated whitelist entries Reflection attack with amplification (also true for DNS, etc ) Attacker sends small mail with spoofed addresses to SAVE user, which sends larger puzzle back (only b/w problem as puzzles will not be solved)

Comparison to Related Work Penny Black Project Computational spam-fighting If a receiver implements Penny Black, all senders that are not whitelisted need to implement Penny Black, too. SAVE User Interaction or computation for spam-fighting Fallback: If a senders MUA or MDA does not implement SAVE, the user can still solve the manual puzzle Ticket Server HashCash no challenge/response TMDA no puzzle no authenticated whitelist No server required

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information