1 / 11

Technology Considerations for Spam Control

Technology Considerations for Spam Control. 3 rd AP Net Abuse Workshop Busan • 2003.8.25 Dave Crocker • Brandenburg InternetWorking dcrocker@brandenburg.com <http://www.brandenburg.com/presentations/spamtechconsider.ppt>. What we will discuss. Derived from

eara
Download Presentation

Technology Considerations for Spam Control

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Technology Considerationsfor Spam Control 3rd AP Net Abuse Workshop Busan • 2003.8.25 Dave Crocker • Brandenburg InternetWorking dcrocker@brandenburg.com<http://www.brandenburg.com/presentations/spamtechconsider.ppt>

  2. What we will discuss Derived from <http://www.ietf.org/internet-drafts/draft-crocker-spam-techconsider-02.txt> • We need a “framework” for spam • Technical response to a social problem • Points of control in the email architecture • How do the components provide opportunities? • We need a framework for spam control • What is practical and effective on a global scale? • Evaluating proposals • Carefully consider any changes to global infrastructure 2

  3. Challenges No clear community consensus on definition Strong on emotion Weak on useful discussion Minor, transient technical differences from other mail (!) Internet mechanisms are expensive to implement We must ensure they will quickly be effective for extended time Sample Definitions Whatever the sender decides This means we cannot provide institutional enforcement Unsolicited Commercial Religious, political, and “crazies” are just as problematic Unsolicited Bulk Focus on consent/permission Focus on aggregate traffic What is Spam? 3

  4. Experience of Spam • It is very serious, and it is getting worse • It is probably permanent, like cockroaches • It probably can be controlled to an acceptable level • But spammers are smart and adaptable • Likely to require an array of techniques • Legal, administrative, and filtering • Service providers and users • Collaborative and independent • Simple rules and statistical heuristics 4

  5. Types of Spammers • Accountable • Legitimate businesses engaging in aggressive marketing, in the absence of formal rules • Rogue • Actively avoid accountability • Likely to always have “safe haven” • Not always seeking money 5

  6. Accountability • Filtering • Enforcement • Accountability • Filtering • Enforcement • Filtering • Filtering • Filtering MTAo MTAi1 MTAi2 MTAr UAo UAr Email Points of Control UA = User Agent MTA = Message Transfer Agent o = originator i = intermediate r = recipient DNS 6

  7. Proactive Accountability Sender/author Sending host Enforcement Laws and contracts Scope of control? Sufficiently objective rules? Avoids negative side-effects Reactive(filtering) Detection Source or destination Content Aggregate traffic Action Divert or delete Label Notification Types of Control 7

  8. Filtering • Detection Criteria Attribute, semantic, process Match the criteria? Positive vs. negative Likelihood of error? False positive or negative Explicitly registered? Whitelist or blacklist • Disposition Accept or Reject Danger if not recipient Label the message Still requires action Notify interested parties Then do what? 8

  9. Adoption Effort to adopt proposal Effort for ongoing use Balance among participants Threshold to benefit Operations impact on Adopters of proposal Others Internet scaling – What if… Use by everyone Much bigger Internet Robustness How easily circumvented System metrics Cost Efficiency Reliability Impact Amount of Net affected Amount of spam affected Test scenarios Personal post/Reply Mailing List Inter-Enterprise Evaluating Proposals 9

  10. A Sample Array of Efforts • Terminology and labels • UA/MTA spam information exchange • Provide examples and filter rules • Message authentication • Not the same as content authentication • MTA/MTA reporting • Collaborate on aggregate traffic analysis 10

  11. In summary • Changes to complex systems always have unintended, negative consequences • We must attack spam, but we must attack it carefully • Attacking superficial spam characteristics invites an arms race • Constantly “improving” tools, but constantly failing to reach a stable level of effectiveness • Adequate solutions for one constituency might be inappropriate for another • Look at their communications styles 11

More Related