Department of Computer Sciences The University of Texas at Austin Zmail : Zero-Sum Free Market...

Department of Computer Sciences

The University of Texas at Austin

Zmail : Zero-Sum Free Market Control of Spam

Benjamin J. Kuipers, Alex X. Liu,

Aashin Gautam, Mohamed G. Gouda

The University of Texas at Austin 2

Spam Problem

Volume of Spam─ 2001: 8% of all email traffic was spam

─ 2004: 60% of all email traffic was spam

─ # emails per day: 31 billion (60% spam = 18.6 billion)

─ # spam emails per person per day = 6

Cost of Spam─ 2003: $10 billion/year in U.S. (Ferris Research)

$20.5 worldwide (Radicati Group)

─ Just cost for adding spam processing servers


Anti-Spam: Legal Approaches

Punish spammers by anti-spam laws

Problems─Hard to define spam

● First Amendment Right to Free Speech

─Hard to enforce anti-spam laws● Spammers move to another country


Anti-Spam: Filtering Approaches

Filter out spam based on text content

Problems─False Positive

● What if a job offer email gets filtered?

─Can be foiled by spammers● For example, imbedding spam text in images


Anti-Spam: Economic Approaches

Require senders to pay something

Human Effort: Sender pays human effort─ Inconvenient─ Inefficient─ Challenge can be perceived as rude

Computational Cost: Sender pays CPU time─ Inefficient


Anti-Spam: Zmail

Current cost for spamming is almost zero User’s attention is the important resource

consumed Basic idea of Zmail:

─ The sender of an email pays money directly to the receiver.

─ Zero sum (unlike USPS): The amount of money charged to the sender

=The amount of money rewarded to the receiver

─ The money earned can be used to send email.

─ The cost of sending one email is a unit called an e-penny.


Impact of Market Forces

Spammers─ Cost of spamming significantly increases─ Bulk email advertising become more targeted

Normal Users─ Most users receive more email than they send─ If not, pay money or subscribing commercial email

ESPs (Email Service Providers)─ Less spam, less bandwidth, less computational cost


Zmail Architecture

ESP ESP

ESP

User

User

User

User

User

User

User

Bank

User

User


The Zmail Protocol: two parties Bank:

─ Each compliant ESP has an account with bank─ Manage accounting for compliant ESPs─ ESP buy and sell e-pennies with bank─ Exchange e-pennies between real money for ESPs

ESPs:─ Manage accounting for each of its users─ Users buy and sell e-pennies with their ESPs


The Zmail Protocol: Email Transfer

An email: user s of ESP A user r of ESP B

Sending:─ A reduces s’s balance by one─ A records that A owes B one more e-penny

Receiving:─ B increments r’s balance by one─ B records that A owes B one more e-penny


The Zmail Protocol: Misbehavior Detection

What if an ESP lies?

Periodically, every ESP reports to the bank how much they owe to every other ESPs

Misbehavior Detection

─ A says that A owes B x e-pennies

─ B says that A owes B y e-pennies

─ If x != y, then Bank further investigates who lies.

─ Most ESPs are honest.


Mailing Lists

List server: email distributor + subscriber DB A subscriber sends an email to distributor, distributor forwards

the email to everyone Solution: for each email from distributor, receiver’s ESP sends

back an ack email.

Extra benefit: subscriber DB is always updated

Distributor Sender

1

2

100

-1+1+1

+1

+1

-100-1

-1

-1

+100


Zombies and Email Viruses

Zombie: sends out spam at user’s expense

Virus: sends email to everyone in address book

Solution: each user specify a limit on the number of email that he can send a day.

Extra benefit: detecting virus and zombies


Incremental Deployment

Zmail runs on top of SMTP

No change to SMTP

Deployment: starting from two compliant ESPs

A user may decide to segregate, filter, or discard email from non-compliant ESPs.


Bank Setup

Internet already has some central authorities such as IANA that controls IP assignment


Conclusions

Zmail gives no free ride to spammers

Zmail requires no definition of spam

Zmail works with other anti-spam techniques

Zmail can be incrementally deployed

Department of Computer Sciences The University of Texas at Austin Zmail : Zero-Sum Free Market...

Documents

Transcript of Department of Computer Sciences The University of Texas at Austin Zmail : Zero-Sum Free Market...