Technology Considerations for Spam Control 3 rd AP Net Abuse Workshop Busan 2003.8.25 Dave Crocker...
-
Upload
harry-patrick -
Category
Documents
-
view
218 -
download
2
Transcript of Technology Considerations for Spam Control 3 rd AP Net Abuse Workshop Busan 2003.8.25 Dave Crocker...
Technology Technology ConsiderationsConsiderations
for Spam Controlfor Spam Control
3rd AP Net Abuse WorkshopBusan • 2003.8.25
Dave Crocker • Brandenburg InternetWorking
[email protected]<http://www.brandenburg.com/presentations/
spamtechconsider.ppt>
2
What we will discussWhat we will discuss
Derived from <http://www.ietf.org/internet-drafts/draft-crocker-spam-techconsider-02.txt>
We need a “framework” for spam Technical response to a social problem
Points of control in the email architecture How do the components provide opportunities?
We need a framework for spam control What is practical and effective on a global scale?
Evaluating proposals Carefully consider any changes to global infrastructure
3
What is Spam?What is Spam?
Challenges
No clear community consensus on definition
Strong on emotion Weak on useful discussion
Minor, transient technical differences from other mail (!)
Internet mechanisms are expensive to implement
We must ensure they will quickly be effective for extended time
Sample Definitions
1. Whatever the sender decides
This means we cannot provide institutional enforcement
2. Unsolicited Commercial Religious, political, and
“crazies” are just as problematic
3. Unsolicited Bulk Focus on consent/permission Focus on aggregate traffic
4
Experience of SpamExperience of Spam
It is very serious, and it is getting worse
It is probably permanent, like cockroaches It probably can be controlled to an acceptable level But spammers are smart and adaptable
Likely to require an array of techniques Legal, administrative, and filtering Service providers and users Collaborative and independent Simple rules and statistical heuristics
5
Types of SpammersTypes of Spammers
AccountableLegitimate businesses engaging in
aggressive marketing, in the absence of formal rules
RogueActively avoid accountabilityLikely to always have “safe haven”Not always seeking money
6
Email Points of ControlEmail Points of Control
UA = User AgentMTA = Message
Transfer Agento =originator
i = intermediate
r = recipient
MTAr
UArUAo
MTAo
DNS
MTAi1 MTAi2
Accountability
Filtering Enforcement
Accountability
Filtering Enforcement
FilteringFiltering Filtering
7
Types of ControlTypes of Control
Proactive Accountability
Sender/author Sending host
Enforcement Laws and contracts Scope of control? Sufficiently objective rules? Avoids negative side-effects
Reactive (filtering) Detection
Source or destination Content Aggregate traffic
Action Divert or delete Label Notification
8
FilteringFiltering
DetectionCriteria Attribute, semantic,
processMatch the criteria? Positive vs. negativeLikelihood of error? False positive or negativeExplicitly registered? Whitelist or blacklist
DispositionAccept or Reject Danger if not recipientLabel the message Still requires actionNotify interested parties Then do what?
9
Evaluating ProposalsEvaluating Proposals
Adoption Effort to adopt proposal Effort for ongoing use Balance among
participants Threshold to benefit
Operations impact on Adopters of proposal Others
Internet scaling – What if… Use by everyone Much bigger Internet
Robustness How easily circumvented
System metrics Cost Efficiency Reliability
Impact Amount of Net affected Amount of spam affected
Test scenarios Personal post/Reply Mailing List Inter-Enterprise
10
A Sample Array of EffortsA Sample Array of Efforts
Terminology and labels
UA/MTA spam information exchangeProvide examples and filter rules
Message authenticationNot the same as content authentication
MTA/MTA reportingCollaborate on aggregate traffic analysis
11
In summaryIn summary
Changes to complex systems always have unintended, negative consequences We must attack spam, but we must attack it carefully
Attacking superficial spam characteristics invites an arms race Constantly “improving” tools, but constantly failing to
reach a stable level of effectiveness
Adequate solutions for one constituency might be inappropriate for another Look at their communications styles