SPAM - PowerPoint PPT Presentation

About This Presentation



SPAM Problem Description Email Protocols Simple Mail Transfer Protocol (SMTP) Transfer mail reliably and efficiently. Used to send emails between 2 SMTP servers ... – PowerPoint PPT presentation

Number of Views:2399
Avg rating:3.0/5.0
Slides: 21
Provided by: Tjad
Learn more at:
Tags: spam | mail | server


Transcript and Presenter's Notes

Title: SPAM

  • SPAM

Problem Description
  • Develop a tool to send email with phony SMTP
    headers to simulate SPAM.
  • Latest initiatives to reduce SPAM

Email Protocols
  • Simple Mail Transfer Protocol (SMTP) Transfer
    mail reliably and efficiently. Used to send
    emails between 2 SMTP servers (mail transfer
  • Post Office Protocol (POP) or Internet Message
    Access Protocol (IMAP) Retrieve mail from SMTP
    servers to email client (mail user agent)

Email Flow illus Protocols
  • Delivery initiated by transfer of message to
    SMTP server
  • Bases on domain of recipient, SMTP server queries
    DNS server for the name of destination SMTP
  • If recipient account exists on destination
    server, email is tranferred
  • If destination server cannot be contacted, mail
    transferred to an intermediate relay server. This
    will transfer to dest or other relays

Differences IMAP/POP
SMTP Protocol
  • Simple ASCII Protocol (protocol that transmits
    only ASCII characters and uses ASCII control
    codes. Demands little, if any, error checking).
    SMTP service runs on port 25.
  • No authentication to send email, only to retrieve

Run SMTP via telnet
Client initiates connection (telnet 25), No login/password reqd Greeting - 220 ESMTP Sendmail 8.12.10/8
HELO request, waits for resp. Quits if server refuses Returns status code and text
MAIL FROM request Returns status code, 250 for success, 500 for failure
RCPT TO request Returns status code
DATA request Returns status code
QUIT request Disconnects
  • Implementation of SMTP protocol. Uses socket
  • No login/passwd. as server

Program Output
  • The From, To and originating PC name fields are
    received correctly.
  • IP address of PC still visible. Procedure to hide
    IP involves manipulating data at network layer
    instead of application. Sendmail daemons (UNIX)
    used to forge IPs. No conclusive evidence on
    checking source code

Hide IP in SMTP headers
  • Open relay (insecure relay/third-party relay) is
    an SMTP e-mail server that allows third-party
    relay of e-mail messages (process emails neither
    for/from local user). Unaware owner donates
    network and computer resources to the sender's
    purpose. So, was used as an open
    relay in previous example.
  • A blind relay is a relay that hides (modifies)
    the IP address of the sender and relays the
    message to destination

Scenarios to Hide IP
  • Spammer buys service from Blind Relay service
    provider to relay his emails
  • Spammer sends bulk emails via ISP server to Blind
    Relay Host
  • Blind Relay Host forges SMTP headers, modifying
    the IP addresses/hostnames of spammer and his ISP
  • Blind Relay forwards the emails to destination or
    to the next relay host. The destination host
    thinks that the emails originated from an
    untraceable server. Relay host server claims it
    has been spammed.

How to reduce SPAM?
  • Filters Text based
  • Turing Tests CAPTCHA (Visual/Audio)
  • Sender Pays - The Penny Black Project

Penny Black Project
  • Penny Black stamp reformed British postal system
    in 1830s. Before this, postage was paid by
    addressee and calculated for each letter. After
    Penny Black, cost of postage shifted to sender.

Computational Spam Fight
  • "If I don't know you, and you want to send me
    unsolicited mail, then you must prove to me that
    you have expended 10 secs, just for me and just
    for this message." Spose, effort may be in terms
    of CPU cycles. With 80,000 secs/day and 10
    secs/msg, spammer restricted to 8,000
    msgs/server/day. More investment on servers reqd
    to generate current traffic (biggest spammers
    send 250 mil/day).
  • User Experience
  • Automatically and in the background
  • Checking proof extremely easy

  • (80,000 s/day) / (10s/message) 8,000 msgs/day
  • Hotmails billion daily spams
  • 125,000 CPUs
  • Up front capital cost just for HM circa
  • The spammers cant afford it.
  • Sites like Amazon unaffected as it will add
    fraction of a penny to total cost/per order
  • Circa 300 people total very top few spammers
    make a few million/year (F. Krueger, SMN also,
    see the recent articles about Alan Ralsky)
  • Comparison FastClick, with 30 of popunder
    market, has profit of 2 mil/yr (income of 4

Cryptographic Puzzles
m, f(S,R,t,nonce)
Sender client S
Recipient client R
  • Hard to compute f(S,R,t,nonce)
  • lots of work for the sender
  • Easy to check z f(S,R,t,nonce)
  • little work for receiver
  • Parameterized to scale with Moore's Law
  • easy to exponentially increase computational
    cost, while barely increasing checking cost

Memory Bound Puzzles
  • Slow CPUs are a lot slower than the fastest
  • Factor of 10 30 within desktops
  • Memory latencies vary little
  • factor of 3
  • So design a puzzle leading to a large number of
    cache misses
  • Equalizes actual computation time

Ticket Server
  • (Ideal Message Flow)
  • Ticket kit (, puzzle)
  • Ticket (, response)
  • Tickets may be accumulated in advance
  • Centralization eases updates

Recipient Server
MSG Ticket
  • Computational spam-fighting No money is
    charged, No challenge-response mechanism, Control
    of mail servers remains as it is now, no
    infrastructure change - four Stanford students
    implemented the scheme. Once in place, virtually
    no maintenance
  • Who chooses f?
  • One global f? Who sets the price?
  • How is f distributed (ultimately)?
  • Global f built into all mail clients? ISPs?
  • Awkward Introductory Period
  • Old versions of mail programs bounces
  • Very Slow/Small-Memory Machines

  • http//
  • http//,,sid9_gc
  • http//
  • http//
  • MSDN Library Penny Black Project
Write a Comment
User Comments (0)