Abstract
This work proposes an effective method of fighting spam by developing Inexpensive Email Addresses (IEA), a stateless system of Disposable Email Addresses (DEAs). IEA can cryptographically generate exclusive email addresses for each sender, with the ability to re-establish a new email address once the old one is compromised. IEA accomplishes proof-of-work by integrating a challenge-response mechanism to be completed before an email is accepted in the recipient’s mail system. The system rejects all incoming emails and instead embeds the challenge inside the rejection notice of Standard Mail Transfer Protocol (SMTP) error messages. The system does not create an out-of-band email for the challenge, thus eliminating email backscatter in comparison to other challenge-response email systems. The system is also effective in identifying spammers by exposing the exact channel, i.e. the unique email address that was compromised, so misuse could be traced back to the compromising party. Usability is of utmost concern in building such a system by making it friendly to the end-user and easy to setup and maintain by the system administrator.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Messaging Anti-Abuse Working Group: Email Metrics Program: The Network Operators’ Perspective. Report #11 – First and Second Quarter 2009 (2008), http://www.maawg.org/sites/maawg/files/news/MAAWG_2009-Q1Q2_Metrics_Report_11.pdf (Retrieved October 27, 2009)
Ferris Research: Industry Statistics (2009), http://www.ferris.com/research-library/industry-statistics (Retrieved October 27, 2009)
Cole, W.K.: DNS-Based Lists: an overview (2007), http://www.scconsult.com/bill/dnsblhelp.html2-7 (Retrieved November 5, 2009)
Harris, E.: The Next Step in the Spam Control War: Greylisting (2003), http://projects.puremagic.com/greylisting/whitepaper.html (Retrieved October 20, 2009)
SquirrelMail. SquirrelMail - Webmail for Nuts! http://www.squirrelmail.org/ (Retrieved September 15, 2009)
RFC-1893. Enhanced Mail System Status Codes (1996), http://www.ietf.org/rfc/rfc1893.txt (Retrieved September 10, 2009)
Symantec. The State of Spam A Monthly Report (October 2008), http://eval.symantec.com/mktginfo/enterprise/other_resources/b-state_of_spam_report_10-2008.en-us.pdf (Retrieved Sepember 4, 2009)
Rogaway, P., Bellare, M., Black, J.: OCB: A block-cipher mode of operation for efficient authenticated encryption. In: ACM TISSEC (November 2001)
Back, A.: Hashcash - a denial of service counter-measure (2002), http://hashcash.org/papers/hashcash.pdf (Retrieved October 10, 2009)
Microsoft: The Penny Black Project (2003), http://research.microsoft.com/research/sv/PennyBlack/ (Retrieved October 10, 2009)
Laurie, B., Clayton, R.: ‘Proof of work’ proves not to work. In: Workshop on Economics and Information Security, Minneapolis, MN (May 2004)
Roman, R., Zhou, J., Lopez, J.: An Anti-Spam Scheme Using Pre-Challenges. Computer Communications 29(15), 2739–2749 (2006)
Mailhile: Carnegie Mellon University. reCAPTCHA Mailhide: Free Spam Protection, http://mailhide.recaptcha.net/ (Retrieved September 30, 2009)
Seigneur, J.M., Jensen, C.D.: Privacy Recovery with Disposable Email Addresses. IEEE Security and Privacy 1(6), 35–39 (2003)
Mastaler, J.: Tagged Message Delivery Agent (TMDA) Homepage, http://www.tmda.net/ (Retrieved Sepember 30, 2009)
Gburzynski, P., Maitan, J.: Fighting the spam wars: A remailer approach with restrictive aliasing. ACM Transactions on Internet Technology (TOIT) 4(1), 1–30 (2004)
Ochi, D.: MIDEA: Management of Disposable E-Mail Addresses for Mobile Systems. In: International Symposium on Applications and the Internet Workshops, SAINTW 2007 (2007)
Postfix: Postfix Backscatter Howto, http://www.postfix.org/BACKSCATTER_README.html (Retrieved September 31, 2009)
Frei, S., Ollmann, G., Silvestri, I.: Mail DDoS Attacks through Non-Delivery Messages (2004), http://www.techzoom.net/papers/mail_non_delivery_notice_attacks_2004.pdf (Retrieved October 24, 2009)
Yahoo: 421 Message temporarily deferred - [numeric code], http://help.yahoo.com/l/us/yahoo/mail/postmaster/errors/ (Retrieved October 17, 2009)
Sender Policy Framework: SPF: Project Overview (2008), http://www.openspf.org/ (Retrieved October 17, 2009)
DKIM.org. DomainKeys Identified Mail (DKIM), http://www.dkim.org/ (Retrieved October 17, 2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Yegenian, A., Dimitriou, T. (2010). Inexpensive Email Addresses An Email Spam-Combating System . In: Jajodia, S., Zhou, J. (eds) Security and Privacy in Communication Networks. SecureComm 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 50. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16161-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-16161-2_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16160-5
Online ISBN: 978-3-642-16161-2
eBook Packages: Computer ScienceComputer Science (R0)