Fighting Spam on the Sender Side: A Lightweight Approach

  • Wouter Willem de Vries
  • Giovane Cesar Moreira Moura
  • Aiko Pras
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6164)

Abstract

Spam comprises approximately 90 to 95 percent of all e-mail traffic on the Internet nowadays, and it is a problem far from being solved. The losses caused by spam are estimated to reach up to $87 billion yearly. When fighting spam, most of the proposals focus on the receiver-side and are usually resource-intensive in terms of processing requirements. In this paper we present an approach to address these shortcomings: we propose to i) filter outgoing e-mail on the sender side and (ii) use lightweight techniques to check whether a message is spam or not. Moreover, we have evaluated the accuracy of these techniques in detecting spam on the sender side with two different data sets, obtained at a Dutch hosting provider. The results obtained with this approach suggest we can significantly reduce the amount of spam on the Internet by performing simple checks at the sender-side.

References

  1. 1.
    Sophos. Only one in 28 emails legitimate (June 2008), http://www.sophos.com/pressoffice/news/articles/2008/07/dirtydozjul08.html
  2. 2.
    Spamhaus. Effective spam filtering (January 2010), http://www.spamhaus.org/effective_filtering.html
  3. 3.
    Soma, J., Singer, P., Hurd, J.: SPAM Still Pays: The Failure of the CAN-SPAM Act of 2003 and Proposed Legal Solutions. Harv. J. on Legis. 45, 165–619 (2008)Google Scholar
  4. 4.
    Lieb, R.: Make spammers pay before you do (July 2002), http://www.clickz.com/1432751
  5. 5.
    McGregor, C.: Controlling spam with SpamAssassin. Linux J. 153, 9 (2007)Google Scholar
  6. 6.
    Mori, T., Esquivel, H., Akella, A., Mao, Z.M., Xie, Y., Yu, F.: On the effectiveness of pre-acceptance spam filtering. University of Wisconsin Madison, Tech. Report TR1650 (2009)Google Scholar
  7. 7.
    de Vries, W.W.: Restraining transmission of unsolicited bulk e-mail. In: Proceedings of the twelth Twente Student Conference on Information Technology (2010)Google Scholar
  8. 8.
    Stern, H.: A survey of modern spam tools. In: Proc. of the fifth conf. on email and anti-spam (2008)Google Scholar
  9. 9.
    Sperotto, A., Vliek, G., Sadre, R., Pras, A.: Detecting Spam at the Network Level. In: Oliver, M., Sallent, S. (eds.) EUNICE 2009. LNCS, vol. 5733, pp. 208–216. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  10. 10.
    Spamhaus. The register of known spam operations (January 2010), http://www.spamhaus.org/rokso/
  11. 11.
    Ballani, H., Francis, P., Zhang, X.: A study of prefix hijacking and interception in the Internet. ACM SIGCOMM Computer Communication Review 37(4), 276 (2007)Google Scholar
  12. 12.
    Fabian, M.A.R.J.Z., Terzis, M.A.: My botnet is bigger than yours (maybe, better than yours): Why size estimates remain challenging. In: Proceedings of the 1st USENIX Workshop on Hot Topics in Understanding Botnets, Cambridge, USA (2007)Google Scholar
  13. 13.
    Chiang, K., Lloyd, L.: A case study of the rustock rootkit and spam bot. In: The First Workshop in Understanding Botnets (2007)Google Scholar
  14. 14.
    Mendyk-Krajewska, T., Mazur, Z.: Software Flaws as the Problem of Network Security. In: Internet-Technical Development and Applications, p. 233 (2009)Google Scholar
  15. 15.
    Pathak, A., Hu, Y.C., Mao, Z.M.: Peeking into spammer behavior from a unique vantage point. In: LEET 2008: Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats, pp. 1–9. USENIX Association, Berkeley (2008)Google Scholar
  16. 16.
    RIPE Labs. Spam over ipv6 (March 2010), http://labs.ripe.net/content/spam-over-ipv6
  17. 17.
    United States of America. Can-spam act of 2003 (2003), http://uscode.house.gov/download/pls/15C103.txt
  18. 18.
    Australasian Legal Information Institute. Australian spam act 2003 (2003), http://www.austlii.edu.au/au/legis/cth/consol_act/sa200366/
  19. 19.
    Klensin, J.: Simple mail transfer protocol (April 2001), http://www.ietf.org/rfc/rfc2821.txt
  20. 20.
    Pathak, A., Qian, F., Hu, Y.C., Mao, Z.M., Ranjan, S.: Botnet spam campaigns can be long lasting: evidence, implications, and analysis. In: Proceedings of the eleventh international joint conference on Measurement and modeling of computer systems, pp. 13–24. ACM, New York (2009)Google Scholar
  21. 21.
    OBrien, C., Vogel, C.: Comparing SpamAssassin with CBDF email filtering. In: Proceedings of the 7th Annual CLUK Research Colloquium (2004)Google Scholar
  22. 22.
    Pras, A., Wanrooij, W.: Filtering Spam from Bad Neighborhoods (under review). International Journal of Network Management (2009)Google Scholar
  23. 23.
    Google. Google safe browsing (January 2010), http://code.google.com/apis/safebrowsing/
  24. 24.
    UCEProtect. Sender callouts - why it is abusive (January 2010), http://www.backscatterer.org/?target=sendercallouts
  25. 25.
    AOL. E-mail feedback reports for isp’s (January 2010), http://postmaster.aol.com/cgi-bin/fbl.pl

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Wouter Willem de Vries
    • 1
  • Giovane Cesar Moreira Moura
    • 1
  • Aiko Pras
    • 1
  1. 1.Faculty of Electrical Engineering, Mathematics and Computer Science, Design and Analysis of Communications Systems (DACS)University of Twente, Centre for Telematics and Information TechnologyEnschedeThe Netherlands

Personalised recommendations