Skip to main content
SpringerLink
Log in

Fighting E-Mail Abuses: The EMPE Approach

  • Conference paper
Public Key Infrastructure (EuroPKI 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4043))

Included in the following conference series:

  • 539 Accesses

Abstract

Electronic mail is one of the most used and abused service in today communication. While many efforts have been made to fight e-mail abuses, no effective solution has yet been developed. Furthermore new technologies (e.g. wireless roaming) and new user needs (e.g. mobility) completely break the existing e-mail authentication techniques based on network topology. In this paper we present the E-Mail Policy Enforcer system (EMPE) which provides a method to cryptographically bind the identity of the original sender of an e-mail to the message body by combining digital signatures and transport level authentication data.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Monty python’s flying circus: final sketch of the 25th show, Available: http://en.wikipedia.org/wiki/Spam_%28Monty_Python%29

  2. Bilca, M., Lo, J., Kerrest, F., Wytock, D.: The Ethics of SPAM, Available: http://cse.stanford.edu/classes/cs201/projects-97-98/spam/

  3. Linden, P.: Re: first case of spam, Available: http://www.rahul.net/falk/jjspam.txt

  4. Net. general, the dinette set heard round the world, Available: http://groups.google.com/groups?selm=3375%40drutx.UUCP

  5. Lindberg, G.: Anti-Spam Recommendations for SMTP MTAs, RFC-2505 (February 1999)

    Google Scholar 

  6. Rekhter, Y., Li, T., Hares, S.: A Border Gateway Protocol 4 (BGP 4). RFC-4271 (January 2006)

    Google Scholar 

  7. Kent, S., Lynn, C., Seo, K.: Secure border gateway protocol (S-BGP). IEEE Journal on Selected Areas in Communications 18(4), 582–592 (2000)

    Article  Google Scholar 

  8. Kent, S., Lynn, C., Mikkelson, J., Seo, K.: Secure Border Gateway Protocol (S-BGP) — Real World Performance and Deployment Issues. In: Proceedings of Network and Distributed Systems Security 2000, Internet Society (February 2000)

    Google Scholar 

  9. Gauthronet, S., Drouard, E.: Unsolicited Commercial Communications and Data Protection (January 2001), Available: http://europa.eu.int/comm/justice_home/fsj/privacy/studies/spam_en.htm

  10. Klensin, J.: Simple Mail Transfer Protocol. RFC-2821 (April 2001)

    Google Scholar 

  11. Resnick, P.: Internet Message Format. RFC-2822 (April 2001)

    Google Scholar 

  12. Myers, J., Rose, M.: Post office protocol. RFC-1939 (May 1996)

    Google Scholar 

  13. Mayers, J.: SMTP Service Extension for Authentication. RFC-2554 (March 1999)

    Google Scholar 

  14. Dierks, T., Allen, C.: The TLS Protocol. RFC-2246 (January 1999)

    Google Scholar 

  15. Kent, S., Atkinson, R.: Security Architecture for the Internet Protocol. RFC-2401 (November 1998)

    Google Scholar 

  16. Hoffman, P.: SMTP Service Extension for Secure SMTP over TLS. RFC-2487 (January 1999)

    Google Scholar 

  17. Sahami, M., Dumais, S., Heckerman, D., Horvitz, E.: A Bayesian Approach to Filtering Junk E-Mail. In: Learning for Text Categorization: Papers from the 1998 Workshop (July 1998)

    Google Scholar 

  18. Anti-Spam Research Group HomePage, Available: http://asrg.sp.am/

  19. Lentczner, M., Wong, M.W.: Sender Policy Framework (SPF) for Authorizing Use of Domains in E-MAIL, Internet draft (June 2005)

    Google Scholar 

  20. Fecyk, G.: Designated Mailers Protocol. Internet draft (May 2004)

    Google Scholar 

  21. Danisch, H.: The RMX DNS RR and method for lightweight SMTP sender authorization. Internet draft (May 2004)

    Google Scholar 

  22. Ramsdell, B.: Secure/Multipurpose Interet Mail Extensions (S/MIME) Version 3.1 Message Specification. RFC-3851 (July 2004)

    Google Scholar 

  23. Eastlake, D.: Domain Name System Security Extensions. RFC-2535 (March 1999)

    Google Scholar 

  24. Delany, M.: Domain–based Email Authentication Using Public–Keys Advertised in the DNS (DomainKeys). Internet draft (September 2005)

    Google Scholar 

  25. Domain Keys Identified Mail Working Group (DKIM), Available: http://www.ietf.org/html.charters/dkim-charter.html

  26. Allman, E., Callas, J., Delany, M., Libbey, M., Fenton, J., Thomas, M.: DomainKeys Identified Mail Signatures (DKIM). Internet draft (February 2006)

    Google Scholar 

  27. Sendmail HomePage, Available: http://www.sendmail.org

  28. Milter Community HomePage, Available: http://www.milter.org

  29. OpenSSL Project HomePage, Available: http://www.openssl.org

  30. Trusted Computing Working Group Homepage, Available: https://www.trustedcomputinggroup.org

  31. Farrel, R.S.: An Internet Attribute Certificate Profile for Authorization. RFC-3281 (April 2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dip. di Automatica e Informatica, Politecnico di Torino, Torino, Italy

    Massimiliano Pala & Antonio Lioy

Authors
  1. Massimiliano Pala
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Antonio Lioy
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dip. di Automatica ed Informatica, Politecnico di Torino, Corso Duca degli Abruzzi, 24, 10129, Turin, Italy

    Andrea S. Atzeni

  2. Dip. Di Automatica e Informatica, Politecnico di Torino, Corso Duca degli Abruzzi 24, 10129, Torino, Italy

    Antonio Lioy

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Pala, M., Lioy, A. (2006). Fighting E-Mail Abuses: The EMPE Approach. In: Atzeni, A.S., Lioy, A. (eds) Public Key Infrastructure. EuroPKI 2006. Lecture Notes in Computer Science, vol 4043. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11774716_11

Download citation

  • DOI: https://doi.org/10.1007/11774716_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-35151-1

  • Online ISBN: 978-3-540-35152-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation