|
| | | |
Advantages and vulnerabilities of pull-based email-delivery
Chrobok, N., Trotman, A. and O’Keefe, R.
Over the last decade spam has become a serious problem to email-users all over the world. Most of the daily email-traffic consists of this unwanted spam. There are various methods that have been proposed to fight spam, from IP-based blocking to filtering incoming email-messages. However it seems that it is impossible to overcome this problem as the number of email-messages that are considered spam is increasing. But maybe these techniques target the problem at the wrong side: it is the email-delivery protocol itself that fosters the existence of spam. What once was created to make internet-mail communication as easy and as reliable as possible became abused by modern day spammers. This paper proposes a different approach: instead of accepting all messages unquestioned it introduces a way to empower the receiver by giving him the control to decide if he wants to receive a message or not. By extending SMTP to pull messages instead of receiving them an attempt to stem the flood of spam is made. The pull-based approach works without involvement of the end-users. However this new system does not come without a price: it opens the possibility of a distributed denial of service (DDOS)-attacks against legitimate mail-transfer agents. This vulnerability and possible ways to overcome it are also discussed in this paper. |
Cite as: Chrobok, N., Trotman, A. and O’Keefe, R. (2010). Advantages and vulnerabilities of pull-based email-delivery. In Proc. Eighth Australasian Information Security Conference (AISC 2010) Brisbane, Australia. CRPIT, 105. Boyd, C. and Susilo, W. Eds., ACS. 22-31 |
(from crpit.com)
(local if available)
|
|