Professional Documents
Culture Documents
against spam
May 2005
Serge Aumont
serge.aumont
cru.fr
t
r
Perhaps not, but we need general mobilization
:
ffo
e
r
a
Users
w
a
h
MLW(mailing list) are the main application of mail
services (far behind spam though) .
Proposed discussion
1. Todays panorama of ML software
defenses
2. OPT.in OPT.out traceability
3. Applying new MASS (Message
Authentication Signature Standard) into
ML Software
Authentication by challenge
Authentication using a mail challenge is used because of the
lack of deployment of S/MIME or PGP.
Not convenient : mail challenges are becoming important
sources of unwanted messages and may be a mean for
DOS attacks.
Authentication is needed for
Message distribution
Message validation by a list moderator
Command message for subscription, review, unsubscription
OPT.in / OPT.out
7
Privacy :
Message filtering
Antivirus
Spam filters (Bayesian algorithm)
Blacklist,
OPT.in / OPT.out
Many spammers claim that they use OPT.in
actually they dont.
OPT.in traceability
Store required information in order to prove
OPT.in : subscription message and confirmation
challenge, @IP origin, date and authentication
element when using web form
Provide user access to these informations on the
web
Administrative list : OPT.in is not used, the web
interface should inform users : you have been
added to the list students@foo.edu because
your email is in foo student directory
Make a round table of ML developers about
OPT.in traceability ?
11
DK : DomainKeys (yahoo)
IIM : Identified Internet Mail (cisco)
META Signature (William Leibzon)
Postmarks (microsoft)
Entity-Entity (verisign)
12
MASS
Most of them are based on MTA signature
due to the traumatic PGP and S/MIME
experience
PKI are not required
SPF :
not a signature technology
but a way to recognize some forged
messages.
13
MASS complexity
Why so many proposals ?
Because of companies competition
Because of complexity :
Roaming usage
Auto Forwarder
ML services
14
3 usages of MASS in ML
Software
Receiving incoming messages
Issuing messages (welcome, remind, )
Relaying messages (distribution)
15
Receiving messages
MTA or MLM
MLM
1. Signature verification
2. Compare signature status with domain
signature policy
3. Optionally use reputation service
4. Use results from 1,2,3 as part of the
MLM decision process : what to do with
a message (distribute, moderate,
request challenge for a better
authentication, reject or reject silently).
16
Issuing messages
ML software produce a lot of messages :
Welcome, unsubscription, authentication
request,
17
Distributing/Relaying messages
Do not break existing signatures. Each MASS
proposition includes its specificities that MLM
MUST respect to preserve signatures.
Not new (PGP, S/MIME)
Mailing list
From:
Subscribers
End to end authentication
19
Distribution process
List policy applied
by authenticated
and accredited
person
Sanitization
and authN
ML
Moderator
service
validation
List policy
may include
method specific to
ML
22
DK : DomainKeys
DK does not specify if a mailing list server
should or should not sign relayed
messages.
IF (sender authentication is good enough
and/or editor validation)
Remove DK signature (if it exists)
Add Sender: header and a DK signature
Else
Do nothing
23
META Signature
META allows to add signature information at
each relaying MTA level.
META allows to sign each part of a message
some parts may be signed by the initial sender,
some buy the MLM
25
BATV
BATV is a way to tag bouncing messages
in order to automatically ignore bounces
related to forged messages. BATV
techniques are similar to other MASS
proposals.
BATV can help in the process of automatic
bounce management by ML but seems to
me as an optional feature for a ML
software
26
Conclusions
Authentication is a major issue for ML,
MASS is a opportunity for ML Software