160 likes | 283 Views
Zmail : Zero-Sum Free Market Control of Spam. Benjamin J. Kuipers, Alex X. Liu, Aashin Gautam, Mohamed G. Gouda. Spam Problem. Volume of Spam 2001: 8% of all email traffic was spam 2004: 60% of all email traffic was spam # emails per day: 31 billion (60% spam = 18.6 billion)
E N D
Zmail : Zero-Sum Free Market Control of Spam Benjamin J. Kuipers, Alex X. Liu, Aashin Gautam, Mohamed G. Gouda
Spam Problem • Volume of Spam • 2001: 8% of all email traffic was spam • 2004: 60% of all email traffic was spam • # emails per day: 31 billion (60% spam = 18.6 billion) • # spam emails per person per day = 6 • Cost of Spam • 2003: $10 billion/year in U.S. (Ferris Research) $20.5 worldwide (Radicati Group) • Just cost for adding spam processing servers The University of Texas at Austin
Anti-Spam: Legal Approaches • Punish spammers by anti-spam laws • Problems • Hard to define spam • First Amendment Right to Free Speech • Hard to enforce anti-spam laws • Spammers move to another country The University of Texas at Austin
Anti-Spam: Filtering Approaches • Filter out spam based on text content • Problems • False Positive • What if a job offer email gets filtered? • Can be foiled by spammers • For example, imbedding spam text in images The University of Texas at Austin
Anti-Spam: Economic Approaches • Require senders to pay something • Human Effort: Sender pays human effort • Inconvenient • Inefficient • Challenge can be perceived as rude • Computational Cost: Sender pays CPU time • Inefficient The University of Texas at Austin
Anti-Spam: Zmail • Current cost for spamming is almost zero • User’s attention is the important resource consumed • Basic idea of Zmail: • The sender of an email paysmoney directly to the receiver. • Zero sum (unlike USPS): The amount of money charged to the sender =The amount of money rewarded to the receiver • The money earned can be used to send email. • The cost of sending one email is a unit called an e-penny. The University of Texas at Austin
Impact of Market Forces • Spammers • Cost of spamming significantly increases • Bulk email advertising become more targeted • Normal Users • Most users receive more email than they send • If not, pay money or subscribing commercial email • ESPs (Email Service Providers) • Less spam, less bandwidth, less computational cost The University of Texas at Austin
Zmail Architecture User User User ESP User User ESP ESP User User User User Bank The University of Texas at Austin
The Zmail Protocol: two parties • Bank: • Each compliant ESP has an account with bank • Manage accounting for compliant ESPs • ESP buy and sell e-pennies with bank • Exchange e-pennies between real money for ESPs • ESPs: • Manage accounting for each of its users • Users buy and sell e-pennies with their ESPs The University of Texas at Austin
The Zmail Protocol: Email Transfer • An email: user s of ESP A user r of ESP B • Sending: • A reduces s’s balance by one • A records that A owes B one more e-penny • Receiving: • B increments r’s balance by one • B records that A owes B one more e-penny The University of Texas at Austin
The Zmail Protocol: Misbehavior Detection • What if an ESP lies? • Periodically, every ESP reports to the bank how much they owe to every other ESPs • Misbehavior Detection • A says that A owes B x e-pennies • B says that A owes B y e-pennies • If x != y, then Bank further investigates who lies. • Most ESPs are honest. The University of Texas at Austin
1 Distributor 2 Sender +1 -1 -100 +100 -1 +1 +1 -1 100 +1 -1 Mailing Lists • List server: email distributor + subscriber DB • A subscriber sends an email to distributor, distributor forwards the email to everyone • Solution: for each email from distributor, receiver’s ESP sends back an ack email. • Extra benefit: subscriber DB is always updated The University of Texas at Austin
Zombies and Email Viruses • Zombie: sends out spam at user’s expense • Virus: sends email to everyone in address book • Solution: each user specify a limit on the number of email that he can send a day. • Extra benefit: detecting virus and zombies The University of Texas at Austin
Incremental Deployment • Zmail runs on top of SMTP • No change to SMTP • Deployment: starting from two compliant ESPs • A user may decide to segregate, filter, or discard email from non-compliant ESPs. The University of Texas at Austin
Bank Setup • Internet already has some central authorities such as IANA that controls IP assignment The University of Texas at Austin
Conclusions • Zmail gives no free ride to spammers • Zmail requires no definition of spam • Zmail works with other anti-spam techniques • Zmail can be incrementally deployed The University of Texas at Austin