1 / 6

Spam

Spam. Is spam a problem?. Bandwidth hogging -> slower, costlier Discourages use of net (e-mail, e-commerce) Productivity -> loss of time and money Receiver pays (but not freemail, just in inconvenience), esp. in mobile wireless (Japan e.g.) Potential for fraud, esp. phishing/spoofing

pamelathomas
Download Presentation

Spam

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Spam

  2. Is spam a problem? • Bandwidth hogging -> slower, costlier • Discourages use of net (e-mail, e-commerce) • Productivity -> loss of time and money • Receiver pays (but not freemail, just in inconvenience), esp. in mobile wireless (Japan e.g.) • Potential for fraud, esp. phishing/spoofing • Missing legitimate messages (false positives) • E-mail harvesting -> privacy • Viruses: propagation of open relays, etc. (80% of spam through relays) • Offensive content

  3. Current Approaches • Technical solutions: • Filtering at the client-side • Filtering of mail server-side • IETF’s MARID: Authentication (started with SPF, which AOL championed; then MSFT introduced Caller ID for e-mail, for which it is holding patents) (but MARID shuttered on 9/22/04) • Domain Keys: Authentication using keys (encryption) based upon domain names: Yahoo! (could add another level of security by using a certificate authority) • Technically complementary. Think of it as two conversations: one at SMTP conversation level; one at the header level • Blacklisting (ISPs subscribe to a blacklist from a private organization) • ISPs slowing down passage of high-volume messages. • China:

  4. Current Approaches • Contract (ISP – User): • e.g., complete header information required • (bad for reputation, could get blacklisted, ISPs) • Legislation • CAN-SPAM Act of 2003 • EU Directive • International cooperation for enforcement • MoU between three countries to improve enforcement • Bilateral MoU approach (Australia-Korea) • Norms • Failed almost completely: shame • User education • Market-based solutions • Spam has an economic cost. “E-postage idea”: added transaction costs. (Computational speed costs approach.) • Bonded Sender

  5. Future Approaches • Standardized e-mail addresses

  6. What are the priorities? • Government enforcement • Criminal enforcement by FBI, US DOJ • Consumer protection US FTC, US DOJ (but see prestige in the anti-trust group) • But you have the int’l problem (do you need a TRIPS agreement analog?) • Internally focused remedies • Invest in private security systems & shore up your own systems • Work with other companies to improve security, customer awareness • Self-help remedies in the law • Trying the find the perpetrators & suing them • Pressure ISPs to fix the problem • Customer education (the only final answer?)

More Related