Advantages and vulnerabilities of pull-based email-delivery

  • Authors:

  • Natascha Chrobok;Andrew Trotman;Richard O'Keefe

  • Affiliations:

  • University of Otago, Dunedin, New Zealand;University of Otago, Dunedin, New Zealand;University of Otago, Dunedin, New Zealand

  • Venue:
  • AISC '10 Proceedings of the Eighth Australasian Conference on Information Security - Volume 105
  • Year:
  • 2010

Quantified Score

Hi-index 0.00

Visualization

Abstract

Over the last decade spam has become a serious problem to email-users all over the world. Most of the daily email-traffic consists of this unwanted spam. There are various methods that have been proposed to fight spam, from IP-based blocking to filtering incoming email-messages. However it seems that it is impossible to overcome this problem as the number of email-messages that are considered spam is increasing. But maybe these techniques target the problem at the wrong side: it is the email-delivery protocol itself that fosters the existence of spam. What once was created to make internet-mail communication as easy and as reliable as possible became abused by modern day spammers. This paper proposes a different approach: instead of accepting all messages unquestioned it introduces a way to empower the receiver by giving him the control to decide if he wants to receive a message or not. By extending SMTP to pull messages instead of receiving them an attempt to stem the flood of spam is made. The pull-based approach works without involvement of the end-users. However this new system does not come without a price: it opens the possibility of a distributed denial of service (DDOS)-attacks against legitimate mail-transfer agents. This vulnerability and possible ways to overcome it are also discussed in this paper.