How Will Authentication Reduce Global Spam? OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking OECD Anti-Spam Task.

Slides:



Advertisements
Similar presentations
1 Eloqua Providing Industry-Leading Management Tools May 2009.
Advertisements

Eloqua Providing Industry-Leading Management Tools.
Fighting Abuse with Trust: Enhancing the paradigm Dave Crocker Trusted Domain Project (trusteddomain.org) Brandenburg InternetWorking (bbiw.net) FCC ~
Reputation Discussion Panels: Seeking a Common Understanding Dave Crocker Brandenburg Internet Working bbiw.net MAAWG / S.F Dave Crocker Brandenburg.
TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.
What is Spam  Any unwanted messages that are sent to many users at once.  Spam can be sent via , text message, online chat, blogs or various other.
Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.
Deliverability How We Get You to the Inbox. +98 % Our Deliverability routinely ranks in the high 90s. There’s another way of saying this: We Get Your.
Draft-lemonade-imap-submit-01.txt “Forward without Download” Allow IMAP client to include previously- received message (or parts) in or as new message.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.
D. CrockerIntroduction to BATV 1 MIPA Bounce Address Tag Validation (BATV) “Was use of the bounce address authorized?” D. Crocker Brandenburg InternetWorking.
Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
DomainKeys Identified Mail (DKIM): Introduction and Overview Eric Allman Chief Science Officer Sendmail, Inc.
System Aspects of Spam Control Architecture and Operations Issues IBM Academy 6 Apr 2005 Dave Crocker Brandenburg InternetWorking IBM.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
© Copyright MX Logic, Inc. All rights reserved. 1 Strictly Confidential MX LOGIC CORPORATE OVERVIEW MARCH 2005.
1 Fighting Spam at AOL: Lessons Learned and Issues Raised Carl Hutzler Director of Anti-Spam Operations America Online, Inc. 12/9/2005.
DomainKeys Identified Mail (DKIM) D. Crocker Brandenburg InternetWorking mipassoc.org/mass  Derived from Yahoo DomainKeys and Cisco.
Norman SecureSurf Protect your users when surfing the Internet.
Login Screen This is the Sign In page for the Dashboard Enter Id and Password to sign In New User Registration.
Pilot project proposal: AffiL Affiliated domain names for trust Dave Crocker Brandenburg InternetWorking bbiw.net
Identity Based Sender Authentication for Spam Mitigation Sufian Hameed (FAST-NUCES) Tobias Kloht (University of Goetingen) Xiaoming Fu (University.
Phishing and Intrusion Prevention Tod Beardsley, TippingPoint (a division of 3Com), 02/15/06 – IMP-201.
1 The Business Case for DomainKeys Identified Mail.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
SMTP PROTOCOL CONFIGURATION AND MANAGEMENT Chapter 8.
Login Screen This is the Sign In page for the Dashboard New User Registration Enter Id and Password to sign In.
Taking Common Action Against Spam Internet Society of China Beijing – 2004 Dave Crocker Brandenburg InternetWorking
DNS-based Message-Transit Authentication Techniques D. Crocker Brandenburg InternetWorking D. Crocker Brandenburg InternetWorking.
Authentications INBOX Authentication Panel San Jose, CA – 2004 Dave Crocker Brandenburg InternetWorking INBOX Authentication Panel San Jose, CA –
Erik Kangas -
Certified Server Validation (CSV) “ An MTA is talking to me directly. Are they OK?” D. Crocker Brandenburg InternetWorking mipassoc.org/csv 10/8/2015 6:36.
A Trust Overlay for Operations: DKIM and Beyond Dave Crocker Brandenburg Internet Working bbiw.net Apricot / Perth 2006 Dave Crocker Brandenburg.
OPES SMTP Use Cases OPES WG at 62 th IETF in Minneapolis OPES WG 62 th IETF, Minneapolis, MN, USA OPES SMTP Use Cases draft-ietf-opes-smtp-use-cases-00.txt.
MASS / DKIM BOF IETF – Paris 4 Août 2005 dkim.org  mipassoc.org/mass IETF – Paris 4 Août 2005 dkim.org  mipassoc.org/mass MIPA.
A Technical Approach to Minimizing Spam Mallory J. Paine.
Phishing Pharming Spam. Phishing: Definition  A method of identity theft carried out through the creation of a website that seems to represent a legitimate.
1 Dr. David MacQuigg, President Open-mail.org Stopping Abuse – An Engineer’s Perspective University of Arizona ECE 596c August 2006.
Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.
Technology Considerations for Spam Control 3 rd AP Net Abuse Workshop Busan Dave Crocker Brandenburg InternetWorking
Spam: Ready, Fire, Aim! APCAUCE / APRICOT Kuala Lumpur – 2004 Dave Crocker Brandenburg InternetWorking APCAUCE / APRICOT Kuala Lumpur – 2004 Dave Crocker.
SPF/Sender-ID DNS & DDoS Threats Operations Analysis and Research Center for the Internet Douglas Otis November 3, 2007
A Retrospective on Future Anti-Spam Standards Internet Society of China Beijing – September, 2004 Dave Crocker Brandenburg InternetWorking
Delivery for Spam Mitigation Usenix Security 2012 Gianluca Stringhini, Manuel Egele, Apostolis Zarras, Thorsten Holz, Christopher.
Detecting Phishing in s Srikanth Palla Ram Dantu University of North Texas, Denton.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Application Layer Functionality and Protocols Network Fundamentals.
Source pictures for document ”Thoughts about increasing spam annoyance” by License: This material may be distributed only subject.
© 2009 WatchGuard Technologies WatchGuard ReputationAuthority Rejecting Unwanted & Web Traffic at the Perimeter.
LinxChix And Exim. Mail agents MUA = Mail User Agent Interacts directly with the end user  Pine, MH, Elm, mutt, mail, Eudora, Marcel, Mailstrom,
SMTP Tapu Ahmed Jeremy Nunn. Basics Responsible for electronic mail delivery. Responsible for electronic mail delivery. Simple ASCII protocol that runs.
Discussion of OCP/SMTP profile and some Use cases Presented by Abbie Barbir
Draft-lemonade-imap-submit-00.txt “Forward without Download” Allow IMAP client to include previously- received message (or parts) in or as new message.
Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.
Fighting Spam in an Exchange Environment Tzahi Kolber IT Supervisor - Polycom Israel.
Understand Protection LESSON Security Fundamentals.
Agenda Spoofing Types of Spoofing o IP Spoofing o URL spoofing o Referrer spoofing o Caller ID spoofing o Address Spoofing.
Exchange Online Advanced Threat Protection
TMG Client Protection 6NPS – Session 7.
Instructor Materials Chapter 7 Network Security
An Application with Active Spoof Monitoring and Control
draft-lemonade-imap-submit-01.txt “Forward without Download”
Exchange Online Advanced Threat Protection
By Ian Foster, Jon Larson, Max Masich, Alex C
Overview What is Spoofing Types of Spoofing
This is the Sign In page for the Dashboard
Unit – 4 Chap - 2 Mail Delivery System
Chapter 7 Network Applications
Slides Credit: Sogand Sadrhaghighi
Presentation transcript:

How Will Authentication Reduce Global Spam? OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking Spammer?Phisher?

2 2 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 Questions About Authentication…  Will it stop spam, by itself, or do we need additional processes?  Will authentication prevent “phishing”?  Can we reduce spam without jeopardizing the sending of legitimate ?  Will it stop spam, by itself, or do we need additional processes?  Will authentication prevent “phishing”?  Can we reduce spam without jeopardizing the sending of legitimate ?

3 3 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September Security Functions TermFunctionIdentification Who does this purport to be? Authentication Is it really them? Authorization What are they allowed to do? Accreditation What do I think of the agency giving them that permission? ??

4 4 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 What to Authenticate? IdentityTypeSemanticScheme Peer Provider IP net Peer site Peer MTA IP SMTP Peer SMTP EHLO Domain SMTP Peer CSV SMTP Mail-From /Domain Bounce address SPF, BATV ReceivedDomainIntermediary Sender /DomainPosterSender-ID From /DomainAuthorDomainKeys

5 5 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 Spam Dilemmas  Nothing has yet reduced global spam!  So we should proceed tentatively  Unsolicited mail, from unknown author  Could be spam; could be legitimate  Spam is sent by army of compromised systems  Authentic signature can be is misleading  Assessing single signature is not enough  Mail clients do not show all the headers  And deceptions are often buried in the content  Users are not skilled or attentive to subtleties  Nothing has yet reduced global spam!  So we should proceed tentatively  Unsolicited mail, from unknown author  Could be spam; could be legitimate  Spam is sent by army of compromised systems  Authentic signature can be is misleading  Assessing single signature is not enough  Mail clients do not show all the headers  And deceptions are often buried in the content  Users are not skilled or attentive to subtleties

6 6 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 Q1 – More Than Authentication?  Authentication means you know “who”  But nothing about whether they are ok  We need Authorization  We need Accreditation (Reputation)  Use layered defense – multiple tests  Message contents (maybe)  Message author  Message transfer service  Traffic analysis  Authentication means you know “who”  But nothing about whether they are ok  We need Authorization  We need Accreditation (Reputation)  Use layered defense – multiple tests  Message contents (maybe)  Message author  Message transfer service  Traffic analysis

7 7 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 Q2 –Will It Prevent “Phishing”?  Joe Job  Fake ID to gain acceptance  Phishing is Joe Job to get returned information  Social engineering  Criminals are very creative and very aggressive  Is a police ID fake?  Is URL fake??  Joe Job  Fake ID to gain acceptance  Phishing is Joe Job to get returned information  Social engineering  Criminals are very creative and very aggressive  Is a police ID fake?  Is URL fake??  Levels of importance  Need levels of protection  Bad guys are good at finding cracks defenses  A good beginning:  Sign all identifiers & content  Upgrade clients  Create “reputation” services  Educate users Spammer! Phisher!

8 8 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 Is Legitimate Jeopardized?  If we are not very careful, then yes it is  Will restrict legitimate usage scenarios  Adds burden to everyone, not just bad guys  Adds long-term burden for short-term symptoms  is a rich, basic service  It can be used far more flexibly than most people realize… if we do not cripple it.  If we are not very careful, then yes it is  Will restrict legitimate usage scenarios  Adds burden to everyone, not just bad guys  Adds long-term burden for short-term symptoms  is a rich, basic service  It can be used far more flexibly than most people realize… if we do not cripple it.

9 9 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 SPF and Sender-ID: Author Path Registration MUAMSA MTA 1 MTA 4 MDAMUA MTA 3 MTA 2 Peer Assigns Sender and MailFrom Did MSA authorize MTA 1 to send messages for domain ? Did MSA authorize MTA 2 ? Did MSA authorize MTA 3 ? MSA must pre-register and trust each MTA in entire path! Mail Agents MUA = User MSA = Submission MTA= Transfer MDA= Delivery

10 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 In summary  Authentication is essential building block  Multiple authentications needed  Authorization and Accreditation also needed  Attackers are creative  This is a continuing battle  is at core of human activities  Efforts to stop bad behavior could also damage good behavior  Authentication is essential building block  Multiple authentications needed  Authorization and Accreditation also needed  Attackers are creative  This is a continuing battle  is at core of human activities  Efforts to stop bad behavior could also damage good behavior

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.