X-ASVP Executive Overview eXtensible Anti-spam Verification Protocol X-ASVP Committee Technical Working Group July 25, 2007.

Slides:

Advertisements

Similar presentations

Enabling Secure Internet Access with ISA Server

Advertisements

CGI & HTML forms CGI Common Gateway Interface  A web server is only a pipe between user-agents  and content – it does not generate content.

© 2003 Public Interest Registry Whois Workshop Introduction to Registry/Registrar Issues Presented by Bruce W. Beckwith VP, Operations June 23, 2003 Serving.

Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.

An Overview of the Law on Spam Anti-Spam Research Group San Francisco, CA March 20, 2003 Jon Praed Internet Law Group

© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.

----Presented by Di Xu  Introduction  Overview of Spam  Solutions to Spam  Conclusion.

The Application Layer Chapter 7. Where are we now?

1 Enhancing Address Privacy on Anti-SPAM by Dou Wang and Ying Chen School of Computer Science University of Windsor October 2007.

Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.

SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.

Domains and Hosting Randolph Technical Career Center Bobby Erwin.

Intro to Computer Networks DNS (Domain Name System) Bob Bradley The University of Tennessee at Martin.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Basics Dayton Metro Library Place photo here August 10, 2015.

APACHE SERVER By Innovationframes.com »

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.

A global, public network of computer networks. The largest computer network in the world. Computer Network A collection of computing devices connected.

Review of Last Session Search Engine Optimisation (SEO) Search Engine Optimisation (SEO) You can fine-tune your site so that the search engines notice.

1 Web Servers (IIS and Apache) Outline 9.1 Introduction 9.2 HTTP Request Types 9.3 System Architecture 9.4 Client-Side Scripting versus Server-Side Scripting.

Identity Based Sender Authentication for Spam Mitigation Sufian Hameed (FAST-NUCES) Tobias Kloht (University of Goetingen) Xiaoming Fu (University.

 Uniform Resource Identifier (URI)  Uniform Resource Locator (URL)  Uniform Resource Name (URN) URL includes.

1 The Business Case for DomainKeys Identified Mail.

URL AND DNS A SHORT INTRODUCTION Rachel White7/11/2014.

SMTP PROTOCOL CONFIGURATION AND MANAGEMENT Chapter 8.

思科网络技术学院理事会. 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.

Connecting to Network. ♦ Overview ► A network connection is required to communicate with other computers when they are in a network. Network interface.

Lecturer: Ghadah Aldehim

Secure Socket Layer (SSL)

Copyright © 2002 Pearson Education, Inc. Slide 3-1 CHAPTER 3 Created by, David Zolzer, Northwestern State University—Louisiana The Internet and World Wide.

Chapter 4 – Slide 1 Effective Communication for Colleges, 10 th ed., by Brantley & Miller, 2005© Technology and Electronic Communication.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 23 How Web Host Servers Work.

Forensic and Investigative Accounting Chapter 14 Digital Forensics Analysis © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL

The Internet 8th Edition Tutorial 2 Basic Communication on the Internet: .

Module 3: Designing IP Addressing. Module Overview Designing an IPv4 Addressing Scheme Designing DHCP Implementation Designing DHCP Configuration Options.

The Internet TCIP/IP  TCP/IP stands for Transmission Control Protocol/Internet Protocol, which is a set of networking protocols that allows two or more.

An Overview of the Internet: The Internet: Then and Now How the Internet Works Major Features of the Internet.

TCP/IP Transport and Application (Topic 6)

The Internet TexPREP Summer Camp Computer Science.

The Internet The internet is simply a worldwide computer network that uses standardised communication protocols to transmit and exchange data.

Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.

CAN SPAM and Your Marketing Best Practices for Senders By Lars Helgeson Cooler .

Deliverability Making it to the inbox

Chapter 11.  Electronic commerce (e-commerce)  The sale of goods and services by computer over the Internet  Internet (Net)  A collection of millions.

1 UNIT 13 The World Wide Web Lecturer: Kholood Baselm.

Source pictures for document ”Thoughts about increasing spam annoyance” by License: This material may be distributed only subject.

Domain, , Web hosting and Web design. Domain Name Domain name is a unique name given to concern company or entrepreneur while registration of company.

Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training WatchGuard XCS What’s New in version 10.1.

SMTP Tapu Ahmed Jeremy Nunn. Basics Responsible for electronic mail delivery. Responsible for electronic mail delivery. Simple ASCII protocol that runs.

Security fundamentals Topic 9 Securing internet messaging.

PGP & IP Security  Pretty Good Privacy – PGP Pretty Good Privacy  IP Security. IP Security.

X-ASVP Technical Overview eXtensible Anti-spam Verification Protocol X-ASVP Committee Technical Working Group July 22, 2007.

Module 5: Managing Addresses and Address Lists.

Uniform Resource Locator URL protocol URL host Path to file Every single website on the Internet has its own unique.

Securing Access to Data Using IPsec Josh Jones Cosc352.

Week-6 (Lecture-1) Publishing and Browsing the Web: Publishing: 1. upload the following items on the web Google documents Spreadsheets Presentations drawings.

1 UNIT 13 The World Wide Web. Introduction 2 Agenda The World Wide Web Search Engines Video Streaming 3.

1 UNIT 13 The World Wide Web. Introduction 2 The World Wide Web: ▫ Commonly referred to as WWW or the Web. ▫ Is a service on the Internet. It consists.

Search Engine and Optimization 1. Introduction to Web Search Engines 2.

VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.

(class #2) CLICK TO CONTINUE done by T Batchelor.

July 19, Secure Messaging Models Co-existence and Interoperability Russell W. Chung New York, NY July 19, 2005.

Virtual Private Network Access for Remote Networks

Understanding Web Server Programming

TexPREP Summer Camp Computer Science

Key Manager Domains February, 2019.

Q/ Compare between HTTP & HTTPS? HTTP HTTPS

Presentation transcript:

X-ASVP Executive Overview eXtensible Anti-spam Verification Protocol X-ASVP Committee Technical Working Group July 25, 2007

Agenda Uses for X-ASVP How X-ASVP works X-ASVP Process flow URL “search path” algorithm Meta-document example Implementation Overhead

Uses for X-ASVP Distributed Do Not Registry – Indicate “opt-out” as defined in CAN-SPAM Act – Would give ISP’s new legal standing and toolset to pursue spammers Public Key Infrastructure – Would be a common location to post public keys Authentication token (Level 1: ASVP-WEB) – Could be used to enforce authentication to a web server prior to accepting

How X-ASVP works Defines a set of web addresses associated to an e- mail address – One at the domain of the address – One at the host “ in the same top level domain (.com,.net,.org, etc. ) as the addresswww.x-asvp – One at the protocol committee’s website Defines syntax for posting user information at one (or more) of the above web addresses.

X-ASVP Process Flow Recipient posts an X-ASVP “meta- document” sender collects recipient preferences from the posted meta-document – Bulk mail ( “legal” senders will respect UCE setting; those who don’t violate CAN-SPAM ) – PGP ( public key available on meta-document ) – ASVP-WEB ( “token” included in mail header )

X-ASVP URL Algorithm Goals: Distributed, Redundant, Universal Hosts: 1. the domain, 2. top level domain, 3. global Rules: 1. All alpha converted to uppercase, 2. non-alpha numeric converted to underscore Example: – – –

Meta-document example Token for Level 1 “ASVP-WEB” extension Do Not “Registration” Asymmetric encryption public key

Solution Data Flow

Implementation Overhead For an ISP or Enterprise that already runs a web server, implementation can be trivial – DNS record (CNAME) for “x-asvp” host – Virtual Host on existing web server – Generic page script (example on x-asvp.org )

Benefit of “trivial” implementation Equivalent to posting “No Trespassing” on your Inbox. – If recognized as equivalent to listing in “National Do Not E- mail Registry”, then enforcement provisions of CAN-SPAM apply. Spammers don’t know whether or not you’re filtering on the ASVP-WEB token provided. – New anti-spam toolset 1. IP address trail available when tokens are collected. 2. CGI script logic easier to implement (for token generation) than sender host verification at MTA.