Presentation is loading. Please wait.

Presentation is loading. Please wait.

How Will Authentication Reduce Global Spam? OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking OECD Anti-Spam Task.

Published byAbigayle Leonard Modified over 9 years ago

Similar presentations

Presentation on theme: "How Will Authentication Reduce Global Spam? OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking OECD Anti-Spam Task."— Presentation transcript:

1 How Will Authentication Reduce Global Spam? OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking Spammer?Phisher?

2 2 2 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 Questions About Email Authentication…  Will it stop spam, by itself, or do we need additional processes?  Will authentication prevent “phishing”?  Can we reduce spam without jeopardizing the sending of legitimate email ?  Will it stop spam, by itself, or do we need additional processes?  Will authentication prevent “phishing”?  Can we reduce spam without jeopardizing the sending of legitimate email ?

3 3 3 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 Email Security Functions TermFunctionIdentification Who does this purport to be? Authentication Is it really them? Authorization What are they allowed to do? Accreditation What do I think of the agency giving them that permission? ??

4 4 4 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 What to Authenticate? IdentityTypeSemanticScheme Peer Provider IP net Peer site Peer MTA IP SMTP Peer SMTP EHLO Domain SMTP Peer CSV SMTP Mail-From Email/Domain Bounce address SPF, BATV ReceivedDomainIntermediary SenderEmail/DomainPosterSender-ID FromEmail/DomainAuthorDomainKeys

5 5 5 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 Spam Dilemmas  Nothing has yet reduced global spam!  So we should proceed tentatively  Unsolicited mail, from unknown author  Could be spam; could be legitimate  Spam is sent by army of compromised systems  Authentic signature can be is misleading  Assessing single signature is not enough  Mail clients do not show all the headers  And deceptions are often buried in the content  Users are not skilled or attentive to subtleties  Nothing has yet reduced global spam!  So we should proceed tentatively  Unsolicited mail, from unknown author  Could be spam; could be legitimate  Spam is sent by army of compromised systems  Authentic signature can be is misleading  Assessing single signature is not enough  Mail clients do not show all the headers  And deceptions are often buried in the content  Users are not skilled or attentive to subtleties

6 6 6 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 Q1 – More Than Authentication?  Authentication means you know “who”  But nothing about whether they are ok  We need Authorization  We need Accreditation (Reputation)  Use layered defense – multiple tests  Message contents (maybe)  Message author  Message transfer service  Traffic analysis  Authentication means you know “who”  But nothing about whether they are ok  We need Authorization  We need Accreditation (Reputation)  Use layered defense – multiple tests  Message contents (maybe)  Message author  Message transfer service  Traffic analysis

7 7 7 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 Q2 –Will It Prevent “Phishing”?  Joe Job  Fake ID to gain acceptance  Phishing is Joe Job to get returned information  Social engineering  Criminals are very creative and very aggressive  Is a police ID fake?  Is URL fake??  Joe Job  Fake ID to gain acceptance  Phishing is Joe Job to get returned information  Social engineering  Criminals are very creative and very aggressive  Is a police ID fake?  Is URL fake??  Levels of importance  Need levels of protection  Bad guys are good at finding cracks defenses  A good beginning:  Sign all identifiers & content  Upgrade email clients  Create “reputation” services  Educate users Spammer! Phisher!

8 8 8 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 Is Legitimate Email Jeopardized?  If we are not very careful, then yes it is  Will restrict legitimate usage scenarios  Adds burden to everyone, not just bad guys  Adds long-term burden for short-term symptoms  Email is a rich, basic service  It can be used far more flexibly than most people realize… if we do not cripple it.  If we are not very careful, then yes it is  Will restrict legitimate usage scenarios  Adds burden to everyone, not just bad guys  Adds long-term burden for short-term symptoms  Email is a rich, basic service  It can be used far more flexibly than most people realize… if we do not cripple it.

9 9 9 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 SPF and Sender-ID: Author Path Registration MUAMSA MTA 1 MTA 4 MDAMUA MTA 3 MTA 2 Peer Assigns Sender and MailFrom Did MSA authorize MTA 1 to send messages for domain ? Did MSA authorize MTA 2 ? Did MSA authorize MTA 3 ? MSA must pre-register and trust each MTA in entire path! Mail Agents MUA = User MSA = Submission MTA= Transfer MDA= Delivery

10 10 D. Crocker, Brandenburg InternetWorkingOECD, Pusan / September 2004 In summary  Authentication is essential building block  Multiple authentications needed  Authorization and Accreditation also needed  Attackers are creative  This is a continuing battle  Email is at core of human activities  Efforts to stop bad behavior could also damage good behavior  Authentication is essential building block  Multiple authentications needed  Authorization and Accreditation also needed  Attackers are creative  This is a continuing battle  Email is at core of human activities  Efforts to stop bad behavior could also damage good behavior

Download ppt "How Will Authentication Reduce Global Spam? OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking OECD Anti-Spam Task."

Similar presentations

1 Eloqua Providing Industry-Leading Management Tools May 2009.

1 Eloqua Providing Industry-Leading Management Tools May 2009.
Email Deliverability @ Eloqua Providing Industry-Leading Email Management Tools.

Eloqua Providing Industry-Leading Management Tools.
Fighting Abuse with Trust: Enhancing the paradigm Dave Crocker Trusted Domain Project (trusteddomain.org) Brandenburg InternetWorking (bbiw.net) FCC ~

Fighting Abuse with Trust: Enhancing the paradigm Dave Crocker Trusted Domain Project (trusteddomain.org) Brandenburg InternetWorking (bbiw.net) FCC ~
Reputation Discussion Panels: Seeking a Common Understanding Dave Crocker Brandenburg Internet Working bbiw.net MAAWG / S.F. 2006 Dave Crocker Brandenburg.

Reputation Discussion Panels: Seeking a Common Understanding Dave Crocker Brandenburg Internet Working bbiw.net MAAWG / S.F Dave Crocker Brandenburg.
TrustPort Net Gateway Email traffic protection. WWW.TRUSTPORT.COM Keep It Secure Entry point protection –Clear separation of the risky internet and secured.

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.
What is Spam  Any unwanted messages that are sent to many users at once.  Spam can be sent via email, text message, online chat, blogs or various other.

What is Spam  Any unwanted messages that are sent to many users at once.  Spam can be sent via , text message, online chat, blogs or various other.
Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.

Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.
Deliverability How We Get You to the Inbox. +98 % Our Deliverability routinely ranks in the high 90s. There’s another way of saying this: We Get Your.

Deliverability How We Get You to the Inbox. +98 % Our Deliverability routinely ranks in the high 90s. There’s another way of saying this: We Get Your.
Draft-lemonade-imap-submit-01.txt “Forward without Download” Allow IMAP client to include previously- received message (or parts) in or as new message.

Draft-lemonade-imap-submit-01.txt “Forward without Download” Allow IMAP client to include previously- received message (or parts) in or as new message.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.

© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.
D. CrockerIntroduction to BATV 1 MIPA Bounce Address Tag Validation (BATV) “Was use of the bounce address authorized?” D. Crocker Brandenburg InternetWorking.

D. CrockerIntroduction to BATV 1 MIPA Bounce Address Tag Validation (BATV) “Was use of the bounce address authorized?” D. Crocker Brandenburg InternetWorking.
Phishing (pronounced “fishing”) is the process of sending e-mail messages to lure Internet users into revealing personal information such as credit card.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
DomainKeys Identified Mail (DKIM): Introduction and Overview Eric Allman Chief Science Officer Sendmail, Inc.

DomainKeys Identified Mail (DKIM): Introduction and Overview Eric Allman Chief Science Officer Sendmail, Inc.
System Aspects of Spam Control Architecture and Operations Issues IBM Academy 6 Apr 2005 Dave Crocker Brandenburg InternetWorking IBM.

System Aspects of Spam Control Architecture and Operations Issues IBM Academy 6 Apr 2005 Dave Crocker Brandenburg InternetWorking IBM.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
© Copyright 2005. MX Logic, Inc. All rights reserved. 1 Strictly Confidential MX LOGIC CORPORATE OVERVIEW MARCH 2005.

© Copyright MX Logic, Inc. All rights reserved. 1 Strictly Confidential MX LOGIC CORPORATE OVERVIEW MARCH 2005.
1 Fighting Spam at AOL: Lessons Learned and Issues Raised Carl Hutzler Director of Anti-Spam Operations America Online, Inc. 12/9/2005.

1 Fighting Spam at AOL: Lessons Learned and Issues Raised Carl Hutzler Director of Anti-Spam Operations America Online, Inc. 12/9/2005.
DomainKeys Identified Mail (DKIM) D. Crocker Brandenburg InternetWorking mipassoc.org/mass  Derived from Yahoo DomainKeys and Cisco.

DomainKeys Identified Mail (DKIM) D. Crocker Brandenburg InternetWorking mipassoc.org/mass  Derived from Yahoo DomainKeys and Cisco.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.

Similar presentations

Ads by Google