Modules
· Home
· Free Downloads
· Search
· Stories Archive
· Web Links
· Your Account
 
Login
Nickname

Password

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.
 
Fighting SPAM; Automatic Distributed Notification System








After reading an interesting site The Spam Problem: Moving Beyond RBLs I am more interested in a plan I have for a better way to fight SPAM.

The best way to describe it would be an Automatic Distributed Notification System.

SPAMers need to send out a lot of email. Some reports indicate that a system setup to send out SPAM will do so in the order of millions of emails per day. SPAMers do not just use one system to do this they will often recruit the use of zombie systems that are someone else's computer that has been infected with a computer virus that allowed the SPAMer to take over control of the system. Many people with computers that have been turned into zombies do not even know that this has happened.

My plan is to have a free service where a reporting server network maintains an automatic database of instantaneous threat levels based on a point system. Every email sent from an IP address increases the accumulated points and over the passage of time the points go back down.

Receiving SMTP servers would report the originating IP address of all email with a calculated value that generally describes the local threat of the message. When the receiving SMTP server sends this report it will receive a numerical value to tell it the level of threat that the message could be SPAM. This number will be between 0 and 1000. Zero being no chance this is SPAM and 1000 being that this message is SPAM. Administrators and individual users can use filtering to decided what to do with the messages after that.

Every message sent from an IP address will slightly increase the point value of that IP being used for sending SPAM. The receiving SMTP server would use a common content scanner to decide the threat level of the message and send that number to the reporting server. Points could be assigned like so 1 point for just making a connection and add 2 points if the local content scanner qualifies it as SPAM. If the administrator of the receiving SMTP server wants they can add additional 2 points if the email came from a foreign country.

Although the reporting service could be totally free, administrators of receiving SMTP servers that want to use the service would have to apply for access to the service and be registered with the reporting network to prevent a SPAMer from performing a DDoS (Distributed Denial of Service) attack on the reporting network. With receiving SMTP servers registered the network that deals with the reporting could be dynamic in the Internet and the workload could shift from one anonymous server to another and load balancing would be easy to do.

Large Web Mail companies and ISP's would be exempt from points collection. In the beginning this information would be monitored to determine who these exemptions would be.

I welcome your input on this and any ideas you have that would help make this better. If you are a developer and would like to work on this project please contact me so that we may collaborate.

Royce.Souther@SiliconTao.com










Copyright © by www.SiliconTao.com All Right Reserved.

Published on: 2007-02-16 (6436 reads)

[ Go Back ]
All logos and trademarks in this site are property of their respective owner. The contents of this site is Copyright © 2004 Silicon Tao Technology Systems Inc.
PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.24 Seconds

:: Charcoal2 phpbb2 style by zarron designs © :: PHP-Nuke theme by www.nukemods.com © ::