Report - Bachelor thesis about anti-spam measures
Which anti-spam methods are used?It figured out that blacklisting is the method most widely used. More than 82% of all providers use blacklisting to combat unwanted emails. Content filters are used by 75% of all providers and are also very important for anti-spam. More statistics on usage and effectiveness of anti-spam methods can be found in chapter 6 of the thesis.
Research on blacklistingDuring research on blacklisting I gained very interesting results. I created a matrix with intersections of blacklists. With this I e.g. figured out false entries of the whitelist dnswl.org. Furthermore you can see whether it makes sense to combine different blacklists.
Pic 1 - Matrix of intersections (see chapter 7.7), values are percentages
Together with colleague of mine I developed a concept for a hamtrap, which collects dedicated ham emails (legitimate, non-spam emails). This hamtrap can be used to measure false positive rates of blacklists. For more information please have a look at chapter 7.
Pic 2 - Concept of hamtrap (see chapter 7.8)
Recommendations for providersIn the end I gave some hints for providers how to mitigate the spam problem. Summarising I recommended to manage port 25, offer sender authentication data and combine the most effective anti-spam methods. There are some practices you should not do (like sender address verification a.k.a. sender callout). Thus I added a list of things a provider should abstain from.
OutlookThe concepts developed in the thesis, especially the hamtrap, will be implemented in the next months. My current employer, the Institute for Internet Security will publish many results of blacklist research on a website dedicated for it. It is scheduled to be online late in October, but I will keep you up to date via my homepage.
Today I received a confirmation for a speaking slot in the anti-spam working group at the 55th RIPE event in Amsterdam. You are more than welcome to join me during my talk on 25th October. There will also be a live stream. I will keep you up to date on this matter, too.
Download of thesisJust in case you missed it until now, please have a look at the thesis.