skip to main content
10.1145/1103576.1103586acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article

Email feedback: a policy-based approach to overcoming false positives

Published:11 November 2005Publication History

ABSTRACT

Current email-control mechanisms, though highly effective, are pro-ne to dropping desirable messages. This can be attributed to their coarseness in filtering out undesirable messages from desirable ones. As a result policies to control undesirable messages are often overly permissive. To allow policies to be more restrictive, the transmission mechanism must be made aware of the ways to document a message so that it is acceptable downstream, thus giving the senders a chance of meeting those requirements. In this work, we design a scheme to enable rejected, but desirable messages to be upgraded in a way that they meet downstream requirements. We call this process 'message refinement'. This in turn allows downstream principals to express and enforce precise requirements as the risk of losing desirable messages is minimized. To apply this scheme uniformly to any email-control mechanism, we provide a flexible and extensible policy language to express message acceptance preferences. We use a constraint logic programming approach to specifying and evaluating these policies and show that their evaluation can be accomplished in PTIME. This supports our belief that this technique can be practically applied.

References

  1. E. Allman. The economics of spam. http://www.acmqueue.com/modules.php?name=Content&pa=showpage&pid=108. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. S. Chhabra, W. S. Yerazunis, and C. Siefkes. Spam filtering using a markov random field model with variable weighting schemas. In ICDM'04: Fourth IEEE International Conference on Data Mining, To appear 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. R. Clayton. Stopping spam by extrusion detection. In CEAS 2004: First Conference on Email and Anti-Spam, July 2004.Google ScholarGoogle Scholar
  4. R. Dai and K. Li. Shall we stop all unsolicited email messages? In CEAS 2004: First Conference on Email and Anti-Spam, July 2004.Google ScholarGoogle Scholar
  5. Danisch.de: Defense against spam and E-Mail forgery. http://www.danisch.de/work/security/antispam.html.Google ScholarGoogle Scholar
  6. Distributed Checksum clearinghouse. http://rhyolite.com/anti-spam/dcc/.Google ScholarGoogle Scholar
  7. C. Dwork, A. Goldberg, and M. Naor. On memory-bound functions for fighting spam. In CRYPTO'03: Advances in cryptology, 2003.Google ScholarGoogle ScholarCross RefCross Ref
  8. C. Dwork and M. Naor. Pricing via processing or combatting junk mail. In CRYPTO'92: Advances in cryptology, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Email Service Provider Coalition. Project Lumos. http://www.networkadvertising.org/espc/lumos_white_paper.asp, Sept 2003.Google ScholarGoogle Scholar
  10. F. Fages. Constructive negation by pruning. Journal of Logic Programming, 32/2, 1997.Google ScholarGoogle Scholar
  11. A. Gray and M. Haahr. Personalized collaborative spam filtering. In CEAS 2004: First Conference on Email and Anti-Spam, July 2004.Google ScholarGoogle Scholar
  12. T. X. R. Group. The XSB programming system. http://xsb.sourceforge.net/.Google ScholarGoogle Scholar
  13. R. Haskins and D. Nielsen. Slamming Spam: A guide for system administrators. Addison Wesley, December 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. J. Jaffar and M. J. Maher. Constraint logic programming: A survey. Journal of Logic Programming, 19/20:503--581, 1994.Google ScholarGoogle ScholarCross RefCross Ref
  15. S. Kaushik, P. Ammann, D. Wijesekera, W. Winsborough, and R. Ritchey. A policy driven approach to email services. In IEEE 5th International Workshop on Policies for Distributed Systems and Networks, New York, June 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. K. Li, C. Pu, and M. Ahamad. Resisting spam delivery by tcp damping. In CEAS 2004: First Conference on Email and Anti-Spam, July 2004.Google ScholarGoogle Scholar
  17. N. Li and J. C. Mitchell. Datalog with constraints: A foundation for trust management languages. In Proceedings of the Fifth International Symposium on Practical Aspects of Declarative Languages (PADL 2003), pages 58--73. Springer, Jan. 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. T. Loder, M. V. Alstyne, and R. Wash. An economic solution to the spam problem. In 5th ACM conference on Electronic Commerce, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. E. Michelakis, I. Androutsopoulos, G. Paliouras, G. Sakkis, and P. Stamatopoulos. Filtron: A learning-based anti-spam filter. In CEAS 2004: First Conference on Email and Anti-Spam, July 2004.Google ScholarGoogle Scholar
  20. M. Naor. Verification of a human in the loop or identification via the turing test. http://www.wisdom.weizmann.ac.il/~naor/ PAPERS/human_abs.html, 1996.Google ScholarGoogle Scholar
  21. Procmail. ftp://ftp.procmail.net/.Google ScholarGoogle Scholar
  22. Realtime Blackhole List. http://www.kelkea.com/.Google ScholarGoogle Scholar
  23. P. Resnick, R. Zeckhauser, E. Friedman, and K. Kuwabara. Reputation systems. Communications of the ACM, 43(12):45--48, December 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Sender Policy Framework. http://spf.pobox.com.Google ScholarGoogle Scholar
  25. Simple Mail Transfer Protocol. RFC 2821, Apr 2001.Google ScholarGoogle Scholar
  26. Spam URI Realtime Blocklist. http://surbl.org/.Google ScholarGoogle Scholar
  27. Spamassassin. http://useast.spamassassine.org/.Google ScholarGoogle Scholar
  28. SpamNet. http://www.cloudmark.com.Google ScholarGoogle Scholar
  29. T. Tomkins and D. Handley. Giving email back to the users: using digital signatures to solve the spam problem. First Monday, 8(9), September 2003.Google ScholarGoogle Scholar
  30. B. Watson. Beyond identity: Addressing problems that persist in an electronic mail system with reliable sender identification. In CEAS 2004: First Conference on Email and Anti-Spam, July 2004.Google ScholarGoogle Scholar
  31. W. S. Yerazunis. Sparse binary polynomial hashing and the CRM114 discriminator. In 2003 Cambridge Spam Conference Proceedings, 2003.Google ScholarGoogle Scholar
  32. B. Yu and M. P. Singh. Detecting deception in reputation management. In Proceedings of Second International Joint Conference on Autonomous Agents and Multi-Agent Systems, pages 73--80, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Email feedback: a policy-based approach to overcoming false positives

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in
        • Published in

          cover image ACM Conferences
          FMSE '05: Proceedings of the 2005 ACM workshop on Formal methods in security engineering
          November 2005
          90 pages
          ISBN:1595932313
          DOI:10.1145/1103576

          Copyright © 2005 ACM

          Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 11 November 2005

          Permissions

          Request permissions about this article.

          Request Permissions

          Check for updates

          Qualifiers

          • Article

          Upcoming Conference

          CCS '24
          ACM SIGSAC Conference on Computer and Communications Security
          October 14 - 18, 2024
          Salt Lake City , UT , USA

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader