measuring the role of greylisting and nolisting in
play

Measuring the Role of Greylisting and Nolisting in Fighting Spam F. - PowerPoint PPT Presentation

Jan 17, 2024 •122 likes •559 views

Measuring the Role of Greylisting and Nolisting in Fighting Spam F. Pagani 1 M. De Astis 2 M. Graziano 1 A. Lanzi 2 D. Balzarotti 1 1 Eurecom Sophia Antipolis, France 2 Universit` a degli Studi di Milano Milano, Italy International Conference

  1. Measuring the Role of Greylisting and Nolisting in Fighting Spam F. Pagani 1 M. De Astis 2 M. Graziano 1 A. Lanzi 2 D. Balzarotti 1 1 Eurecom Sophia Antipolis, France 2 Universit` a degli Studi di Milano Milano, Italy International Conference on Dependable Systems and Networks, 2016 F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 1 / 27

  2. Spam Detection A lot of research has been done on spam filtering techniques: Sender-based: blacklists, IP reputation, server auth... Content-based: bayesian filters, email prioritization... Greylisting and Nolisting are two relatively-unknown sender-based approaches, not well studied F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 2 / 27

  3. Spam Detection A lot of research has been done on spam filtering techniques: Sender-based: blacklists, IP reputation, server auth... Content-based: bayesian filters, email prioritization... Greylisting and Nolisting are two relatively-unknown sender-based approaches, not well studied F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 2 / 27

  4. Intro Nolisting 1 Very simple technique 2 Primary mail server non-existent 3 RFC-2821 compliant: “To provide reliable mail transmission, the SMTP client MUST be able to try (and retry) each of the relevant addresses in this list in order , until a delivery attempt succeeds... In any case, the SMTP client SHOULD try at least two addresses.” F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 3 / 27

  5. Intro Nolisting Primary MailServer Secondary MailServer MTA DNS (foo.smtp.net) (foo1.smtp.net) MX QUERY for foo.net MX 0 smtp.foo.net MX 15 smtp1.foo.net A QUERY for smtp.foo.net ANSWER: 1.2.3.4 H E L O l o c a l . n a m e A QUERY for smtp1.foo.net ANSWER: 5.6.7.8 HELO local.name I am glad to meet you 250 Hello local.name, F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 4 / 27

  6. Intro Nolisting Primary MailServer Secondary MailServer MTA DNS (foo.smtp.net) (foo1.smtp.net) MX QUERY for foo.net MX 0 smtp.foo.net MX 15 smtp1.foo.net A QUERY for smtp.foo.net ANSWER: 1.2.3.4 H E L O l o c a l . n a m e A QUERY for smtp1.foo.net ANSWER: 5.6.7.8 HELO local.name I am glad to meet you 250 Hello local.name, F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 4 / 27

  7. Intro Nolisting Primary MailServer Secondary MailServer MTA DNS (foo.smtp.net) (foo1.smtp.net) MX QUERY for foo.net MX 0 smtp.foo.net MX 15 smtp1.foo.net A QUERY for smtp.foo.net ANSWER: 1.2.3.4 H E L O l o c a l . n a m e A QUERY for smtp1.foo.net ANSWER: 5.6.7.8 HELO local.name I am glad to meet you 250 Hello local.name, F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 4 / 27

  8. Intro Nolisting Primary MailServer Secondary MailServer MTA DNS (foo.smtp.net) (foo1.smtp.net) MX QUERY for foo.net MX 0 smtp.foo.net MX 15 smtp1.foo.net A QUERY for smtp.foo.net ANSWER: 1.2.3.4 H E L O l o c a l . n a m e A QUERY for smtp1.foo.net ANSWER: 5.6.7.8 HELO local.name I am glad to meet you 250 Hello local.name, F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 4 / 27

  9. Intro Nolisting Primary MailServer Secondary MailServer MTA DNS (foo.smtp.net) (foo1.smtp.net) MX QUERY for foo.net MX 0 smtp.foo.net MX 15 smtp1.foo.net A QUERY for smtp.foo.net ANSWER: 1.2.3.4 H E L O l o c a l . n a m e A QUERY for smtp1.foo.net ANSWER: 5.6.7.8 HELO local.name I am glad to meet you 250 Hello local.name, F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 4 / 27

  10. Intro Greylisting Message rejected for a certain amount of time ( greylisting threshold ) The MTA keeps trying until the message is accepted Further messages accepted without delay: < sender address, sender ip, recipient address > RFC-2821 compliant: “The sender MUST delay retrying a particular destination after one attempt has failed...Retries continue until the message is transmitted or the sender gives up; the give-up time generally needs to be at least 4-5 days.” F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 5 / 27

  11. Intro Greylisting Primary MailServer MTA (foo.smtp.net) HELO local.domain.name 250 Hello local.domain.name M A I L F R O M : < s e n d e r @ l o c a l . d o m a i n . n a m e . n e t > K n d e r O 5 0 S e 2 RCPT TO: <recipient@foo.net> Greylisted 450 Recipient address rejected: ∆ threshold RCPT TO: <recipient@foo.net> 250 Recipient OK F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 6 / 27

  12. Intro Greylisting Primary MailServer MTA (foo.smtp.net) HELO local.domain.name 250 Hello local.domain.name M A I L F R O M : < s e n d e r @ l o c a l . d o m a i n . n a m e . n e t > K n d e r O 5 0 S e 2 RCPT TO: <recipient@foo.net> Greylisted 450 Recipient address rejected: ∆ threshold RCPT TO: <recipient@foo.net> 250 Recipient OK F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 6 / 27

  13. Intro Greylisting Primary MailServer MTA (foo.smtp.net) HELO local.domain.name 250 Hello local.domain.name M A I L F R O M : < s e n d e r @ l o c a l . d o m a i n . n a m e . n e t > K n d e r O 5 0 S e 2 RCPT TO: <recipient@foo.net> Greylisted 450 Recipient address rejected: ∆ threshold RCPT TO: <recipient@foo.net> 250 Recipient OK F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 6 / 27

  14. Intro Greylisting Primary MailServer MTA (foo.smtp.net) HELO local.domain.name 250 Hello local.domain.name M A I L F R O M : < s e n d e r @ l o c a l . d o m a i n . n a m e . n e t > K n d e r O 5 0 S e 2 RCPT TO: <recipient@foo.net> Greylisted 450 Recipient address rejected: ∆ threshold RCPT TO: <recipient@foo.net> 250 Recipient OK F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 6 / 27

  15. Greylisting & Nolisting The main assumption of the two techniques is that spam-bot are not RFC-compliant (fire-and-forget). Pros Cons Easy to implement Easy to evade RFC Compliant Benign email lost/delayed Do work Don’t work F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 7 / 27

  16. Motivation F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 8 / 27

  17. Motivation F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 8 / 27

  18. Motivation F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 8 / 27

  19. Motivation F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 8 / 27

  20. Contributions Worldwide adoption of Nolisting Impact on spam delivery Greylisting and the Real World F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 9 / 27

  21. Adoption of Nolisting We used two dataset from scans.io (zmap): 1 DNS records (135M domains): Steps d.com mx 0 smtp.f.net D → MX 1 , MX 2 .. d.com mx 15 smtp1.f.net MX i → IP i smtp.f.net a 1.2.3.4 Nolisting: 2 Full IPv4 SMTP: IP 1 �⊂ IPv4SMTP 1.1.1.1 IP 2 ⊂ IPv4SMTP 1.2.3.10 1.3.4.5 F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 10 / 27

  22. Adoption of Nolisting We used two dataset from scans.io (zmap): 1 DNS records (135M domains): Steps d.com mx 0 smtp.f.net D → MX 1 , MX 2 .. d.com mx 15 smtp1.f.net MX i → IP i smtp.f.net a 1.2.3.4 Nolisting: 2 Full IPv4 SMTP: IP 1 �⊂ IPv4SMTP 1.1.1.1 IP 2 ⊂ IPv4SMTP 1.2.3.10 1.3.4.5 F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 10 / 27

  23. Adoption of Nolisting We used two dataset from scans.io (zmap): 1 DNS records (135M domains): Steps d.com mx 0 smtp.f.net D → MX 1 , MX 2 .. d.com mx 15 smtp1.f.net MX i → IP i smtp.f.net a 1.2.3.4 Nolisting: 2 Full IPv4 SMTP: IP 1 �⊂ IPv4SMTP 1.1.1.1 IP 2 ⊂ IPv4SMTP 1.2.3.10 1.3.4.5 F. Pagani , M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti Measuring the Role of Greylisting and Nolisting in Fighting Spam 10 / 27

Recommend

Key Performance I ndicators in Measuring PAI s &amp; PLO Performance For Electrical Engineering

Key Performance I ndicators in Measuring PAI s &amp; PLO Performance For Electrical Engineering

Key Performance I ndicators in Measuring PAI s &amp; PLO Performance For Electrical Engineering Department Curriculum of Malaysian Polytechnics (The he role o of KPIs Is to assess a and improve the he Ou Outcomes-based E Educati tion)

741 views • 47 slides
ITU on Measuring Speech Quality Measuring Perceived Quality Typically done by using standards

ITU on Measuring Speech Quality Measuring Perceived Quality Typically done by using standards

Outline Measuring Perceived Quality of Introduction Speech and Video in Multimedia Measuring Perceived Quality Conferencing Applications What is Multimedia Quality? UCL Approach to Measuring Quality Anna Watson and M. Angela

328 views • 4 slides
Ontario Rental Market Study Results: Measuring the Supply Gap / Renovation Investment and the

Ontario Rental Market Study Results: Measuring the Supply Gap / Renovation Investment and the

Ontario Rental Market Study Results: Measuring the Supply Gap / Renovation Investment and the Role of Vacancy Decontrol AGENDA Measuring the Supply Gap Estimating Current Rental Demand in Ontario Drivers of Demand and Projections

586 views • 34 slides
Describing is good: measuring is better. A new means of measuring the effectiveness of networks

Describing is good: measuring is better. A new means of measuring the effectiveness of networks

Describing is good: measuring is better. A new means of measuring the effectiveness of networks and simultaneously strengthening their function 9 th September 2015 Claire Grealy (Urbis) Gail Winkworth &amp; Michael White Known dimensions of

422 views • 16 slides
Measuring the Internet Project Introduction Mat Ford / David Belson measuring@isoc.org

Measuring the Internet Project Introduction Mat Ford / David Belson measuring@isoc.org

14 September, 2020 African Internet Summit Measuring the Internet Project Introduction Mat Ford / David Belson measuring@isoc.org Presentation title Client name Measuring the Internet Why? The Internet Societys efforts focus on

336 views • 9 slides
Measuring the Measuring the Benefits of Income- B Based Repayment d R t for Graduate and

Measuring the Measuring the Benefits of Income- B Based Repayment d R t for Graduate and

Measuring the Measuring the Benefits of Income- B Based Repayment d R t for Graduate and for Graduate and Professional St d Students t Jason Delisle, Alex Holt, &amp; Kristin Blagg gg New America Foundation Rationale for

864 views • 17 slides
Measuring Environmental &amp; Social Value Introduction Agenda Introductions What is

Measuring Environmental &amp; Social Value Introduction Agenda Introductions What is

Measuring Environmental &amp; Social Value Introduction Agenda Introductions What is value? Why measuring broader value is important Measuring Environmental Value Coffee Break Measuring Social Value Questions

440 views • 30 slides
Measuring What Matters Quality, Impact and Measuring Social Value Philip Angier, Angier Griffin

Measuring What Matters Quality, Impact and Measuring Social Value Philip Angier, Angier Griffin

Measuring What Matters Quality, Impact and Measuring Social Value Philip Angier, Angier Griffin Measuring what matters Introductions: Name Organisation Where youre from first part of postcode Size approx annual

583 views • 27 slides
Measuring Happiness the Big Data Way Measuring emotional content Clinical and Translational

Measuring Happiness the Big Data Way Measuring emotional content Clinical and Translational

Happiness Some motivation Measuring Happiness the Big Data Way Measuring emotional content Clinical and Translational Research Seminar, UVM Data sets Analysis Songs Peter Dodds, Chris Danforth, Blogs SOTU Isabel Kloumann, Cathy Bliss,

886 views • 62 slides
Measuring -- a Simple Solution!? Why not obtain a WCET estimate by measuring the execution time?

Measuring -- a Simple Solution!? Why not obtain a WCET estimate by measuring the execution time?

Measuring Execution Times Peter Puschner Benedikt Huber slides credits: P. Puschner, R. Kirner, B. Huber VU 2.0 182.101 SS 2015 Contents Why (not to) measure

832 views • 43 slides
Measuring over-indebtedness Measuring over-indebtedness EU indicators Brussels, December 12,

Measuring over-indebtedness Measuring over-indebtedness EU indicators Brussels, December 12,

Measuring over-indebtedness Measuring over-indebtedness EU indicators Brussels, December 12, 2014 A lot of information available Various institutions Eurostat European Central Bank Eurobarometer World Bank Ad-hoc

447 views • 19 slides
Measuring medical engagement the new leadership challenge Paul W Long 24 June 2014 THE NEW

Measuring medical engagement the new leadership challenge Paul W Long 24 June 2014 THE NEW

Measuring medical engagement the new leadership challenge Paul W Long 24 June 2014 THE NEW LEADERSHIP CHALLENGE: Dont underestimate the role of leadership More patients suffer needless harm (and death) through poor management and

719 views • 41 slides
From ISAC Meeting, Aug. 12, 2015 Challenges Demographics The Role of Families Reaching

From ISAC Meeting, Aug. 12, 2015 Challenges Demographics The Role of Families Reaching

Provider Alliance August 28 th th From ISAC Meeting, Aug. 12, 2015 Challenges Demographics The Role of Families Reaching the Unserved and Underserved Quality Doing and Measuring What Matters Strengths and Opportunities 1 2

416 views • 19 slides
Measuring &amp; Using Patient Experiences: Surveying Adult and Child Patients Measuring &amp;

Measuring &amp; Using Patient Experiences: Surveying Adult and Child Patients Measuring &amp;

Measuring &amp; Using Patient Experiences: Surveying Adult and Child Patients Measuring &amp; using patient experience: surveying adults and children What we will cover: About Picker Institute Europe Introduction Conducting and using surveys

1.03k views • 75 slides
Measuring, Modeling, and Shaping Skill Development Andrew Caplin: HCEO Conference on Measuring and

Measuring, Modeling, and Shaping Skill Development Andrew Caplin: HCEO Conference on Measuring and

Measuring, Modeling, and Shaping Skill Development Andrew Caplin: HCEO Conference on Measuring and Assessing Skills Chicago, October 2 2015 Introduction I Will pose ve basic (abstract) questions I Question 1: How well does standard multiple

1.05k views • 28 slides
Measuring Happiness the Big Data Way Measuring emotional content DPG Spring Meeting, Dresden

Measuring Happiness the Big Data Way Measuring emotional content DPG Spring Meeting, Dresden

Happiness Some motivation Measuring Happiness the Big Data Way Measuring emotional content DPG Spring Meeting, Dresden 2011 Data sets Analysis Songs Peter Dodds, Chris Danforth, Blogs Tweets Isabel Kloumann, Cathy Bliss, and Kameron

791 views • 55 slides
A role for kiwifruit in managing blood glucose John Monro, Plant &amp; Food Research Host

A role for kiwifruit in managing blood glucose John Monro, Plant &amp; Food Research Host

A role for kiwifruit in managing blood glucose John Monro, Plant &amp; Food Research Host Institution Plan of talk Measuring the properties of kiwifruit that could be beneficial Testing the role of kiwifruit properties in clinical trials

231 views • 22 slides
IGU AMI Presentation: Linkages, Investments and Diversification The role of South African

IGU AMI Presentation: Linkages, Investments and Diversification The role of South African

IGU AMI Presentation: Linkages, Investments and Diversification The role of South African investment in the region and its linkages to various economies : Case example of SASOIL between Mozambique and South Africa - Measuring the development

582 views • 3 slides
Structural Transformation in China and India: The Role of Macroeconomic Policies Codrina Rada

Structural Transformation in China and India: The Role of Macroeconomic Policies Codrina Rada

Structural Transformation in China and India: The Role of Macroeconomic Policies Codrina Rada Department of Economics University of Utah Special IARIW-SAIM Conference on Measuring the Informal Economy in Developing Countries Kathmandu,

344 views • 23 slides
MEASURING E-COMMERCE SOME NEW DEVELOPMENTS vincenzo.spiezia@oecd.org Measuring e-commerce

MEASURING E-COMMERCE SOME NEW DEVELOPMENTS vincenzo.spiezia@oecd.org Measuring e-commerce

MEASURING E-COMMERCE SOME NEW DEVELOPMENTS vincenzo.spiezia@oecd.org Measuring e-commerce What we have achieved What is still missing What we can do about it OECD definitions of e-commerce 2001: broad and narrow (Internet)

451 views • 16 slides
Measuring happiness Measuring emotional content Santa Fe Institute, June 10, 2009 Data sets

Measuring happiness Measuring emotional content Santa Fe Institute, June 10, 2009 Data sets

Happiness Some motivation Measuring happiness Measuring emotional content Santa Fe Institute, June 10, 2009 Data sets Analysis Songs Blogs Peter Dodds &amp; Chris Danforth SOTU Future work Prediction Department of Mathematics &amp;

1.05k views • 91 slides
Workshop 1. . Measuring impact on end learners Purpose of f this workshop To explore

Workshop 1. . Measuring impact on end learners Purpose of f this workshop To explore

Workshop 1. . Measuring impact on end learners Purpose of f this workshop To explore different ways of measuring impact on end learners To share tools and whats worked To be honest about some of the challenges Measuring Im

214 views • 5 slides
Measuring the Economy: An ONS online book Georgia Tasker-Davies Project Manager Measuring

Measuring the Economy: An ONS online book Georgia Tasker-Davies Project Manager Measuring

Measuring the Economy: An ONS online book Georgia Tasker-Davies Project Manager Measuring the Economy Ed Palmer Deputy Chief Economic Advisor In 2016, there was an independent review of UK economic statistics This lead to a programme to

458 views • 16 slides
Measuring What Matters -- CTCs New Approach to Measuring PR, Media Relations and Social Media

Measuring What Matters -- CTCs New Approach to Measuring PR, Media Relations and Social Media

Measuring What Matters -- CTCs New Approach to Measuring PR, Media Relations and Social Media Katie Delahaye Paine Senior Consultant Paine Publishing Dont Measure Whats Easy 2 Measure What Matters 3 News Group International

622 views • 41 slides

More recommend