T. Eggendorfer and J. Keller (Germany)
Spam, harvester, dynamic access control, SMTP, HTTP, tar pit, proactive protection
Almost all current anti spam measures are reactive, filtering being the most common. But to react means always to be one step behind. Reaction requires to predict the next action of the attacker. So the focus on fighting spam should rather be on prevention. Current proposals focus on fixing SMTP's lack of authentication, but introduce two new major problems: First, all current attempts break existing SMTP functionality and, second, it seems to be hardly possible to enforce a change of SMTP world wide. Therefore other preventive measures should be implemented. The most promising approach is to prevent spammers from collecting email addresses. Several proposals show ways to obfuscate addresses on web pages and to create HTTP tar pits in order to catch spammers' harvesters. In our previous work, we combined a HTTP tar pit with a SMTP tar pit and found it to be very effective in trapping harvesters. Here, we extend the use of the combined tar pit to identify harvesters and to dynamically block access to web pages for harvesters, because of the combined tar pit's high efficiency. We present a test setup to validate the effectiveness of our tool. As the experiment is still running, we can only report on preliminary findings so far.
Important Links:
Go Back
