Abstract:
Today in electronic world, email has become a vital means of communication. Nowadays, it is hard to imagine communication without email in any organization. Spamming has become one of the biggest security loopholes in the email. Basic motive of this paper is to understand the current volume of spam generated, types of spam generated. We also discussed mechanisms to control email spamming. In addition, we have tried to find a solution for user to control spamming and save time and money. We have also discussed about general infrastructure of anti spam system, and different filtering techniques to control and minimize spam.
Summary:
In today's electronic world, Email is the backbone for any organization's communication. It is hard to imagine communication without emails in organization. Spam has been a great headache for all the email users. From the first spam sent by Gary Thuerk in 1978 till now, the growth rate of spam has dramatically increasing in exponential fashion. Traffic of email is about 247 billion message per day out of which 81% of these mails are spam. Security experts are trying to make such system which identifies spam's and terminates it. This paper is trying to figure out the reason behind email spamming, current volume of Spam generated and what are the precautionary measures to control Spam? It also tries to figure out how email spamming can be controlled and minimized? This might be helpful for IT managers or Network administrators or Internet service provider (ISPs) and student related to IT. This paper is result of literature review, statistics analysis and testing of software and it consist different statistics data such as number of spam per day, types of spam etc.
This paper also gives you idea about different filtering technique that can be applied to control spam. Due to lack of computer skills and knowledge of novice users spams spreads exponentially. Controlling spam is possible but it cannot be eradicated completely.
Chapter 1 Introduction
1.1 Introduction
As world emerges, People find different ways to communicate with each other, from cave painting to 3G, 4G communication. In the late 1960 and 1970 the emerging of ARPANET is the initiation point of digital communication. As we all know Internet and Email are insecure means of communication. Working of email is totally based on Internet. Now a day we are getting lots and lots of Spam email whichirritate us. In order to communicate with the global world, we need a platform through which we can communicate and understand each other's point of view. Now a day's email is one of the most useful tools for communication around the world. Today email is a backbone of any organization,without email it is almost impossible to perform daily activities, and its use is growing continuously. According to Redicati Group study "Right now in 2009 there are 1.8 billion mail boxes and it is projected that there will be almost two billion email users in 2013. Out of 1.8 billion email account, "74% belong to consumer" where as "24% to corporate users". Currently traffic of email is about "247 billion message per day", which is expected to be double in 2013. In 2009 81% of all email traffic is spam." [1].
Email spam is referred as UBE and UCE. UBE "Unsolicited Bulk E-mail", it is called so because emails are unsought and they are sent in bulk. "UCE" refers to "unsolicited commercial email "used for promoting commercial products. Growth rate of email spam in 90's was increasing in exponential but in recent years it has gone down slightly and it's no more growing in exponential. Thisis because of better filtering technique used by Internet service providers [2].
Email spamming is done for many reasons such as to promote product, to find secret information about the habit of user, etc. Using spam and junk emails unauthorized person can easily penetrate our system and control it. Many users are having trouble with spams as virus or worms which can extract private information of users or monitor their activities in computer or internet, which stop users from their normal usage of computer and cause different hazards. The usage of email has become very common and the security of email has become a hot issue around the globe. The email security is concerned with the management of email storage, policy, auditing, achieving data recovery. To handle all these issue, we are trying to conduct our research in practical approach (proactive approach), so that we can find out an appropriate solution (comprehensive solution) for email spamming.
1.2 Research Question
Our research question for this research is "How can we control and minimize the email spamming?"
1.3 Purpose of research
The main purpose of our research paper is to consider and find out the following subjects and the possible consequences underlyingthem.
1.4 Audience
IT managers or network administrators and anyone who is considering to purchasing and use email scanners to secure their network may get indications on what limitations and workload these kinds of tools can result in.
1.5 Methodology
We choose empirical research methodology for our research. We want to capture contextual data, identify and explore in advance about email spamming, so this method suits best for it. Basic motive to choose this method is to carry our research beyond simple "reporting of observation"(Here we are not going to write just about what we observe; we will use that observation to find appropriate solution). We think that the relevant theory about anti spamming can be proved by ability to work in a real world environment. That is the main reason why, we have decided to use email scannersfor this research. As this theory is more developed, we will collect data, analyze consequences and find out methods through which we can control Email spamming. We will use different email filtering; DNS Based scanning, Checksum techniques etc to detect whether the email is spam or not.
Main purpose of this paper is to control and minimize the email spamming with the help of different tools. We will collect quantitative observation data, technical data from different data sources and evaluate it. From the definition of a secure email system, there are different methodologies and technologies at different levels to minimize email spamming, such as Server level, Client level, Credential server and secure email infrastructure. We are going to follow the following steps to solve our research question.
While doing our research we have done literature review (Quantitative analysis) of following paper.
During the preparation of our research paper, we will use the IMRAD structure which is an acronym for Introduction, Methods, Results and Discussion. It relates to the standard structure of a scientific paper, which typically includes the following four sections in this order [3].
Searching Data:
In this phase we had collected data from our surroundings by performing surveys from our friends and colleagues. Then to get specific data we searched data from specific databases which lead to primarily articles within the subject, but we often get references not the full text.
Analyzing Data:
Different classes of data are studies and collected, to discern a pattern and to formulate principles that might guide towards future action.
Evaluating Data:
In this phase we are going to evaluate the collected data and find out the relationship with the research problem.
Compiling Data:
After evaluating all concerned data that is collected from different data sources will be compiled and presented.
Conclusion & Result:
In the end we will conclude our analysis, formulate result, and support it through different Statistic and observation.
1.7 Limitations:
Due to limitation of time we had tested two scanners. They are Spambulley and Mail washer Pro. We even get problem finding different spam filtering software. We had tested with free and trial version of software, so sometimes it did not give us accurate result but mostly results seem to be accurate.
Chapter 2: Background
History of email spam is about 30 years and rate of email spam is increasing dramatically since. First email spam was sent by Gary Thuerk in 1978, advertising a" DEC product presentation" which was targeted to 600 emailusers (which happens to be all users of "ARPANET" that time) but only more than half intendedrecipients received it. Hackers hacks a Third party computer to send spam email in bulk. A normal user is not much aware about these "cyber criminals". Most of the time user turnoff their firewall, and other security measures, even they do not update security patches recommended by Operating system, virus scanner virus definition regularly. Following are data that we have collected from different source which shows number of spam that is being sent in a day [2].
2.1 Types of Email Spam
Email spamming is done for many reasons such as to promote product, to find secret information about the habit of user, etc. According to data compiled by m86security lab, E-mail Spam for 2009 can be broken down as follows [4].
From above graph we have identified that Products, health and education related spam's are the major contributor in the Spam industry. According to BBC News Reported by Microsoft "More than 97% of the emails" received by the users are spams. According to a Microsoft security report [5]. There are various types of Spam's such as "Appending Spam, Image Spam, Blank Spam, Backscatter Spam, Phishing" etc. 3p's "Pills, porn and poker" are on the top of the list which uses E-mail spam to market their products to the users "[9].
2.1.2 Email Spam Organization wise
Spammer are using phishing technique to phish "banks and other financial institutions" via spam. Social network such as "face book", are also not far from spammer, there were few phishing message on face book in 2008, but today face book is second most "phished online organization". If this trend continues, face book will be on the top of the table by end of 2010[10].The chart below shows the relative distribution of the most phished organizations online [10]
2.1.3 Email Spamming Domain Wise:
Today Spammers uses Botnets (collection of hijacked computers), sometimes also called zombies. They use BOT Client to spread out their messages and programs from one computer to another computer. If these things are continued then it's a big threat for internet users. [10].
2.1.4 Email Spam Language Wise:
As we know English is a Global language, so 90 to 95 percent of spams are in English. "Spammers use Botnets to spread out spams". As compares to the other parts of the world Russian language spams are also "popular". French is the second most linguistic language after English. French and German take part fairly .Sometimes it rises dramatically. Portuguese take part in it occasionally.
2.2 Growth of Email Spam:
To find the Origin of Spam, First we have to find out the geographical location of the computer from which the spam's are being sent. "According to the "Sopho report" United states, Russia, Turkey, China, Brazil, Poland, Italy, South Korea, UK, Spain, Germany, Argentina and some other countries responsible for spreading spam emails around the world" [6].
According to the report United States is in the leading position on the list. Russia comes on the second and Turkey is on the third place. Poland, Italy, South Korea, UK, Spain and Germany were contributed approximately equal ratio. There are some other languages which contributed occasionally.
2.3 Email Infrastructure
There are three main components of email system. Email client, email server and CredentialServer. Credential server isa part of emailserver. Thereare threemain agentofanemail systemwho are responsible for secure transferring of an email, MTA(mail transport agent),MDA (Mail Delivery Agent)and MUA(Mail User Agent).
When a person sent message to another person, the message is routed from server toserver;mail is transport through MTA to the recipient MTA on the internet.MTA works as Post offices, sortingmail carriers, which handle message transportation.MTA uses SMTP protocol for communication with another MTA. Therecipient MTA then delivers an email to incoming mail server called MDA (Mail Delivery Agent).MDA act as mailboxes, which store all messagessent by recipient.MDA act as mailboxes, which store all messagessent by recipient.All mails were retrievedby recipientthrough MUA (Mail User Agent) software. Thereare two mainprotocols POP3 (Post Office Protocol) and IMAP (Internet Message Access Protocol) usedfor retrievinganemail on MDA."POP3is used for retrieving email and, in certain cases, leaving a copy of it on the server" and"IMAPis used for coordinating the status of emails (read, deleted, moved) across multiple email clients. With IMAP, a copy of every message is saved on the server". That's the reasons incoming mail servers are called POP3 and IMAP server. [19]
2.4 Components of secure email system
Secure email system consist of three different components they are Secure email client, Secure Credential Server and Secure email server.
Secure Email client: There are lots of email client available, which are not secure. In order to control we need a secure email client. Which is able to verify that the email received is a good email and it is harmless to the user. secure email client consist of different aspect such as it should be able to handle the certificates issued my Secure email server, It also contain secure address book so that no spam can access it and send spam's email from the list. While sending and receiving email form secure email client it can easily confirm whether the email is properly delivered or not and it can also verify whether the incoming email is from valid sender or not. Secure email client has strong authentication with Secure Email server. It also verifies whether the attached files are spam or not.
Secure Credential server: Credential server is very important for secure email communication. There arevarioustypes of credentials used to support secure communication, such as Public/Private key,Symmetrickeys, X.509 Public Key certificate, attribute certificate, by using encrypted MAC with an additional encryption layer using a symmetric keychoose by the credentialserver. Themost common protocol used by Credential serverareLDAP and SSL. Credential server is responsible for issuing PKI (Issuing PKI server) and setting policy to Security Assertion Markup Language (SAML policy server) [18].
Secure email server (SES): Email server play an important role in secure communication. All protocols such as PGP, MIME and SMIME are initialized ontheserver. Proper installationand updatingof antivirus softwarealso helps in secure communication. SES are responsible for handling of certificates, address book etc. It also verify attachments, whether it content proper information or not. It checks whether the email is from valid sender or not and also verify whether the email is send to correct recipient or on. SES provides strong authentication, and is responsible for "Managements and enforcement of authorizations".
Chapter 3: Structure of Anti Spam System:
This is the structure of Anti email spamming system. There are several steps to determine the nature of an email.
Fig 3.1 Structure of Anti Spam System
Chapter 5: Conclusion & Suggestion:
Email users have been dealing with spam problem since 1978 when first spam was sent out.Health and Sex related products are the major contributor to the spamming industry. Not only individualusereven organizations are being troubled by spams. Most of spams are in English language but we can also find spam in different language such as French, Russian etc. Most of the spams are generated from United States followed by Russia and Turkey.
Everyone might be wondering about such system which detect spam and block it. People might think of 100% secure email system but there is no solution for 100% secure email system; it is just handling spam or issue with corrective measure. In this paper we have discussed few corrective measures to detect email as spam. Incoming email can be analyzed by its IP, whether the email is from trusted or mistrusted IP list. Next technique to identify spam is by Content analysis; which can be achieved by doing keyword analysis, Bayesian analysis, lexical analysis, header analysis, URL analysis, heuristics analysis. Other method to identify spam is by sender authentication and recipient verification. It is also possible to find spam with the help of virus scanner and custom policy (policy set by system administrator). Finger Print analysis and image analysis are also good technique to identify email as spam. There is lots of message filtering software or spam scanner which uses different filtering technique to detect and terminate them.
From our practical we observed that a normal user received 77.4% of spam email. We conducted survey and found that about 30.21% of people receive 11 to 15 emails per day and about 34.38 % people are getting 5 to 10 % spam a day. According to our research we found that 6.06 billion spams per day were received by users around the world. Users wasted 42 billion sec per day just to read, delete spams and get back to real work. There is also a financial productivity loss of about 0.7 billion dollars per day. This is because people are not aware of anti spam software, in our survey we see that only 13.54% of user seems to have idea of anti spam software.
Theoretically spam can be eradicated completely. In practical it is not possible but it can be minimized. Further empirical research is required to verify the theory and to suggest a system which controls or eliminates spams. Research for such expert system which learns new behavior of the spam and thrash it easily can be carried out. We would like to suggest email users not to open any anonymous attachments unless they know the sender personally. We also recommend email user to use anti spam scanner or mail scanner to get rid of spam's.
References:
Appendix
Users Questionnaire
This survey is part of our course Scientific Writing. We are going to write a paper on "Protection against Email Spamming Using Mail Scanner or Mail Assassinator". Answer given by you will be anonymous and it is used for this research only. Thank you for your valuable time.
