Graduation Year

2005

Document Type

Thesis

Degree

M.S.Cp.E.

Degree Granting Department

Computer Science and Engineering

Major Professor

Kenneth J. Christensen, Ph.D.

Committee Member

Miguel Labrador, Ph.D.

Committee Member

Nagarajan Ranganathan, Ph.D.

Keywords

Spam, Smtp, Sender payment, Networks, Spoofing

Abstract

A new authentication mechanism for validating the source of messages over the Internet is designed and evaluated. This mechanism is applied to email and is called Email++. Email++ prevents identity forging (spoofing) and tampering of email contents. By preventing identity forging, Email++ can reduce the amount of spam received and limit the spread of viruses like Melissa, Love Bug, Bagle Worm, and Killer Resume. Email++ validates both the sender and the receiver of an email by confirming the senders identity with the domain mail server that delivered the email for the sender, and authenticates the receiver with hash value comparisons. Email++ enables payment mechanisms, including micro-cash, and challenge response schemes that use puzzle solving.

MD5 hash signatures generated both at the sender and the receiver locations are used for validating the senders identity and for making email tamper resistant in the network. An out-of-band TCP connection established between the sender and the receiver is used as a communication channel for validating the sender as well as the senders email server. The information needed for establishing an out-of-band TCP connection is obtained by querying the DNS (Domain Naming System), instead of using email headers from the received mail, which are susceptible to spoofing.

The Email++ technique is compared with existing anti spam and anti-spoof techniques like SPF, Yahoo Domain Keys, Microsoft Sender ID, TEOS and PGP. The Email++ specification is evaluated by developing both Email++ client and Email++ server programs in C language and using Sendmail 8.12 as the mail server. The performance of Email++ is compared with standard SMTP protocol implementation of Sendmail 8.12. Several factors are considered in evaluating the performance. CPU demand, memory demand, bandwidth demand, email latency, and extra DNS load are measured for both email sender and the receiver. The performance evaluation results show that Email++ adds an extra CPU demand of about 11%. The extra memory required by Email++ is nearly 3%. The bandwidth demand of Email++ is around 15% greater than the standard SMTP for sending 500 emails of 3.5KB each. Extra load on DNS increases by one connection for every incoming mail at the receiver.

Share

COinS