Page 56 - ASBIRES-2017_Preceedings
P. 56
Alagalla & Arudchelvam
This is a basic example of runtime encoding. (DNS) which records for that domain in the
There are many schemes to reduce file size form of a specially formatted TXT record.
by eliminating redundancy. Email spam and phishing often use "forged"
addresses. Therefore, publishing and
3.3 Step 3: Classifying Spam
checking SPF records can be considered as
Through the above steps, we take anti-spam techniques.
standardized e-mail documents as a training
document, pre-processing of e-mail, The Simple Mail Transfer Protocol
extracting useful information, saving in text allows any computer to send email claiming
documents according to the attachment to be from any source address. This is taken
format, dividing the entire document into as an advantage by spammers who often use
words, extracting Spam document feature counterfeit email addresses; making it more
vector and translate into the array format difficult to trace a message back to their
that is vector array. source; easy for spammers to hide their
identity in order to avoid liability.
We look for the optimal classification
using the selected algorithm that is SPF allows the owner of an Internet
constructed using the feature vector of the domain to specify which computers are
spam document by Google authorized to send email with "from"
addresses in that domain, using Domain
3.4 A Specific ISP (Internet Service Name System (DNS) records. Receivers
Provider) verifying SPF information in TXT records
Few things could cause a specific ISP, may reject messages from unauthorized
like Comcast or Hotmail, to junk emails: sources before receiving the body of the
message.
A bad IP reputation will get emails
junked. Protect IP reputation. Therefore, the operating principles are
similar to those of the DNS-based black hole
Not having a sunset policy in place for lists (DNSBL), except that SPF uses the
unengaged prospects leads to bad Domain Name System (DNS) authority
engagement metrics, which makes email delegation scheme.
look unwanted and spammy.
v=spf1 ip4:192.0.2.0/24 ip4:198.51.100.081
Not segmenting out prospects can be a –all
made to look spammy. For example, if
send tons of emails to Comcast email "v=" defines the version of SPF used.
addresses one day, they're going to The following words provide mechanisms to
use to determine if a domain is eligible to
assume spamming. This helps show ISPs send mail. The "ip4" and "a" specify the
that emails are legitimate and wanted. systems permitted to send messages for the
given domain. The "-all" at the end specifies
4 IMPLEMENTATION
that, if the previous mechanisms did not
4.1 SPF Records (Sender Policy ramework) match, the message should be rejected.
Sender Policy Framework (SPF) is a 4.2 DKIM Records
simple email validation system designed to Identified Domain Key Mail (DKIM)
detect email spoofing by providing a helps protect company from spam and
mechanism to allow receiving email phishing email attempts.
exchangers to verify that incoming mail
from a domain comes from a host authorized Further, the proposed system provides a
by the administrators of that domain. The method for validating a domain name
list of authorized sending hosts for a domain identity that is associated with a message
is published in the Domain Name System through cryptographic authentication.
46
