|
Camram -- the name derives from "Campaign for Real Mail" -- is
a method for controlling spam that requires spammers to spend
resources for each piece of mail sent. Such an effort tends to make
the sending of bulk e-mail unprofitable for the spammer. This
long-discussed tactic for reducing spam is known as sender-pays.
With Camram, the first-time sender pays not in money but in a small
amount of computation time.
Camram's approach is dubbed "hybrid sender-pays" because it uses
classical sender-pays plus additional methods designed to ease
adoption in existing mail systems. Each incoming e-mail message is subjected to three tests: (1) Does it have a valid stamp? (2) Is it from someone known? (3) Does it pass a content filter? Passing any one of these tests lets the
message reach the user's inbox. The first test allows delivery of messages from parties who have "paid" for postage (spammers would find this uneconomical) without further scrutiny. The second test allows messages from known parties to be delivered without impediment, and without the "expense" of generating postage. All other messages are sent through a content filter.
An address becomes known when the user either sends e-mail to it, or
declares that a previous message from that address is not spam (this
is necessary when the content filter misclassifies a message).
One variant supported by Camram is the postage-due challenge-
response system. In this variant, messages that fail the content
filter are replied to with a challenge notice, which lets the
originator generate postage in a browser. If a message is from an unknown source and is not stamped, it is passed to the content filter. The reason for ordering the tests this way is that content filters are notoriously unreliable -- they frequently misclassify good e-mail as spam and vice versa.
Therefore, it is essential to pull the maximum quantity of good
e-mail out of the stream before subjecting it to possible
misclassification. The content filter analyzes messages to determine
if they are likely to be spam. This is done by scrutinizing the
message header, the body of the e-mail, and attachments (if any).
The Camram currency is based on a system called hashcash. Stamping
involves the use of a mathematical function, a hash, which is
the equivalent of an electronic combination lock. It takes a certain
amount of time -- which can be adjusted according to the number of
digits in the hash function -- to generate an electronic stamp. A
suggested time might be 15 seconds. This makes it impossible for a
spammer to bombard a server with unsolicited e-mail messages in
rapid succession. The magnitude of computation required means that
even a spammer with access to an online army of zombies [4] will
have a hard time generating enough stamps for millions of e-mail
messages.
Eric Johansson, the inventor of the Camram approach, maintains a Web
site about it and is developing the Camram application. Also see e-mail postage.
>> Find white papers, products and vendors related to Camram.
Last updated on: Mar 06, 2007
|
