Discuss/Comment     Newsletter     Link to us     Bookmark this site    

Emerson Development LLC

Advances in Computers and Communications

[Home] [Spam Solution]

"The Notary" -- a Solution to Spam

A Simple Enhancement To The E-mail Protocols That Stops Junk Mail At The Source

The Emerson Development Company is pleased to announce the first real solution to the problem of junk e-mail. Similar to having a document notarized, "The Notary™", our patent-pending solution,

The Notary™ doesn't just block junk mail, it prevents spam from ever being sent.

introduces a new step in the Simple Mail Transfer Protocol (SMTP) in which the receiving server asks the sender's e-mail server to affirm that the sender actually sent the message. In the early days of the Internet, e-mail was a trusted environment between colleagues at universities and research facilities like Bell Labs. Consequently, the e-mail protocols were established as an enabler, with little concern of fraudulent usage. It is the looseness of these protocols that allows spam to exist. While some approaches to stop spam are extremely complex, our protocol enhancement is an elegant solution to the fundamental weakness in the e-mail protocols that is straightforward and simple to implement -- it adds one new SMTP command and one step in the process of receiving e-mail by a server.

There are two kinds of junk e-mail:

  1. E-mail that is legitimate, but undesired by some recipients (perhaps CitiBank wants you to have a new Visa card). This is sometimes called UCE (Unsolicited Commercial E-mail), and is characterized by a sender who represents themselves as who they really are (i.e., the sender is shown as CitiBank). Like fraudulent e-mail, the sender may lie about the recipient having "opted-in" to receive mailings. This type of junk e-mail constitutes less than one percent of spam, and is manageable by conventional approaches.
  2. E-mail from fraudulent sources that lie about or disguise their identity using falsified e-mail addresses and other tricks (they also lie about "opting-in").  This type of junk e-mail constitutes more than 99% of spam, and is solved by The Notary™.

Spammers use two basic tricks. To avoid having their Internet access account shut off, spammers bypass their ISP's e-mail server when they send mail, and instead connect directly to the recipient's server by using special spamming software. Bypassing their ISP enables them to disguise themselves, so they use false identities and e-mail headers on mail they send.

there is no validation for information passed from the sending server to the receiving server in the SMTP mail transfer process”

The crux of the problem, and the essential weakness of SMTP, is that there is no validation for information passed from the sending server to the receiving server in the SMTP mail transfer process. Thus, falsified identity and e-mail headers go undetected by the receiving server. SMTP mail transfer is conducted using five commands: HELO or EHLO (sender announces its domain name), MAIL (the "From:"), RCPT (recipient, the "To:"), DATA (e-mail headers and the message itself), and QUIT. The only available validation of all this information is for the receiving server to query DNS to see if the domain names given by the sending system in the HELO (or EHLO) and MAIL commands actually exist. So, if a spammer forges a real domain name (and they do, there are 80 million active domains to choose from), the receiving server must accept the e-mail as legitimate.

Since spammers also typically forge real user e-mail addresses as the "sender", common techniques of making whitelists or blacklists of good or bad senders are unreliable, and experience-based heuristics make many false positives and false negatives. Some spam software is moderately effective at blocking spam using these techniques (much still gets through), although at the unfortunate expense of occasionally blocking legitimate e-mail. Basically, these techniques guess at which messages are fraudulent. Furthermore, 70-80% of all e-mail is now spam, flooding e-mail servers with tens of billions of message a day, and spam-blocking software does nothing to relieve this load.

The Notary™ validates the information passed by the sending system and eliminates fraudulent e-mail by "notarizing" messages – by asking the "sender of record" e-mail server: "Did your user really send this message?" If Yes, the message is accepted, if No, the message is rejected. The process is simple: during mail transfer, after the message has been received but before the receiving system acknowledges and accepts the message, the receiving system opens a separate connection to the e-mail server of the domain listed as the sender. The receiving system passes the message headers (which include a Message ID) to the server of the "sender of record" and asks for the message to be notarized. That server compares the message headers with its logs, and either notarizes the message if the "sender of record" actually sent the message, or denies the message. If the message is denied, the receiving system will then go back  to the sending system (in the still-open connection) and reject the message.

The Notary™ prevents any e-mail not actually sent by the "From" user from being accepted by a receiving server. This process will stymie spammers – they won't even be able to send their mail, reducing the load on the entire e-mail system by 70-80%. Since The Notary™ remedies an inherent deficiency in SMTP in a simple and straightforward fashion, it should be incorporated into SMTP regardless of any other actions or policies taken to reduce spam. SMTP should have been this way from the beginning.


[Home] [Telecom] [Spam Solution] [THE END OF SPAM] [SpamComments] [Keyboard Tech] [Discuss] [Contact/About] [Investors]