Here is a taxonomy I did over the weekend. I tried to bend it into
a list of additions to Paul Judge's, but I feel that the categories
overlap and that both the Paul Judge draft and the Hadmut Danisch draft
offer a premature binding to processes or dataflow. For example, many
of the classifiers contribute something to both identifying unwanted or
identifying unwanted.
For ease of use, '+' marks new items that I have not observed on previous
lists, but which are already "out there" being implemented by somebody,
and '**' marks items that nobody has implemented yet (that I am aware).
Taxonomy of solutions
- content filtering
- heuristics (content, headers, paths, combinations of any feature
below)
- learning
- network-address-indexed blacklists
- open relay blacklists
- open proxy blacklists
+ dialup lists
- content-indexed blacklists
- bulk detectors (DCC)
- collaborative filters (Razor, Pyzor)
** URLS and phone numbers
- sender whitelists
- basic recipient-administered
- sender verified as human
- challenge/response, Turing test
- third-party trust/reputation
- recipient whitelists
- tagged/disposable addresses
- sender accountability
- digital signature
- non-repudiation
+ auditing-based (Bonded Sender)
- sender pays
- proof-of-work/cycles (hashcash)
- micropayments
- protocol hints or restrictions
** associate permissible (env-sender,src-addr) (RMX, Designated Sender,
Vixie MAIL_FROM)
- rate limiting (ingress or egress)
+ teergrube/tarpit
+ honeypot spam recipients for rapid acquisition/analysis of spam content
(MessageLabs commercial service)
** consent verification
- legal
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg